Wireless local area network access

US 9,742,775 B2
Filed: 08/08/2014
Issued: 08/22/2017
Est. Priority Date: 07/01/2014
Status: Active Grant

First Claim

Patent Images

1. An access system for a wireless local area network, the access system comprising:

one or more processors; and

a machine-readable medium comprising instructions stored therein, which when executed by the one or more processors, cause the one or more processors to perform operations comprising;

broadcasting a message, the message indicating an availability for authentication with a cloud-based service over a public network;

receiving, from a wireless client device and responsive to the broadcasting, an authentication request comprising credentials for a user account of the cloud-based service, the authentication request being received prior to the wireless client device being associated with the wireless local area network;

forwarding, over the public network, the authentication request including the credentials for the user account to a server associated with the cloud-based service for authentication of the credentials for the user account;

receiving, from the server over the public network, a list of one or more network identifiers that identify one or more networks for which access by the user account of the cloud-based service is authorized; and

sending the received list of one or more network identifiers to the wireless client device,wherein the received list of one or more network identifiers that identify the one or more networks for which access by the user account of the cloud-based service is authorized is sent to the wireless client device prior to the wireless client device being associated with the wireless local area network.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and machine-implemented method of wireless network access are provided. An authentication request comprising credentials for a user account of a cloud-based service is received from a wireless client device. The authentication request is forwarded to a server associated with the cloud-based service for authentication of the user account credentials. A list of one or more network identifiers corresponding to networks for which access by the user account of the cloud-based service is authorized is received from the server. The received list of one or more network identifiers is sent to the wireless client device, wherein the received list of one or more network identifiers is sent to the wireless client device prior to the wireless client device being associated with the wireless local area network.

Citations

33 Claims

1. An access system for a wireless local area network, the access system comprising:
- one or more processors; and
  
  a machine-readable medium comprising instructions stored therein, which when executed by the one or more processors, cause the one or more processors to perform operations comprising;
  
  broadcasting a message, the message indicating an availability for authentication with a cloud-based service over a public network;
  
  receiving, from a wireless client device and responsive to the broadcasting, an authentication request comprising credentials for a user account of the cloud-based service, the authentication request being received prior to the wireless client device being associated with the wireless local area network;
  
  forwarding, over the public network, the authentication request including the credentials for the user account to a server associated with the cloud-based service for authentication of the credentials for the user account;
  
  receiving, from the server over the public network, a list of one or more network identifiers that identify one or more networks for which access by the user account of the cloud-based service is authorized; and
  
  sending the received list of one or more network identifiers to the wireless client device,wherein the received list of one or more network identifiers that identify the one or more networks for which access by the user account of the cloud-based service is authorized is sent to the wireless client device prior to the wireless client device being associated with the wireless local area network.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The access system of claim 1, wherein the operations further comprise:
    - receiving an association request from the wireless client device in response to sending the received list of one or more network identifiers; and
      
      associating the wireless client device with the wireless local area network in response to the association request when the received list of one or more network identifiers transmitted to the wireless client device comprises a network identifier associated with the wireless local area network, otherwise not associating the wireless client device with the wireless local area network.
  - 3. The access system of claim 2, wherein the operations further comprise sending a notification of the association of the wireless client device to the server.
  - 4. The access system of claim 1, wherein the list of one or more network identifiers does not include a network identifier associated with the wireless local area network.
  - 5. The access system of claim 1, wherein the broadcasted message comprises an advertisement.
  - 6. The access system of claim 5, wherein the advertisement comprises a beacon message sent by the access system, and wherein the beacon message is sent prior to the wireless client device sending the authentication request.
  - 7. The access system of claim 5, wherein the operations further comprise receiving an information request from the wireless client device prior to the wireless client device sending the authentication request, andwherein the advertisement is sent in response to receiving the information request from the wireless client device.
  - 8. The access system of claim 1, wherein the user account of the cloud-based service is associated with a user of the wireless client device, andwherein the list of one or more network identifiers is ordered based on social indicators associating the user of the wireless client device with network owners of the one or more networks corresponding to the list of one or more network identifiers.
  - 9. The access system of claim 1, wherein the received list of one or more network identifiers that identify the one or more networks comprise one or more service set identifiers (SSIDs) or basic service set identifiers (BSSIDs).
  - 10. The access system of claim 1, wherein the public network comprises the Internet.

11. A non-transitory computer-readable medium storing instructions therein that, when executed by one or more processors, cause the one or more processors to perform operations comprising:
- sending an advertisement by an access system, the advertisement indicating an availability for authentication over a wide area network with a cloud-based service and the access system for accessing a wireless local area network;
  
  receiving, from a wireless client device and responsive to the advertisement, an authentication request comprising credentials for a user account of the cloud-based service, the authentication request being received prior to the wireless client device being associated with the wireless local area network;
  
  forwarding, over the wide area network, the authentication request to a server associated with the cloud-based service for authentication of the credentials for the user account;
  
  receiving, from the server over the wide area network, a list of one or more network identifiers that identify one or more networks for which access by the user account of the cloud-based service is authorized; and
  
  sending, to the wireless client device, the received list of one or more network identifiers that identify the one or more networks for which access by the user account of the cloud-based service is authorized,wherein the received list of one or more network identifiers is sent to the wireless client device prior to the wireless client device being associated with the wireless local area network.
- View Dependent Claims (12, 13, 14, 15, 16)
- - 12. The non-transitory computer-readable medium of claim 11, wherein the operations further comprise:
    - receiving an association request from the wireless client device in response to sending the received list of one or more network identifiers; and
      
      associating the wireless client device with the wireless local area network in response to the association request when the list of one or more network identifiers sent to the wireless client device comprises a network identifier associated with the wireless local area network.
  - 13. The non-transitory computer-readable medium of claim 11, wherein the advertisement comprises a beacon message, and wherein the beacon message is sent prior to the wireless client device sending the authentication request.
  - 14. The non-transitory computer-readable medium of claim 11, wherein the operations further comprise receiving an information request from the wireless client device prior to the wireless client device sending the authentication request, andwherein the advertisement is sent in response to receiving the information request from the wireless client device.
  - 15. The non-transitory computer-readable medium of claim 11, wherein the user account of the cloud-based service is associated with a user of the wireless client device, andwherein the list of one or more network identifiers is ordered based on social indicators associating the user of the wireless client device with network owners of the one or more networks corresponding to the list of one or more network identifiers.
  - 16. The non-transitory computer-readable medium of claim 11, wherein the wide area network comprises the Internet.

17. A computer-implemented method, comprising:
- broadcasting a message by an access system, the message indicating an availability for authentication with a cloud-based service and the access system for accessing a wireless local area network;
  
  receiving, from a wireless client device and responsive to broadcasting the message, an authentication request comprising credentials for a user account of a cloud-based service prior to the wireless client device being associated with the access system;
  
  forwarding, over a public network the authentication request to a server associated with the cloud-based service for authentication of the credentials for the user account;
  
  receiving, from the server and over the public network, a data item for identifying one or more network identifiers corresponding to one or more networks for which access by the user account of the cloud-based service is authorized; and
  
  sending, to the wireless client device, the received data item that identifies the one or more network identifiers corresponding to the one or more networks for which access by the user account of the cloud-based service is authorized,wherein the received data item is sent to the wireless client device prior to the wireless client device being associated with the wireless local area network.
- View Dependent Claims (18, 19, 20, 21, 22)
- - 18. The method of claim 17, wherein the method further comprises:
    - receiving an association request from the wireless client device in response to sending the data item; and
      
      associating the wireless client device with the wireless local area network in response to the association request when the data item sent to the wireless client device includes a network identifier associated with the wireless local area network.
  - 19. The method of claim 17, wherein the method further comprises sending an advertisement indicating availability of authentication with the cloud-based service.
  - 20. The method of claim 19, wherein the advertisement comprises a beacon message, and wherein the beacon message is sent prior to the wireless client device sending the authentication request.
  - 21. The method of claim 19, wherein the method further comprises receiving an information request from the wireless client device prior to the wireless client device sending the authentication request, andwherein the advertisement is sent in response to receiving the information request from the wireless client device.
  - 22. The method of claim 17, wherein the data item comprises a bloom filter configured to identify the one or more network identifiers corresponding to the one or more networks for which access by the user account of the cloud-based service is authorized.

