MANAGING NETWORK RESOURCE ACCESS USING SESSION CONTEXT
First Claim
1. A method comprising:
- establishing, at a computing device, a user session in a service domain covering a service area to which the computing device provides a network service;
determining whether an authoritative user session has already been established in the service domain;
associating an access control list (ACL) to the user session;
receiving a request from a user device to access a controlled network resource; and
based on whether the ACL defines at least one permission for access to the controlled network resource, permitting or denying, to the user device, access to the controlled network resource.
0 Assignments
0 Petitions
Accused Products
Abstract
A computing device providing a network service to a service area may receive a connection request from a user device and generate a session start request to start a user session in a service domain covering the service area. One or more policy rules may be evaluated to determine whether any rule is applicable to the user device, which includes determining that an authoritative user session has already been established in the service domain. The user session may be established in the service domain for the user device, and at least one permission for access to a controlled network resource may be associated with the user session based on the determination that the authoritative user session has already been established. A request from the user device to access the controlled network resource may be received and access to the controlled network resource may be granted.
1 Citation
20 Claims
-
1. A method comprising:
-
establishing, at a computing device, a user session in a service domain covering a service area to which the computing device provides a network service; determining whether an authoritative user session has already been established in the service domain; associating an access control list (ACL) to the user session; receiving a request from a user device to access a controlled network resource; and based on whether the ACL defines at least one permission for access to the controlled network resource, permitting or denying, to the user device, access to the controlled network resource. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. An apparatus comprising:
-
one or more network parts to send/receive data packets to/from a communication network; and a processor coupled to the network ports, the processor configured to; establish, at a computing device, a user session in a service domain covering a service area to which the computing device provides a network service; determine whether an authoritative user session has already been established in the service domain; associate an access control list (ACL) to the user session; receive a request from a user device to access a controlled network resource; and based on whether the ACL defines at least one permission for access to the controlled network resource, permit or deny, to the user device, access to the controlled network resource. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A non-transitory computer readable storage media encoded with instructions that, when executed by a processor of a computing device, cause the processor to:
-
establish, at a computing device, a user session in a service domain covering a service area to which the computing device provides a network service; determine whether an authoritative user session has already been established in the service domain; associate an access control list (ACL) to the user session; receive a request from a user device to access a controlled network resource; and based on whether the ACL defines at least one permission for access to the controlled network resource, permit or deny, to the user device, access to the controlled network resource. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification