Wireless access system, method, signal, and computer program product

US 20050254651A1
Filed: 07/24/2002
Published: 11/17/2005
Est. Priority Date: 07/24/2001
Status: Active Grant

First Claim

Patent Images

1. A method for providing a wireless device access to a secure application via a client-server internetworking security protocol configured to at least one of control authentication, perform accounting, and provide access-control in a networked, multi-user environment, comprising steps of:

accessing a wireless network from said wireless device;

transmitting user identification and authentication information from said wireless device to a wireless access service mechanism configured to process said user identification and authentication information;

producing, by the wireless access service mechanism, a client-server internetworking security protocol authentication request message based on said user identification and authentication information; and

transmitting said client-server internetworking security protocol authentication request message from said wireless access service mechanism to a client-server internetworking security protocol authentication device configured to perform client-server internetworking security protocol authentication.

View all claims

8 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system, method, signal, and computer program product for providing secure wireless access to private databases and applications without requiring a separate wireless client-server internetworking security protocol infrastructure. The wireless device (201) communicates with the wireless access service provider (205) via hypertext transfer protocol (HTTP) messages, and the wireless access service provider (205) and the secure network (204) perform a RADIUS authentification for the wireless device (201).

84 Citations

View as Search Results

31 Claims

1. A method for providing a wireless device access to a secure application via a client-server internetworking security protocol configured to at least one of control authentication, perform accounting, and provide access-control in a networked, multi-user environment, comprising steps of:
- accessing a wireless network from said wireless device;
  
  transmitting user identification and authentication information from said wireless device to a wireless access service mechanism configured to process said user identification and authentication information;
  
  producing, by the wireless access service mechanism, a client-server internetworking security protocol authentication request message based on said user identification and authentication information; and
  
  transmitting said client-server internetworking security protocol authentication request message from said wireless access service mechanism to a client-server internetworking security protocol authentication device configured to perform client-server internetworking security protocol authentication.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
- - 2. The method of claim 1, wherein:
    - said client-server internetworking security protocol comprises RADIUS.
  - 3. The method of claim 2, wherein:
    - said step of transmitting said client-server internetworking security protocol authentication request message includes transmitting via one of a direct connection and a local network.
  - 4. The method of claim 3, further comprising:
    - processing said client-server internetworking security protocol authentication request message by said client-server internetworking security protocol authentication device; and
      
      transmitting at least one of a client-server internetworking security protocol authentication accept message and a client-server internetworking security protocol authentication reject message from said client-server internetworking security protocol authentication device to said wireless access service mechanism via one of a direct connection and a local network.
  - 5. The method of claim 4, further comprising:
    - processing a client-server internetworking security protocol authentication accept message at said wireless access service mechanism;
      
      transmitting a client-server internetworking security protocol access Accounting-Start Message from said wireless access service mechanism to said client-server internetworking security protocol authentication device via one of a direct connection and a local network;
      
      transmitting a session start message from said wireless access service mechanism to a wireless gateway device via one of a direct connection and a local network; and
      
      transmitting a wireless authentication acceptance message from said wireless access service mechanism to said wireless device.
  - 6. The method of claim 5, further comprising:
    - timing a connection time between said wireless device and said wireless gateway device so as to produce a wireless timing parameter at said wireless access service mechanism; and
      
      transmitting a session end notification from said wireless access service mechanism to at least one of said wireless gateway device and said wireless device when said wireless timing parameter exceeds a predetermined timing value.
  - 7. The method of claim 5, further comprising:
    - transmitting a client-server internetworking security protocol access authentication Accounting-End Message from said wireless access service mechanism to said client-server internetworking security protocol authentication device via one of a direct connection and a local network.
  - 8. The method of claim 6, further comprising:
    - transmitting a client-server internetworking security protocol access authentication Accounting-End Message from said wireless access service mechanism to said client-server internetworking security protocol authentication device via one of a direct connection and a local network.
  - 9. The method of claim 4, further comprising:
    - processing a client-server internetworking security protocol authentication reject message at said wireless access service mechanism; and
      
      transmitting a wireless authentication rejection message from said wireless access service mechanism to said wireless device.
  - 10. The method of claim 2, wherein:
    - said step of transmitting said client-server internetworking security protocol authentication request message includes transmitting via a global network.
  - 11. The method of claim 10, further comprising:
    - processing a client-server internetworking security protocol authentication accept message at said wireless access service mechanism;
      
      transmitting a session start message from said wireless access service mechanism to a wireless gateway device via a global network;
      
      transmitting a wireless authentication acceptance message from said wireless access service mechanism to said wireless device; and
      
      transmitting a client-server internetworking security protocol access authentication Accounting-Start Message from said wireless access service mechanism to said client-server internetworking security protocol authentication device via a global network.
  - 12. The method of claim 11, further comprising:
    - timing a connection time between said wireless device and said wireless gateway device so as to produce a wireless timing parameter at said wireless access service mechanism; and
      
      transmitting a session end notification from said wireless access service mechanism to at least one of said wireless gateway device and said wireless device via a global network when said wireless timing parameter exceeds a predetermined timing value.
  - 13. The method of claim 11, further comprising:
    - transmitting a client-server internetworking security protocol access authentication Accounting-End Message from said wireless access service mechanism to said client-server internetworking security protocol authentication device via a global network.
  - 14. The method of claim 12, further comprising:
    - transmitting a client-server internetworking security protocol access authentication Accounting-End Message from said wireless access service mechanism to said client-server internetworking security protocol authentication device via a global network.
  - 15. The method of claim 10, further comprising:
    - processing a client-server internetworking security protocol authentication reject message at said wireless access service mechanism; and
      
      transmitting a wireless authentication rejection message from said wireless access service mechanism to said wireless device.

