Method and system for allowing multiple service providers to serve users via a common access network

US 7,617,317 B2
Filed: 12/03/2001
Issued: 11/10/2009
Est. Priority Date: 12/03/2001
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

receiving from a subscriber station on an access network an authentication request, the authentication request identifying the subscriber station and identifying a designated service provider from among a plurality of service providers;

sending the authentication request to the designated service provider;

receiving from the designated service provider an authentication response indicating successful authentication of the subscriber station by the designated service provider, wherein the authentication response includes a service qualification that indicates at least one of (i) one or more types of services authorized for the subscriber station and (ii) one or more extents of service authorized for the subscriber station, wherein the service qualification specifies one or more types of communication and, for each specified type of communication, specifies whether the subscriber station is allowed to engage in the specified type of communication;

responsive to the authentication response, assigning the subscriber station to operate in a designated layer of the access network set aside for subscribers that have been authenticated by the designated service provider and to operate according to the service qualification, wherein the access network is an IP network and the designated layer is an IP subnet, and wherein assigning the subscriber station to operate in the designated layer comprises assigning to the subscriber station an IP address in the IP subnet; and

serving the subscriber station in the designated layer of the access network and pursuant to the service qualification indicated in the authentication response,wherein serving the subscriber station in the designated layer comprises handling communications with the subscriber station according to a logic set established for the designated layer,wherein handling communications with the subscriber station according to the logic set established for the designated layer comprises (i) detecting a packet bearing the IP address assigned to the subscriber station, and (ii) responsively applying the logic set to restrict transmission of the packet,wherein handling communications with the subscriber station according to the logic set established for the designated layer comprises disallowing at least a predetermined type of communication from passing from the subscriber station to outside of the access network, andwherein serving the subscriber station pursuant to the service qualification indicated in the authentication response comprises, for each type of communication specified in the service qualification, allowing or disallowing the type of communication by the subscriber station as specified by the service qualification.

View all claims

6 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for allowing multiple service providers to provide services via a common access network. The access network is arranged with multiple logical network layers, each specific to a respective service provider. Upon successful authentication of a subscriber by a given service provider, the access network assigns that subscriber to the logical layer specific to the authenticating service provider. The access network then handles communication traffic in that logic layer in a manner specific to the service provider.

88 Citations

View as Search Results

16 Claims

1. A method comprising:
- receiving from a subscriber station on an access network an authentication request, the authentication request identifying the subscriber station and identifying a designated service provider from among a plurality of service providers;
  
  sending the authentication request to the designated service provider;
  
  receiving from the designated service provider an authentication response indicating successful authentication of the subscriber station by the designated service provider, wherein the authentication response includes a service qualification that indicates at least one of (i) one or more types of services authorized for the subscriber station and (ii) one or more extents of service authorized for the subscriber station, wherein the service qualification specifies one or more types of communication and, for each specified type of communication, specifies whether the subscriber station is allowed to engage in the specified type of communication;
  
  responsive to the authentication response, assigning the subscriber station to operate in a designated layer of the access network set aside for subscribers that have been authenticated by the designated service provider and to operate according to the service qualification, wherein the access network is an IP network and the designated layer is an IP subnet, and wherein assigning the subscriber station to operate in the designated layer comprises assigning to the subscriber station an IP address in the IP subnet; and
  
  serving the subscriber station in the designated layer of the access network and pursuant to the service qualification indicated in the authentication response,wherein serving the subscriber station in the designated layer comprises handling communications with the subscriber station according to a logic set established for the designated layer,wherein handling communications with the subscriber station according to the logic set established for the designated layer comprises (i) detecting a packet bearing the IP address assigned to the subscriber station, and (ii) responsively applying the logic set to restrict transmission of the packet,wherein handling communications with the subscriber station according to the logic set established for the designated layer comprises disallowing at least a predetermined type of communication from passing from the subscriber station to outside of the access network, andwherein serving the subscriber station pursuant to the service qualification indicated in the authentication response comprises, for each type of communication specified in the service qualification, allowing or disallowing the type of communication by the subscriber station as specified by the service qualification.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method of claim 1, wherein serving the subscriber station in the designated layer of the access network comprises:
    - a gateway on the access network detecting a web page being sent to the subscriber station; and
      
      the gateway modifying the web page to include an advertisement for the designated service provider.
  - 3. The method of claim 1, further comprising prompting the subscriber station to provide the authentication request.
  - 4. The method of claim 3, wherein prompting the subscriber station for the authentication request comprises:
    - presenting to a user of the subscriber station a set of the plurality of service providers; and
      
      prompting the user to select a service provider from among the plurality presented, wherein the user selects the designated service provider from among the plurality.
  - 5. The method of claim 1, wherein the access network comprises a wireless access network.
  - 6. The method of claim 1, further comprising:
    - before receiving the authentication response, assigning the subscriber station to operate in a default layer of the access network; and
      
      handling communications in the default layer according to a default logic set.
  - 7. The method of claim 1, wherein handling communications with the subscriber station according to the logic set established for the designated layer comprises:
    - detecting a web page being sent to an address on the designated layer; and
      
      injecting into the web page information specific to the designated service provider.
  - 8. The method of claim 7, wherein the information comprises an advertisement for the designated service provider.
  - 9. The method of claim 1, wherein the subscriber station communicates via an air interface with the access network.
  - 10. The method of claim 1, wherein disallowing at least the predetermined type of communication from passing from the subscriber station to outside of the access network comprises disallowing all communications from passing from the subscriber station to outside of the access network.

11. A method carried out by an access network, the method comprising:
- prompting a first client station to select a service provider from among a plurality of service providers, and receiving a signal from the first client station, indicating a first selected service provider;
  
  sending a first authentication request message for the first client station to the first selected service provider, the first authentication request message indicating authentication information for the first client station;
  
  receiving a first authentication response message from the first selected service provider, the first authentication response message indicating that first client station is authenticated by the first selected service provider, wherein the first authentication response includes a first service qualification that indicates at least one of (i) one or more types of services authorized for the first client station and (ii) one or more extents of service authorized for the first client station, wherein the first service qualification specifies one or more types of communication and, for each specified type of communication, specifies whether the first client station is allowed to engage in the specified type of communication; and
  
  in response to the first authentication response message, restricting the first client station to communications in a first logical layer of the access network associated with the first selected service provider and according to the first service qualification,wherein restricting the first client station to communications in the first logical layer of the access network associated with the first selected service provider comprises handling communications with the first client station according to a logic set established for the first logical layer,wherein handling communications with the first client station according to the logic set established for the first logical layer comprises disallowing at least a predetermined type of communication from passing from the first client station to outside of the access network, andwherein restricting the first client station to communications according to the first service qualification comprises, for each type of communication specified in the first service qualification, allowing or disallowing the type of communication by the first client station as specified by the first service qualification.
- View Dependent Claims (12, 13)
- - 12. The method of claim 11, further comprising:
    - prompting a second client station to select a service provider from among a plurality of service providers, and receiving a signal from the second client station, indicating a second selected service provider;
      
      sending a second authentication request message for the second client station to the first selected service provider, the second authentication request message indicating authentication information for the second client station;
      
      receiving a second authentication response message from the second selected service provider, the second authentication response message indicating that second client station is authenticated by the second selected service provider, wherein the second authentication response includes a second service qualification that indicates at least one of (i) one or more types of services authorized for the second client station and (ii) one or more extents of service authorized for the second client station; and
      
      in response to the second authentication response message, restricting the second client station to communications in a second logical layer of the access network associated with the second selected service provider and according to the second service qualification.
  - 13. The method of claim 11, wherein disallowing at least the predetermined type of communication from passing from the first client station to outside of the access network comprises disallowing all communications from passing from the first client station to outside of the access network.

14. A communication system comprising:
- means for prompting a first client station to select a service provider from among a plurality of service providers, and for receiving a signal from the first client station, indicating a first selected service provider;
  
  means for sending a first authentication request message for the first client station to the first selected service provider, the first authentication request message indicating authentication information for the first client station;
  
  means for receiving a first authentication response message from the first selected service provider, the first authentication response message indicating that first client station is authenticated by the first selected service provider, wherein the first authentication response includes a first service qualification that indicates at least one of (i) one or more types of services authorized for the first client station and (ii) one or more extents of service authorized for the first client station, wherein the first service qualification specifies one or more types of communication and, for each specified type of communication, specifies whether the first client station is allowed to engage in the specified type of communication; and
  
  means for responding to the first authentication response message by restricting the first client station to communications in a first logical layer of the access network associated with the first selected service provider and according to the first service qualification,wherein restricting the first client station to communications in the first logical layer of the access network associated with the first selected service provider comprises handling communications with the first client station according to a logic set established for the first logical layer, andwherein handling communications with the first client station according to the logic set established for the first logical layer comprises disallowing at least a predetermined type of communication from passing from the first client station to outside of the access network, andwherein restricting the first client station to communications according to the first service qualification comprises, for each type of communication specified in the first service qualification, allowing or disallowing the type of communication by the first client station as specified by the first service qualification.
- View Dependent Claims (15, 16)
- - 15. The communication system of claim 14, further comprising:
    - means for prompting a second client station to select a service provider from among a plurality of service providers, and for receiving a signal from the second client station, indicating a second selected service provider;
      
      means for sending a second authentication request message for the second client station to the first selected service provider, the second authentication request message indicating authentication information for the second client station;
      
      means for receiving a second authentication response message from the second selected service provider, the second authentication response message indicating that second client station is authenticated by the second selected service provider, wherein the second authentication response includes a second service qualification that indicates at least one of (i) one or more types of services authorized for the second client station and (ii) one or more extents of service authorized for the second client station; and
      
      means for responding to the second authentication response message by restricting the second client station to communications in a second logical layer of the access network associated with the second selected service provider and according to the second service qualification.
  - 16. The method of claim 14, wherein disallowing at least the predetermined type of communication from passing from the first client station to outside of the access network comprises disallowing all communications from passing from the first client station to outside of the access network.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Sprint Spectrum LP (Deutsche Telekom AG)
Original Assignee
Sprint Spectrum LP (Deutsche Telekom AG)
Inventors
Delker, Jason, Jones, Bryce A.
Primary Examiner(s)
Osman; Ramy M

Application Number

US10/004,994
Publication Number

US 20030212800A1
Time in Patent Office

2,899 Days
Field of Search

709/225, 709/227, 709/229, 709/218, 370/252, 713/155, 713/156, 726 2- 4
US Class Current

709/227
CPC Class Codes

H04L 63/104   Grouping of entities

H04W 12/088   using filters or firewalls

H04W 4/00   Services specially adapted ...

H04W 74/00   Wireless channel access

Method and system for allowing multiple service providers to serve users via a common access network

First Claim

6 Assignments

0 Petitions

Accused Products

Abstract

88 Citations

16 Claims

Specification

Use Cases

Quick Links

Others

Method and system for allowing multiple service providers to serve users via a common access network

First Claim

6 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

88 Citations

16 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others