23. A non-transitory computer-readable medium storing instructions therein that, when executed by one or more processors of a wireless client device, cause the one or more processors to perform operations comprising:
- receiving a broadcast message from a first access device, the broadcast message indicating availability of authentication over a public network with a cloud-based service for access to a first wireless local area network and the broadcast message being received prior to the wireless client device determining whether to associate with the first wireless local area network;
  
  sending an authentication request to the first access device, the authentication request comprising credentials for a user account of the cloud-based service; and
  
  receiving a data item for identifying one or more network identifiers corresponding to one or more networks for which access by the user account of the cloud-based service is authorized, wherein the one or more network identifiers comprises a first network identifier and the data item is received prior to the wireless client device determining whether to associate with the first access device for the first wireless local area network; and
  
  associating the wireless client device with the first wireless local area network without providing the credentials when the first network identifier corresponds to the first wireless local area network.
- View Dependent Claims (24, 25, 26, 27, 28, 29)
- - 24. The non-transitory computer-readable medium of claim 23, wherein associating with the first wireless local area network comprises:
    - checking the received data item for the first network identifier corresponding to the first wireless local area network of the first access device;
      
      sending an association request to the first access device when the data item includes the first network identifier corresponding to the first wireless local area network of the first access device; and
      
      receiving an association confirmation from the first access device confirming association with the first wireless local area network of the first access device, wherein the association confirmation is distinct from the data item.
  - 25. The non-transitory computer-readable medium of claim 24, wherein the operations further comprise:
    - sending an authentication request to a second access device for a second wireless local area network corresponding to a second network identifier included in the data item if the first network identifier corresponding to the first wireless local area network of the first access device is not included in the data item.
  - 26. The non-transitory computer-readable medium of claim 25, wherein the operations further comprise selecting the second network identifier in the data item based on social indicators associating the user account with a network owner of the second wireless local area network.
  - 27. The non-transitory computer-readable medium of claim 26, wherein the social indicators comprise frequency of electronic messaging between the user account and the network owner and/or a shared social network group.
  - 28. The non-transitory computer-readable medium of claim 23, wherein the operations further comprise sending an information request message to the first access device, andwherein the broadcast message from the first access device is received in response to the information request message.
  - 29. The non-transitory computer-readable medium of claim 23, wherein the data item comprises a bloom filter configured to identify the one or more network identifiers corresponding to the one or more networks for which access by the user account of the cloud-based service is authorized.

30. A wireless client system comprising:
- one or more hardware processors; and
  
  a machine-readable medium comprising instructions stored therein, which when executed by the one or more hardware processors, cause the one or more hardware processors to perform operations comprising;
  
  receiving a broadcast message from a first access device, the broadcast message indicating availability of authentication over a public network with a cloud-based service for access to a first wireless local area network and the broadcast message being received without the wireless client system being associated with the first wireless local area network;
  
  sending an authentication request to the first access device, the authentication request comprising credentials for a user account of the cloud-based service;
  
  receiving a list of one or more network identifiers prior to association with the first access device for the first wireless local area network, wherein the received list of one or more network identifiers identifies one or more networks for which access by the user account of the cloud-based service is authorized;
  
  determining whether the received list of one or more network identifiers includes a first network identifier corresponding to the first wireless local area network of the first access device;
  
  sending, responsive to the determining, an association request to the first access device when the received list is determined to include the first network identifier corresponding to the first wireless local area network of the first access device; and
  
  receiving an association confirmation from the first access device confirming association with the first wireless local area network of the first access device.
- View Dependent Claims (31, 32, 33)
- - 31. The wireless client system of claim 30, further comprising:
    - sending an authentication request to a second access device for a second wireless local area network corresponding to a second network identifier included in the received list if the first network identifier corresponding to the first wireless local area network of the first access device is not included in the received list.
  - 32. The wireless client system of claim 31, further comprising selecting the second network identifier in the received list based on social indicators associating the user account with a network owner of the second wireless local area network.
  - 33. The wireless client system of claim 32, wherein the social indicators comprise frequency of electronic messaging between the user account and the network owner and/or a shared social network group.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Google LLC (Alphabet Inc.)
Original Assignee
Google Inc. (Alphabet Inc.)
Inventors
Huang, Jonathan, Bird, David
Primary Examiner(s)
ZHAO, DON GORDON

Application Number

US14/455,829
Publication Number

US 20160006739A1
Time in Patent Office

1,110 Days
Field of Search
US Class Current
CPC Class Codes

H04L 63/08   for authentication of entit...

H04L 63/101   Access control lists [ACL]

H04W 12/06   Authentication

H04W 12/08   Access security

H04W 12/50   Secure pairing of devices

H04W 12/73   Access point logical identity

H04W 84/12   WLAN [Wireless Local Area N...

Wireless local area network access

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

33 Claims

Specification

Solutions

Use Cases

Quick Links

Wireless local area network access

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

33 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links