16. A system configured to interface a wireless device to a secure application via a client-server internetworking security protocol configured to at least one of control authentication, perform accounting, and provide access-control in a networked, multi-user environment authentication, comprising:
- said wireless device connected to a wireless service provider via a wireless connection medium;
  
  a wireless access service mechanism connected to said wireless service provider via a global telecommunications network, said wireless access service mechanism configured to convert between a wireless authentication protocol and a client-server internetworking security protocol; and
  
  a client-server internetworking security protocol authentication device connected to said wireless access service mechanism.
- View Dependent Claims (17, 18, 19, 20, 21, 22)
- - 17. The system of claim 16, wherein:
    - said client-server internetworking security protocol comprises RADIUS.
  - 18. The system of claim 17, further comprising:
    - a wireless gateway device connected to said wireless access service mechanism; and
      
      a secure application connected to said wireless gateway device.
  - 19. The system of claim 17, wherein:
    - said wireless access service mechanism and said client-server internetworking security protocol authentication device are connected by one of a direct connection and a local network.
  - 20. The system of claim 17, wherein:
    - said wireless access service mechanism and said client-server internetworking security protocol authentication device are connected by a global network.
  - 21. The system of claim 18, wherein:
    - said wireless access service mechanism and said wireless gateway device are connected by one of a direct connection and a local network.
  - 22. The system of claim 18, wherein:
    - said wireless access service mechanism and said wireless gateway device are connected by a global network.

23. An apparatus configured to interface at least one wireless client application to at least one secure application via a client-server internetworking security protocol configured to at least one control authentication, perform accounting, and provide access-control in a networked, multi-user environment authentication, comprising:
- a wireless access service mechanism configured to convert a wireless authentication protocol to a client-server internetworking security protocol and to exchange client-server internetworking security protocol authentication messages with a client-server internetworking security protocol authentication device.
- View Dependent Claims (24, 25, 26, 27)
- - 24. The apparatus of claim 23, wherein:
    - said client-server internetworking security protocol comprises RADIUS.
  - 25. The apparatus of claim 24, wherein:
    - said wireless access service mechanism is further configured to transmit a session start message to at least one of a wireless gateway device and said wireless device.
  - 26. The apparatus of claim 24, wherein:
    - said wireless access service mechanism is further configured to transmit at least one of a client-server internetworking security protocol authentication account-start and a client-server internetworking security protocol authentication account-end message to said client-server internetworking security protocol authentication device.
  - 27. The apparatus of claim 24, wherein:
    - said wireless access service mechanism is further configured to time a wireless application session and to send a session time-expired message to at least one of a wireless gateway device and a wireless device.

28. A system configured to interface at least one wireless client application to at least one secure application, comprising:
- means for connecting a wireless client device to a secure private network so as to produce a secure wireless connection, said wireless client device configured to produce wireless authentication information and said secure private network configured to manage access based on client-server internetworking security protocol information configured to at least one of control authentication, perform accounting, and provide access-control in a networked, multi-user environment;
  
  means for converting said wireless authentication information to said client-server internetworking security protocol authentication information; and
  
  means for initiating, managing, and terminating said secure wireless connection.
- View Dependent Claims (29)
- - 29. The system of claim 28, wherein:
    - said client-server internetworking security protocol comprises RADIUS.

30. A computer program product, comprising:
- at least one of unit of software and a unit of firmware configured to convert a wireless authentication message to a client-server internetworking security protocol message and to exchange a client-server internetworking security protocol message with a client-server internetworking security protocol device.
- View Dependent Claims (31)
- - 31. The computer program product of claim 30, wherein:
    - said client-server internetworking security protocol comprises RADIUS.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
Fiberlink Communications Corporation (International Business Machines Corporation)
Inventors
Porozni, Baryy Ian, Schille, Glenn Alan, Nicodemus, Blair Gaver

Granted Patent

US 7,712,128 B2
Time in Patent Office

Days
Field of Search
US Class Current

380/270
CPC Class Codes

H04L 63/0892   by using authentication-aut...

H04L 63/108   when the policy decisions a...

H04W 12/06   Authentication

H04W 12/08   Access security

H04W 12/35   Protecting application or s...

H04W 8/26   Network addressing or numbe...

H04W 80/00   Wireless network protocols ...

Wireless access system, method, signal, and computer program product

First Claim

8 Assignments

0 Petitions

Accused Products

Abstract

84 Citations

31 Claims

Specification

Use Cases

Quick Links

Others

Wireless access system, method, signal, and computer program product

First Claim

8 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

84 Citations

31 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others