Management of access to service in an access point

US 10,645,582 B2
Filed: 10/21/2016
Issued: 05/05/2020
Est. Priority Date: 10/15/2009
Status: Active Grant

First Claim

Patent Images

1. A system, comprising:

a processor; and

a memory that stores executable instructions that, when executed by the processor, facilitate performance of operations, comprising;

receiving request data indicative of a request from a mobile device to access a network device of a network via the system;

receiving, from a first storage device of the system, first access data that defines a first access control list of first mobile devices authorized to access the network device;

decoding the request data to determine credential data indicative of a credential associated with the mobile device;

determining whether the mobile device is authorized to access the network device of the network via the system based on the credential data and the first access data;

forwarding the credential data of the mobile device to a server device in response to a first determination, based on the credential data and the first access data, that the mobile device is not authorized to access the network device via the system;

receiving a second access data from a second storage device of the server device;

employing the second access data to determine, based on a second determination, that the mobile device is authorized to access the network device of the network via the system, wherein the second access data defines authorization data indicative of a second access control list of second mobile devices authorized to access the network device of the network via the system, wherein the authorization data comprises time data indicative of an interval of time, wherein the authorization data comprises location data indicative of a location associated with the access to the network device, wherein the second access data comprises service attribute data indicative of service attributes that regulate access to wireless resources for the second mobile devices, wherein the service attribute data comprises priority data, indicative of a priority ranking for the mobile device to access the wireless resources, wherein the service attribute data comprises access quality data, indicative of a quality of service profile for the mobile device with respect to the wireless resources, and wherein a portion of the service attribute data is generated based on data provided by a source device in communication with the server device and the second storage device;

replacing the first access data stored in the first storage device with the second access data received from the second storage device of the server device;

generating, in response to the first determination associated with the first access data that the mobile device is not authorized to access the network device and the second determination associated with the second access data that the mobile device is authorized to access the network device, access intelligence data indicative of information associated with a prediction of one or more events at the network device, wherein the generating the access intelligence data comprises employing one or more artificial intelligence techniques, and wherein the one or more events comprise an attachment event associated with the network device; and

providing, in response to the first determination associated with the first access data that the mobile device is not authorized to access the network device and the second determination associated with the second access data that the mobile device is authorized to access the network device, the mobile device access to the network device for the interval of time at the location based on the access intelligence data, the authorization data and the service attribute data that comprises the priority data and the access quality data.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Access rights to wireless resources and telecommunication service(s) supplied through a set of access points (APs) are configured. Access to wireless resources is authorized by access attributes in access control list(s) (ACL(s)) while a profile of service attributes linked to the ACL(s) regulate provision of telecommunication service(s). Access and service attributes can be automatically or dynamically configured, at least in part, in response to changes in data that directly or indirectly affects an operation environment in which the set of APs is deployed. Automatic or dynamic configuration of access or service attributes enable control or coordination of wireless service provided through the set of APs; degree of control or coordination is determined at least in part by enablement or disablement of disparate services for disparate devices at disparate access points at disparate times and with disparate service priority.

389 Citations

20 Claims

1. A system, comprising:
- a processor; and
  
  a memory that stores executable instructions that, when executed by the processor, facilitate performance of operations, comprising;
  
  receiving request data indicative of a request from a mobile device to access a network device of a network via the system;
  
  receiving, from a first storage device of the system, first access data that defines a first access control list of first mobile devices authorized to access the network device;
  
  decoding the request data to determine credential data indicative of a credential associated with the mobile device;
  
  determining whether the mobile device is authorized to access the network device of the network via the system based on the credential data and the first access data;
  
  forwarding the credential data of the mobile device to a server device in response to a first determination, based on the credential data and the first access data, that the mobile device is not authorized to access the network device via the system;
  
  receiving a second access data from a second storage device of the server device;
  
  employing the second access data to determine, based on a second determination, that the mobile device is authorized to access the network device of the network via the system, wherein the second access data defines authorization data indicative of a second access control list of second mobile devices authorized to access the network device of the network via the system, wherein the authorization data comprises time data indicative of an interval of time, wherein the authorization data comprises location data indicative of a location associated with the access to the network device, wherein the second access data comprises service attribute data indicative of service attributes that regulate access to wireless resources for the second mobile devices, wherein the service attribute data comprises priority data, indicative of a priority ranking for the mobile device to access the wireless resources, wherein the service attribute data comprises access quality data, indicative of a quality of service profile for the mobile device with respect to the wireless resources, and wherein a portion of the service attribute data is generated based on data provided by a source device in communication with the server device and the second storage device;
  
