Method of user access authorization in wireless local area network

Abstract

The present invention discloses a method of user access authorization in wireless local area networks. The method comprises: when a Wireless Local Area Network (WLAN) user terminal is accessing a WLAN operational network the WLAN operational network while authenticating this WLAN user terminal judging whether to allow this WLAN user terminal to access according to authorization conditions having an impact on the access of this WLAN user terminal if yes the WLAN operational network will determine the access rules of this WLAN user terminal according to the said authorization conditions; otherwise the WLAN operational network will notify the WLAN user terminal about the failure. Different users can be controlled to access the network according to different authorization conditions and be restricted by different access rules after getting accessed. Thus the access control capability of a wireless local area network is enhanced and the working efficiency of the network is improved.

SEP Database Augmented SEP Database

Explicitly Disclosed

Patent Type

Technology	Declaration Information			Specification Information				Explicitly Disclosed	Patent Type
Technology	Declaration Date	Declaration Reference	Declaring Company	Specification Number				Explicitly Disclosed	Patent Type
4G,3G	28/04/2005	ISLD-200505-003	HUAWEI	S1 TS Number: TS 123 234 Version No: Illustrative part: ---- Release: + -				No	Family Member

Specification Information

Spec Number

Version Number

Section Number

Specification Information

Spec Number

Version Number

Section Number

Technologies

2G 3G 4G 5G

Family Information

All Granted Patents In Patent Family :	----
All Pending Patents In Patent Family :	----

SEP Database Augmented SEP Database

Explicitly Disclosed

Patent Type

Publication No	Technology	Declaration Information			Specification Information	Explicitly Disclosed	Patent Type
Publication No	Technology	Declaration Date	Declaration Reference	Declaring Company	Specification Number	Explicitly Disclosed	Patent Type
CN1266891C	4G,3G	28/04/2005	ISLD-200505-003	HUAWEI	S1 TS Number: TS 123 234 Version No: ---- Section No: ---- Release : ---- + -	Yes	Basis Patent
CN1553656A	4G,3G	28/04/2005	ISLD-200505-003	HUAWEI	S1 TS Number: TS 123 234 Version No: ---- Section No: ---- Release : ---- + -	Yes	Basis Patent
WO2004109980A1	4G,3G	28/04/2005	ISLD-200505-003	HUAWEI	S1 TS Number: TS 123 234 Version No: ---- Section No: ---- Release : ---- + -	Yes	Family Member
CA2523416A1	4G,3G	28/04/2005	ISLD-200505-003	HUAWEI	S1 TS Number: TS 123 234 Version No: ---- Section No: ---- Release : ---- + -	No	Family Member
EP1633083A1	4G,3G	28/04/2005	ISLD-200505-003	HUAWEI	S1 TS Number: TS 123 234 Version No: ---- Section No: ---- Release : ---- + -	No	Family Member
EP1633083A4	4G,3G	28/04/2005	ISLD-200505-003	HUAWEI	S1 TS Number: TS 123 234 Version No: ---- Section No: ---- Release : ---- + -	No	Family Member
JP2006526917A	4G,3G	28/04/2005	ISLD-200505-003	HUAWEI	S1 TS Number: TS 123 234 Version No: ---- Section No: ---- Release : ---- + -	No	Family Member
RU2005134506A	4G,3G	28/04/2005	ISLD-200505-003	HUAWEI	S1 TS Number: TS 123 234 Version No: ---- Section No: ---- Release : ---- + -	No	Family Member
RU2316903C2	4G,3G	28/04/2005	ISLD-200505-003	HUAWEI	S1 TS Number: TS 123 234 Version No: ---- Section No: ---- Release : ---- + -	No	Family Member
US2006109826A1	4G,3G	28/04/2005	ISLD-200505-003	HUAWEI	S1 TS Number: TS 123 234 Version No: ---- Section No: ---- Release : ---- + -	No	Family Member
US7519036B2	4G,3G	28/04/2005	ISLD-200505-003	HUAWEI	S1 TS Number: TS 123 234 Version No: ---- Section No: ---- Release : ---- + -	No	Family Member
US2009158442A1	4G,3G	28/04/2005	ISLD-200505-003	HUAWEI	S1 TS Number: TS 123 234 Version No: ---- Section No: ---- Release : ---- + -	No	Family Member

Publication No	Technology	Declaration Information			Specification Information				Explicitly Disclosed	Patent Type	Status	National Phase Entries
Publication No	Technology	Declaration Date	Declaration Reference	Declaring Company	Specification Information				Explicitly Disclosed	Patent Type	Status	National Phase Entries
-----	-----	-----	-----	-----	S1 TS Number: ----- Version No: ----- Section No:----- Release:----- + -				-----	-----	-----	-----

