System and method of controlling application level access of subscriber to a network

US 8,862,751 B2
Filed: 12/08/2000
Issued: 10/14/2014
Est. Priority Date: 05/30/2000
Status: Active Grant

First Claim

Patent Images

1. A method, comprising:

sending, from visited network comprising at least one proxy server to a home network an identification of a subscriber, the location of the subscriber, and a type of access network at which the subscriber is registering, wherein at least the location of the home network is determined by the visited network based on analysis of data transmitted to the visited network from the subscriber using packet data protocol;

in response to the sending, receiving from the home network at the visited network a selected predetermined subscriber profile selected from of a plurality of subscriber profiles for the subscriber based at least in part on the location of subscriber, each subscriber profile of the plurality of subscriber profiles including a different level of access defining at least one of a bandwidth degree, a security degree or supported supplementary services, in which the selected subscriber profile comprises an authorization for an authorized level of access for the type of access network, and storing at the visited network the received selected predetermined subscriber profile; and

controlling, by the visited network, access provided to the subscriber to services provided through the visited network dependent upon a comparison of a requested level of access and the authorized level of access in the stored selected predetermined subscriber profile, wherein the access provided to the subscriber is application level access used to provide connectivity of the subscriber in the visited network defined by the selected subscriber profile.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The invention is a system and method of controlling an access of a subscriber to a network. The method includes sending an identification of the subscriber and a level of access to be provided to the subscriber from a visited network of a plurality of networks (12, 14, 16) connected to a home network (10); in response to the identification of the subscriber and a level of access to be provided to the subscriber, storing a subscriber profile of the authorized of access to be provided to the subscriber; and controlling access of the subscriber to any network dependent upon a comparison of access to be provided to the subscriber and the stored subscriber profile.

Citations

27 Claims

1. A method, comprising:
- sending, from visited network comprising at least one proxy server to a home network an identification of a subscriber, the location of the subscriber, and a type of access network at which the subscriber is registering, wherein at least the location of the home network is determined by the visited network based on analysis of data transmitted to the visited network from the subscriber using packet data protocol;
  
  in response to the sending, receiving from the home network at the visited network a selected predetermined subscriber profile selected from of a plurality of subscriber profiles for the subscriber based at least in part on the location of subscriber, each subscriber profile of the plurality of subscriber profiles including a different level of access defining at least one of a bandwidth degree, a security degree or supported supplementary services, in which the selected subscriber profile comprises an authorization for an authorized level of access for the type of access network, and storing at the visited network the received selected predetermined subscriber profile; and
  
  controlling, by the visited network, access provided to the subscriber to services provided through the visited network dependent upon a comparison of a requested level of access and the authorized level of access in the stored selected predetermined subscriber profile, wherein the access provided to the subscriber is application level access used to provide connectivity of the subscriber in the visited network defined by the selected subscriber profile.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The method in accordance with claim 1 wherein the authorized level of access authorizes a specific degree of bandwidth in communications.
  - 3. The method in accordance with claim 1 wherein the authorized level of access authorizes a specific degree of security in communications.
  - 4. The method in accordance with claim 1 wherein the authorized level of access authorizes specific connection supplementary services.
  - 5. The method in accordance with claim 1 wherein, the home network is an internet protocol network and the visited network is a wireless public cellular bearer network.
  - 6. The method in accordance with claim 5 wherein, the public cellular bearer network is a general packet radio system network.
  - 7. The method in accordance with claim 1 wherein, the home network is an internet protocol network and the visited network is an internet service provider.
  - 8. The method in accordance with claim 1 wherein, the home network is an internet protocol network and the visited network is a wireless local area network.
  - 9. The method in accordance with claim 1 wherein,the application level registration message is generated by the visited network in response to a request from subscriber equipment;
    - in response to an entity in the visited network receiving the request, an address of an entity in the home network is obtained from a routing analysis in the visited network; and
      
      the application level registration message is transmitted to the address in the home network.
  - 10. The method according to claim 1, in which the type of access network is sent by the visited network to the home network as an access type indicator.
  - 11. The method of claim 1, further comprising performing a transport level registration of the subscriber prior to performing the application level registration of the subscriber.

12. An apparatus comprising:
- at least one server configured to send, to a home network an identification of a subscriber, the location of the subscriber, and a type of access network at which the subscriber is registering, wherein at least the location of the home network is determined by the visited network based on analysis of data transmitted to the visited network from the subscriber using packet data protocol;
  
  the at least one server further configured, in response to the sending, to receive from the home network a selected predetermined subscriber profile selected from of a plurality of subscriber profiles for the subscriber based at least in part on the location of subscriber, each subscriber profile of the plurality of subscriber profiles including a different level of access defining at least one of a bandwidth degree, a security degree or supported supplementary services, in which the selected subscriber profile comprises an authorization for an authorized level of access for the type of access network, and to store at the server the received selected predetermined subscriber profile; and
  
  the at least one server further configured to control access provided to the subscriber to services provided through the server dependent upon a comparison of a requested level of access and the authorized level of access in the stored selected predetermined subscriber profile, wherein access provided to the subscriber is application level access used to provide connectivity of the subscriber in the visited network defined by the selected subscriber profile.
- View Dependent Claims (13, 14, 15, 16, 17)
- - 13. The apparatus in accordance with claim 12, wherein the authorized level of access authorizes a specific degree of bandwidth in communications.
  - 14. The apparatus in accordance with claim 12, wherein the authorized level of access authorizes a specific degree of security in communications.
  - 15. The apparatus in accordance with claim 12, wherein the authorized level of access authorizes specific connection supplementary services.
  - 16. The apparatus according to claim 12, in which the at least one server is further configured to send to the home network the type of access network as an access type indicator.
  - 17. The apparatus of claim 12, where the at least one service is further configured to perform a transport level registration of the subscriber prior to performing the application level registration of the subscriber.