  replacing the first access data stored in the first storage device with the second access data received from the second storage device of the server device;
  
  generating, in response to the first determination associated with the first access data that the mobile device is not authorized to access the network device and the second determination associated with the second access data that the mobile device is authorized to access the network device, access intelligence data indicative of information associated with a prediction of one or more events at the network device, wherein the generating the access intelligence data comprises employing one or more artificial intelligence techniques, and wherein the one or more events comprise an attachment event associated with the network device; and
  
  providing, in response to the first determination associated with the first access data that the mobile device is not authorized to access the network device and the second determination associated with the second access data that the mobile device is authorized to access the network device, the mobile device access to the network device for the interval of time at the location based on the access intelligence data, the authorization data and the service attribute data that comprises the priority data and the access quality data.
- View Dependent Claims (2, 3, 4, 9, 16, 18)
- - 2. The system of claim 1, wherein the providing comprises adjusting the time data in correspondence with changes to a bandwidth associated with the network device of the network.
  - 3. The system of claim 1, wherein the providing comprises providing the mobile device the access to the network device of the network based on the data provided by the source device communicatively coupled to the server device.
  - 4. The system of claim 1, wherein the providing comprises providing the mobile device the access to the network device of the network based on service data indicative of network service parameters for respective mobile devices of the second mobile devices.
  - 9. The system of claim 1, wherein the second access data comprises a different amount of access control list data than the first access data.
  - 16. The system of claim 1, wherein the operations further comprise:
    - authorizing the mobile device to access the network device in response to a third determination that the mobile device is included in the second mobile devices.
  - 18. The system of claim 1, wherein the operations further comprise:
    - comparing the access intelligence data to historical access intelligence data to evaluate accuracy of the access intelligence data.

5. A method, comprising:
- receiving, by an access point device comprising a processor, a signal indicative of a request from a mobile device to access a network device of a communication network via the access point device;
  
  receiving, by the access point device and from a first storage device of the access point device, first access data that defines a first group of first mobile devices authorized to access the network device;
  
  decoding, by the access point device, the signal to determine credential data indicative of a credential for the mobile device;
  
  determining, by the access point device, whether the mobile device is authorized to access the network device via the access point device based on the credential data and the first access data;
  
  transmitting, by the access point device, the credential data of the mobile device to a server device in response to a first determination, based on the credential data and the first access data, that the mobile device is not authorized to access the network device;
  
  receiving, by the access point device, second access data from a second storage device of the server device;
  
  employing, by the access point device, the second access data to determine, based on a second determination, that the mobile device is authorized to access the network device of the communication network via the access point device, and wherein the second access data defines authorization data indicative of a second group of second mobile devices authorized to access the network device of the communication network via the access point device;
  
  replacing, by the access point device, the first access data stored in the first storage device with the second access data received from the second storage device to facilitate the authorizing of the mobile device; and
  
  authorizing, by the access point device in response to the first determination associated with the first access data that the mobile device is not authorized to access the network device and the second determination associated with the second access data that the mobile device is authorized to access the network device, the mobile device to access the network device for a period of time at a geographic location based on the authorization data, access time data received from the server device and indicative of the period of time, location data received from the server device and indicative of the geographic location associated with the access to the network device, priority data indicative of a priority ranking for the mobile device to access wireless resources via the access point device, access quality data indicative of a quality of a service profile for the mobile device with respect to the wireless resources associated with the access point device, service attribute data indicative of service attributes that regulate access to communication resources for the second mobile devices, and access intelligence data indicative of information associated with a prediction of one or more events at the network device, wherein the service attribute data is defined by the second access data, wherein a portion of the service attribute data is generated based on data provided by a source device in communication with the server device and the second storage device, wherein the access intelligence data is generated in response to the first determination associated with the first access data that the mobile device is not authorized to access the network device and the second determination associated with the second access data that the mobile device is authorized to access the network device, wherein the access intelligence data is generated based on one or more artificial intelligence techniques, and wherein the one or more events comprise an attachment event associated with the network device.
- View Dependent Claims (6, 7, 10, 17, 19)
- - 6. The method of claim 5, wherein the authorizing comprises authorizing the mobile device to access the network device in response to a third determination that the mobile device is included in the second mobile devices.
  - 7. The method of claim 5, wherein the authorizing comprises altering the access time data based on data utilization associated with the network device of the communication network.
  - 10. The method of claim 5, wherein the second access data comprises a different amount of access control list data than the first access data.
  - 17. The method of claim 5, wherein the authorizing comprises authorizing the mobile device to access the network device based on data provided by a source device communicatively coupled to the server device.
  - 19. The method of claim 5, further comprising:
    - comparing the access intelligence data to historical access intelligence data to evaluate accuracy of the access intelligence data.

