Zone migration in network access

US 8,566,912 B2
Filed: 05/23/2012
Issued: 10/22/2013
Est. Priority Date: 07/07/2009
Status: Active Grant

First Claim

Patent Images

1. A method for determining whether to allow a network user communicating with a first access point within a privately controlled computer network including multiple access points to migrate from one access point to another access point at a different location without re-authentication, the method comprising:

providing a plurality of network access points configured to provide one or more user device'"'"'s access to a privately controlled computer network;

defining migration permissions for migrating between individual network access locations in the plurality of network access locations, where the migration permissions establish migration rights between individual network access locations in the plurality of network access locations without requiring a user to re-login;

allowing a user device to migrate from communicating with a first network access point in the plurality of network access points to a second network access point in the plurality of network access points without requiring the user to re-login based at least on the location of the first network access point; and

requiring the user to re-login when migrating from the first network access point to a third network access point based at least on the location of the first network access point.

View all claims

7 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present disclosure is directed to providing a network user the ability to travel between different zones or locations within a network environment, such as, for example, a hospitality location, without requiring a user to re-login to the new location, while requiring a user to re-login to other locations within the network environment.

Citations

28 Claims

1. A method for determining whether to allow a network user communicating with a first access point within a privately controlled computer network including multiple access points to migrate from one access point to another access point at a different location without re-authentication, the method comprising:
- providing a plurality of network access points configured to provide one or more user device'"'"'s access to a privately controlled computer network;
  
  defining migration permissions for migrating between individual network access locations in the plurality of network access locations, where the migration permissions establish migration rights between individual network access locations in the plurality of network access locations without requiring a user to re-login;
  
  allowing a user device to migrate from communicating with a first network access point in the plurality of network access points to a second network access point in the plurality of network access points without requiring the user to re-login based at least on the location of the first network access point; and
  
  requiring the user to re-login when migrating from the first network access point to a third network access point based at least on the location of the first network access point.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, wherein the network access point is a port.
  - 3. The method of claim 2, wherein the port is a VLAN port.
  - 4. The method of claim 1, wherein the first and second network access points are comprised in a first zone of network access points and the third network access point is comprised in a second zone of network access points.
  - 5. The method of claim 4, wherein the first zone comprises network access points located in a first physical area and the second zone comprises network access points located in a second physical area.
  - 6. The method of claim 4, further comprising assigning a first SSID to the first zone and a second SSID to the second zone.
  - 7. The method of claim 1, further comprising assigning a first SSID to the first and second network access points and a second SSID to the third network access point.

8. A system for providing computer network access in a secure computer network including a plurality of computer network access points, the system comprising:
- one or more network management devices configured to provide network communications services for one or more network enabled devices; and
  
  a plurality of network access points configured to provide communications portals for facilitating communications between the one or more network management devices and the one or more network enabled devices, the one or more network access points are controllable by the one or more network management devices to allow or deny communications via a second network access point of the plurality of network access points based on an authorization to use a first network access point of the plurality of network access points.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The system of claim 8, wherein the network access points are organized into a plurality of zones, wherein each zone includes at least one network access point.
  - 10. The system of claim 9, wherein at least one SSID is assigned to at least one zone in the plurality of zones.
  - 11. The system of claim 10, wherein at least two SSID'"'"' s are assigned to the at least one zone in the plurality of zones.
  - 12. The system of claim 9, wherein the one or more network management devices allow communications via the second network access point if the first access point is in the same zone and deny communications via the second network access point if the second network access point is in a different zone.
  - 13. The system of claim 9, wherein the one or more network management devices define the zone of the first network access point as a home zone and allow communications with other access points in the plurality of access points corresponding to a second zone if the home zone is defined to allow access to the second zone access points.
  - 14. The system of claim 8, wherein the network access point is a port.

15. A method of providing a user the ability to move between different locations of network access points without requiring re-authentication comprising:
- defining one or more zones, each zone including a plurality of network access points;
  
  allowing a network user to move from a first network access point in a first zone in the plurality of network access points to a second network access point in the plurality of network access points without requiring re-authorization to access the second network access point based at least on the zone of the first access point; and
  
  requiring re-authentication from the user when moving from either the first or second network access points to a third access point at a third location based at least on the zone of the first access point.
- View Dependent Claims (16, 17, 18, 19)
- - 16. The method of claim 15, wherein the network access point is a port.
  - 17. The method of claim 15, wherein re-authorization is required to access a network access point forming part of a second zone.
  - 18. The method of claim 15, wherein defining comprises assigning one or more network address locations to a zone.
  - 19. The method of claim 15, wherein re-authentication comprises using a login screen.

20. A system which provides access rights to a secure computer network based on a physical location of a user, the system comprising:
- a network interface configured to communicate with one or more network enabled user devices and to communicate with other network devices, the network interface configured to provide communications between the one or more network enabled user devices and the other network devices;
  
  a database configured with location dependent network access rights; and
  
  a processor in communication with the network interface and the database, the processor configured to allow or deny network communications through the network interface based on a first location dependent authorization for a network enabled user devices at a first location to communicate through the network interface, the processor further configured to allow communications for the network enabled user device at a second location without re-authorization, wherein the allowance of communications at the second location is based at least on the authorization at the first location, the processor further configured to require reauthorization for the network enabled user device at a third location based at least on the authorization at the first location.
- View Dependent Claims (21, 22, 23, 24, 25, 26, 27, 28)
- - 21. The system of claim 20, the location of the network enabled user device is determined based on a port accessed by the network enabled user device.
  - 22. The system of claim 21, wherein the location dependent network access rights are configured to provide access without re-authorization between ports that form part of a first zone, the first zone including one or more ports, and to require re-authorization when the network enabled user device migrates to a port in a second zone, the second zone including one or more ports.
  - 23. The system of claim 20, wherein authorization comprises one or more of a login, payment of fees, a request for access, or entry of a code.
  - 24. The system of claim 20, wherein authorization comprises the payment of a fee.
  - 25. The system of claim 20, wherein a first SSID is assigned to the first location.
  - 26. The system of claim 20, wherein a plurality of SSIDs are assigned to the first location.
  - 27. The system of claim 20, wherein a first SSID is assigned to the first and second locations and a second SSID is assigned to the third location.
  - 28. The system of claim 27, wherein a third SSID is assigned to the first, second and third locations, and wherein a second network enabled user device configured to access the third SSID is allowed to access the first, second and third locations without re-authorization.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Nomadix, Inc. (Nippon Telegraph and Telephone Corporation)
Original Assignee
Nomadix, Inc. (Nippon Telegraph and Telephone Corporation)
Inventors
Olshansky, Vadim, Noro, Raffaele
Primary Examiner(s)
Zand, Kambiz
Assistant Examiner(s)
WYSZYNSKI, AUBREY H

Application Number

US13/478,458
Publication Number

US 20120297459A1
Time in Patent Office

517 Days
Field of Search

726/3, 726/4, 709/225
US Class Current

726/4
CPC Class Codes

G06F 21/30   Authentication, i.e. establ...

H04L 12/4641   Virtual LANs, VLANs, e.g. v...

H04L 63/0209   Architectural arrangements,...

H04L 63/08   for authentication of entit...

H04L 63/10   for controlling access to d...

H04L 63/102   Entity profiles

H04L 63/107   wherein the security polici...

H04W 12/08   Access security

H04W 84/12   WLAN [Wireless Local Area N...

Zone migration in network access

First Claim

7 Assignments

0 Petitions

Accused Products

Abstract

Citations

28 Claims

Specification

Solutions

Use Cases

Quick Links

Zone migration in network access

First Claim

7 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

28 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links