Systems and methods for authorizing, authenticating and accounting users having transparent computer access to a network using a gateway device
First Claim
1. A method of managing access to network resources, the method being performed by a network management system in communication with a portable communication device, the method comprising:
- receiving, at a communications port of a wireless access point of the network management system from a portable communication device, a connection request for an external server, the connection request comprising one or more network packets;
transmitting the connection request from the wireless access point to a controller of the network management system;
determining, using the controller, whether to provide the portable communication device with access to the external server, the determination being based at least in part on comparing an attribute included in the connection request to a user profile database; and
upon determining that the portable communication device is not at that time permitted with access to the external server, redirecting the portable communication device to an authentication system, the redirection including;
sending transmission control protocol handshake completion data from the communications port of the wireless access point to the portable communication device in response to the connection request, said transmission control protocol handshake completion data configured to indicate that it was sent by the external server;
receiving at the controller via the wireless access point a request from the portable communication device for a network resource of the external server;
receiving, at the wireless access point from the controller, the redirection data comprising resource identification data that identifies the authentication system, the redirection data configured to cause the portable communication device to be redirected to the authentication system; and
sending, from the communications port of the wireless access point to the portable communication device, a browser redirect message based upon the redirection data;
whereby the portable communication device provides authentication-related information wherein the portable communication system can be provided access to the network resource, wherein the network management system need not communicate with the external server to redirect the portable communication device.
10 Assignments
0 Petitions
Accused Products
Abstract
A system and method for authorizing, authenticating and accounting users having transparent access to a destination network, wherein the users otherwise have access to a home network through home network settings resident on the user'"'"'s computers, and wherein the users can access the destination network without altering the home network settings and without installing software on the user'"'"'s computer. The system includes a gateway device for receiving a request from a user for access to the destination network, and means for identifying an attribute associated with the user based upon a packet received by the gateway device, wherein the packet is transmitted from the user'"'"'s computer, and wherein the user'"'"'s computer is configured for accessing the home network.
922 Citations
88 Claims
-
1. A method of managing access to network resources, the method being performed by a network management system in communication with a portable communication device, the method comprising:
-
receiving, at a communications port of a wireless access point of the network management system from a portable communication device, a connection request for an external server, the connection request comprising one or more network packets; transmitting the connection request from the wireless access point to a controller of the network management system; determining, using the controller, whether to provide the portable communication device with access to the external server, the determination being based at least in part on comparing an attribute included in the connection request to a user profile database; and upon determining that the portable communication device is not at that time permitted with access to the external server, redirecting the portable communication device to an authentication system, the redirection including; sending transmission control protocol handshake completion data from the communications port of the wireless access point to the portable communication device in response to the connection request, said transmission control protocol handshake completion data configured to indicate that it was sent by the external server; receiving at the controller via the wireless access point a request from the portable communication device for a network resource of the external server; receiving, at the wireless access point from the controller, the redirection data comprising resource identification data that identifies the authentication system, the redirection data configured to cause the portable communication device to be redirected to the authentication system; and sending, from the communications port of the wireless access point to the portable communication device, a browser redirect message based upon the redirection data; whereby the portable communication device provides authentication-related information wherein the portable communication system can be provided access to the network resource, wherein the network management system need not communicate with the external server to redirect the portable communication device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19)
-
-
20. A network management system configured to manage access to a network resource, the system comprising:
-
a wireless access point configured to receive, from a portable communication device, a connection request for an external server, the connection request comprising one or more network packets; and a controller configured to receive the connection request from the wireless access point and determine whether to allow the portable communication device to access the external server, the determination being based at least in part on comparing one or more attributes included in the connection request to a user profile database; the network management system further configured to redirect the portable communication device to an authentication system, upon determining not to allow the portable communication device to access the external server at that time, the redirect including; sending transmission control protocol handshake completion data from the communications port of the wireless access point to the portable communication device in response to the connection request, said transmission control protocol handshake completion data configured to indicate that it was sent by the external server; receiving at the controller via the wireless access point a request from the portable communication device for a network resource of the external server; receiving, at the wireless access point from the controller, redirection data comprising resource identification data that identifies the authentication system, the redirection data configured to cause the portable communication device to be redirected to the authentication system; and sending, from the communications port of the wireless access point to the portable communication device, a browser redirect message based upon the redirection data; whereby the portable communication device submits authentication-related information wherein the portable communication system can be allowed to access the network resource, wherein the network management system need not communicate with the external server to redirect the portable communication device. - View Dependent Claims (21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35)
-
-
36. A method of accessing a network resource of an external server by a portable communication device, the method performed by a network management system in communication with the portable communication device, the method comprising:
-
receiving, at a communications port of a wireless access point of the network management system from a portable communication device, a connection request for an external server, the connection request comprising one or more network packets; transmitting the connection request from the wireless access point to a controller of the network management system; determining, using the controller, whether to provide the portable communication device with access to the external server, the determination being based at least in part on comparing one or more attributes included in the connection request to a user profile database; sending transmission control protocol handshake completion data from the communications port of the wireless access point to the portable communication device in response to the connection request, said transmission control protocol handshake completion data configured to indicate that it was sent by the external server; receiving, at the wireless access point from the controller, redirection data comprising resource identification data that identifies an authentication system, the redirection data configured to cause the portable communication device to be redirected to the authentication system; and sending, from the communications port of the wireless access point to the portable communication device, a browser redirect message based upon the redirection data, the browser redirect message being sent upon a determination not to provide the portable communication device with access to the external server at that time; whereby the portable communication device transmits authentication-related information wherein the portable communication system can be provided access to a network resource of the external server, wherein the network management system need not communicate with the external server to redirect the portable communication device. - View Dependent Claims (37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61)
-
-
62. A network management system configured to manage access of a portable communication device to a network resource of an external server, the system comprising:
-
a wireless access point configured to receive, from a portable communication device, a connection request for an external server, the connection request comprising one or more network packets; and a controller configured to receive the connection request from the wireless access point and determine whether to allow the portable communication device to access the external server, the determination being based at least in part on comparing an attribute included in the connection request to a user profile database; the network management system further configured to redirect the portable communication device to an authentication system, by performing operations comprising; sending transmission control protocol handshake completion data from the communications port of the wireless access point to the portable communication device in response to the connection request, said transmission control protocol handshake completion data configured to indicate that it was sent by the external server; receiving, at the wireless access point from the controller, redirection data comprising resource identification data that identifies the authentication system, the redirection data configured to cause the portable communication device to be redirected to the authentication system; and sending, from the communications port of the wireless access point to the portable communication device, a browser redirect message based upon the redirection data, the browser redirect message being sent as a result of the determination not to allow the portable communication device to access the network resource; whereby the portable communication device transmits authentication-related information wherein the portable communication system can be allowed to access a network resource of the external server, wherein the network management system need not communicate with the external server to redirect the portable communication device. - View Dependent Claims (63, 64, 65, 66, 67, 68, 69, 70, 71, 72, 73, 74, 75, 76, 77, 78, 79, 80, 81, 82, 83, 84, 85, 86, 87, 88)
-
Specification