8. A non-transitory machine-readable storage medium comprising executable instructions that, when executed by a processor, facilitate performance of operations, comprising:
- receiving request data indicative of a request from a mobile device to access a network device of a telecommunication network via an access point device;
  
  receiving, from a first storage device of the access point device, first access data that defines a first access control list of first mobile devices authorized to access the network device via the access point device;
  
  decoding the request data to determine credential data indicative of a credential for the mobile device;
  
  determining whether the mobile device is authorized to access the network device via the access point device based on the credential data and the first access data;
  
  sending the credential data of the mobile device to a server device in response to a first determination, based on the credential data and the first access data, that the mobile device is not authorized to access the network device via the access point device;
  
  receiving second access data from a second storage device of the server device;
  
  employing the second access data to determine, based on a second determination, that the mobile device is authorized to access the network device of the telecommunication network via the access point device, and wherein the second access data includes authorization data that defines a second access control list of second mobile devices authorized to access the network device of the telecommunication network via the access point device;
  
  replacing the first access data stored in the first storage device with the second access data; and
  
  in response to the first determination associated with the first access data that the mobile device is not authorized to access the network device and the second determination associated with the second access data that the mobile device is authorized to access the network device, permitting, based on the authorization data, time data indicative of a time period defined by the second access data, location data indicative of a location associated with the access to the network device, priority data indicative of a priority ranking for the mobile device to access wireless resources via the access point device, access quality data indicative of a quality of a service profile for the mobile device with respect to the wireless resources associated with the access point device, service attribute data indicative of service attributes that regulate access to the wireless resources for the second mobile devices, and access intelligence data indicative of information associated with a prediction of one or more events at the network device, the mobile device to access to the network device via the access point device during the time period and at the location determined by the server device, wherein the service attribute data is defined by the second access data, wherein a portion of the service attribute data is generated based on data provided by a source device in communication with the server device and the second storage device, wherein the access intelligence data is generated in response to the first determination associated with the first access data that the mobile device is not authorized to access the network device and the second determination associated with the second access data that the mobile device is authorized to access the network device, wherein the access intelligence data is generated based on one or more artificial intelligence techniques, and wherein the one or more events comprise an attachment event associated with the network device.
- View Dependent Claims (11, 12, 13, 14, 15, 20)
- - 11. The non-transitory machine-readable storage medium of claim 8, wherein a first size of a first access control list associated with the first access data is different than a second size of a first access control list associated with the second access data.
  - 12. The non-transitory machine-readable storage medium of claim 8, wherein the operations further comprise:
    - adjusting the time data in correspondence with changes to a bandwidth associated with the network device of the telecommunication network.
  - 13. The non-transitory machine-readable storage medium of claim 8, wherein the operations further comprise:
    - providing the mobile device the access to the network device of the telecommunication network based on data provided by a source device communicatively coupled to the server device.
  - 14. The non-transitory machine-readable storage medium of claim 8, wherein the operations further comprise:
    - providing the mobile device the access to the network device of the telecommunication network based on service data indicative of network service parameters for respective mobile devices of the second mobile devices.
  - 15. The non-transitory machine-readable storage medium of claim 8, wherein the operations further comprise:
    - authorizing the mobile device to access the network device in response to a third determination that the mobile device is included in the second mobile devices.
  - 20. The non-transitory machine-readable storage medium of claim 8, wherein the operations further comprise:
    - comparing the access intelligence data to historical access intelligence data to evaluate accuracy of the access intelligence data.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
AT&T Intellectual Property I LP (AT&T, Inc.)
Original Assignee
AT&T Intellectual Property I LP (AT&T, Inc.)
Inventors
Wohlert, Randolph, Majmundar, Milap
Primary Examiner(s)
Zarrineh, Shahriar

Application Number

US15/331,428
Publication Number

US 20170041797A1
Time in Patent Office

1,292 Days
Field of Search

726 1
US Class Current
CPC Class Codes

H04L 63/083   using passwords cryptograph...

H04L 63/0861   using biometrical features,...

H04L 63/101   Access control lists [ACL]

H04W 12/068   using credential vaults, e....

H04W 12/069   using certificates or pre-s...

H04W 12/082   using revocation of authori...

H04W 48/16   Discovering, processing acc...

H04W 84/045   using private Base Stations...

H04W 88/08   Access point devices

Management of access to service in an access point

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

389 Citations

20 Claims

Specification

Use Cases

Quick Links

Others

Management of access to service in an access point

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

389 Citations

20 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others