18. A method comprising:
- in a home network comprising at least one server, storing for a given subscriber a plurality of subscriber profiles, each subscriber profile indicating a different level of access for which the given subscriber is authorized;
  
  in response to receiving, at the home network from a visited network, a message identifying the given subscriber, the location of the subscriber, and a type of access network at which the subscriber is registering, wherein at least the location of the home network is determined by the visited network based on analysis of data transmitted to the visited network from the subscriber using packet data protocol, selecting, by the home network, from the stored plurality of subscriber profiles a selected predetermined subscriber profile selected based at least in part on the location of subscriber, each subscriber profile of the plurality of subscriber profiles including a different level of access defining at least one of a bandwidth degree, a security degree or supported supplementary services, the selected subscriber profile indicating a level of access that is authorized for the given subscriber for the type of access network based at least in part on the given subscriber and the type of access network at which the subscriber is registering; and
  
  sending from the home network to the visited network the selected predetermined subscriber profile effective to enable the visited network to control access provided to the subscriber to services provided through the visited network dependent upon a comparison of a requested level of access and the authorized level of access in the selected predetermined subscriber profile, where the access provided to the subscriber is application level access used to provide connectivity of the subscriber in the visited network defined by the selected subscriber profile.
- View Dependent Claims (19, 20, 21, 22)
- - 19. The method in accordance with claim 18, wherein each different level of access in the different subscriber profiles of the plurality of subscriber profiles provides a different degree of bandwidth in communications.
  - 20. The method in accordance with claim 18, wherein each different level of access in the different subscriber profiles of the plurality of subscriber profiles provides for a different degree of security in communications.
  - 21. The method in accordance with claim 18, wherein each different level of access in the different subscriber profiles of the plurality of subscriber profiles provides different connection supplementary services.
  - 22. The method according to claim 18, in which the type of access network at which the subscriber is registering comprises an access type indicator which identifies a type of access network at which the subscriber is registered.

23. An apparatus comprising:
- at least one server storing for a given subscriber a plurality of subscriber profiles, each subscriber profile indicating a different level of access for which the given subscriber is authorized;
  
  the at least one server configured, in response to the apparatus receiving from a visited network a message identifying the given subscriber, the location of the subscriber and a type of access network at which the subscriber is registering, wherein at least the location of the home network is determined by the visited network based on analysis of data transmitted to the visited network from the subscriber using packet data protocol, to select from the stored plurality of subscriber profiles a selected predetermined subscriber profile selected based at least in part on the location of subscriber, each subscriber profile of the plurality of subscriber profiles including a different level of access defining at least one of a bandwidth degree, a security degree or supported supplementary services, the selected subscriber profile indicating a level of access that is authorized for the given subscriber for the type of access network based at least in part on the given subscriber and the type of access network at which the subscriber is registering; and
  
  the at least one server configured to send to the visited network the selected predetermined subscriber profile effective to enable the visited network to control access provided to the subscriber to services provided through the visited network dependent upon a comparison of a requested level of access and the authorized level of access in the selected predetermined subscriber profile, where the access provided to the subscriber is application level access used to provide connectivity of the subscriber in the visited network defined by the selected subscriber profile.
- View Dependent Claims (24, 25, 26, 27)
- - 24. The apparatus according to claim 23, in which the type of access network comprises an access type indicator.
  - 25. The apparatus in accordance with claim 23, wherein the level of access of the selected subscriber profile authorizes a specific degree of bandwidth in communications.
  - 26. The apparatus in accordance with claim 23, wherein the level of access of the selected subscriber profile authorizes a specific degree of security in communications.
  - 27. The apparatus in accordance with claim 23, wherein the level of access of the selected subscriber profile authorizes specific connection supplementary services.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Nokia Technologies Oy (Nokia Corporation)
Original Assignee
Nokia Corporation
Inventors
Faccin, Stefano, Purnadi, Rene, Hulkkonen, Tony, Rajaniemi, Jaakko, Tuohino, Markku, Sivanandan, Mohan
Primary Examiner(s)
Golabbakhsh, Ebrahim

Application Number

US09/731,758
Publication Number

US 20010049790A1
Time in Patent Office

5,058 Days
Field of Search

709200-253, 455/433
US Class Current

709/229
CPC Class Codes

H04L 63/104   Grouping of entities

H04L 67/04   specially adapted for termi...

H04L 67/306   User profiles

H04L 69/329   in the application layer [O...

H04W 8/00   Network data management

H04W 8/02   Processing of mobility data...

H04W 8/08   Mobility data transfer

H04W 8/18   Processing of user or subsc...

System and method of controlling application level access of subscriber to a network

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

Citations

27 Claims

Specification

Solutions

Use Cases

Quick Links

System and method of controlling application level access of subscriber to a network

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

27 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links