Technologies

Non 3GPP technology

Product

Not Available

Use Cases

Not Available

Services

Not Available

Claim

1. A method of user access control to a wireless telecommunications network, comprising:
an access authentication process including authenticating a wireless local area network (WLAN) user terminal upon receiving an access request for accessing a WLAN operational network from the WLAN user terminal; and
an access authorization process comprising:
verifying whether the WLAN user terminal is allowed to access the WLAN operational network, wherein whether the WLAN user terminal is allowed to access the WLAN operational network is verified according to authorization conditions; and
determining access rules to be applied to the WLAN user terminal at least based on the authorization conditions, wherein the access rules are configured to restrict the access of the WLAN user terminal to access the WLAN operational network, and

wherein the access authorization process occurs after the access authentication process succeeds, and if the access request complies with the access rules, the method further comprises:
performing a service authorization, wherein the service authorization determines whether the WLAN user terminal is allowed to access a service.', 'an access authentication process including authenticating a wireless local area network (WLAN) user terminal upon receiving an access request for accessing a WLAN operational network from the WLAN user terminal; and', 'an access authorization process comprising:
verifying whether the WLAN user terminal is allowed to access the WLAN operational network, wherein whether the WLAN user terminal is allowed to access the WLAN operational network is verified according to authorization conditions; and
determining access rules to be applied to the WLAN user terminal at least based on the authorization conditions, wherein the access rules are configured to restrict the access of the WLAN user terminal to access the WLAN operational network, and', 'verifying whether the WLAN user terminal is allowed to access the WLAN operational network, wherein whether the WLAN user terminal is allowed to access the WLAN operational network is verified according to authorization conditions; and', 'determining access rules to be applied to the WLAN user terminal at least based on the authorization conditions, wherein the access rules are configured to restrict the access of the WLAN user terminal to access the WLAN operational network, and', 'wherein the access authorization process occurs after the access authentication process succeeds, and if the access request complies with the access rules, the method further comprises:
performing a service authorization, wherein the service authorization determines whether the WLAN user terminal is allowed to access a service.', 'performing a service authorization, wherein the service authorization determines whether the WLAN user terminal is allowed to access a service.', "2. The method according to claim 1, wherein the authorization conditions comprise one or more of the following: a user's account information, a user's subscriber information, managing rules of operators, and operational rules of operators.", '3. The method according to claim 1, wherein the access rules include one or more of the following: access scope limitation, access time limitation, and access path.

4. The method according to claim 1, wherein the access rules are determined by an authentication, authorization and accounting (AAA) server in the WLAN operational network.

5. The method according to claim 4, wherein the determined access rules are implemented by one or more of the following network entities: the AAA server, a WLAN access gateway (WAG), a service authorization unit, the WLAN user terminal, an Access Point (AP), and an access controller (AC).

6. The method according to claim 1, wherein the access rules are implemented by using one or more of the following methods: an IP allocation scheme, a Virtual Local Area Network (VLAN) allocation, and filtering.

7. The method according to claim 1, further comprising:
notifying the WLAN user terminal of the success of the access authentication and the access authorization in one message.', 'notifying the WLAN user terminal of the success of the access authentication and the access authorization in one message.

8. The method according to claim 7, further comprising:
notifying the user terminal the determined access rules using the message.', 'notifying the user terminal the determined access rules using the message.

9. The method according to claim 1, wherein the WLAN operational network comprises one of: a 3GPP-WLAN inter-working network, and a 3GPP2-WLAN inter-working network

10. A system for user access control, the system comprising:
a wireless local area network (WLAN) user terminal; and
an authentication, authorization and accounting (AAA) server included in a WLAN operational network and in communication with the WLAN user terminal,
wherein the WLAN user terminal is configured to send an access request for accessing the WLAN operational network to the AAA server,
the AAA server is configured to:
perform an access authentication process including authenticating eligibility of the WLAN user terminal upon receiving the access request, and
perform an access authorization after the access authentication process is successful;

wherein the access authorization includes:
verifying whether the WLAN user terminal is allowed to access the WLAN operational network according to authorization conditions, and
determining access rules to be applied to the WLAN user terminal at least based on the authorization conditions, wherein the determined access rules include an access limitation policy configured to restrict the access of the WLAN user terminal to access the WLAN operational network,

and if the access request complies with the access rules, the AAA server is further configured to:
perform a service authorization, wherein the service authorization determines whether the WLAN user terminal is allowed to access a service.', 'a wireless local area network (WLAN) user terminal; and', 'an authentication, authorization and accounting (AAA) server included in a WLAN operational network and in communication with the WLAN user terminal,', 'wherein the WLAN user terminal is configured to send an access request for accessing the WLAN operational network to the AAA server,', 'the AAA server is configured to:
perform an access authentication process including authenticating eligibility of the WLAN user terminal upon receiving the access request, and
perform an access authorization after the access authentication process is successful;', 'perform an access authentication process including authenticating eligibility of the WLAN user terminal upon receiving the access request, and', 'perform an access authorization after the access authentication process is successful;', 'wherein the access authorization includes:
verifying whether the WLAN user terminal is allowed to access the WLAN operational network according to authorization conditions, and
determining access rules to be applied to the WLAN user terminal at least based on the authorization conditions, wherein the determined access rules include an access limitation policy configured to restrict the access of the WLAN user terminal to access the WLAN operational network,', 'verifying whether the WLAN user terminal is allowed to access the WLAN operational network according to authorization conditions, and', 'determining access rules to be applied to the WLAN user terminal at least based on the authorization conditions, wherein the determined access rules include an access limitation policy configured to restrict the access of the WLAN user terminal to access the WLAN operational network,', 'and if the access request complies with the access rules, the AAA server is further configured to:', 'perform a service authorization, wherein the service authorization determines whether the WLAN user terminal is allowed to access a service

11. The network system of claim 10, wherein the AAA server is further configured to notify the WLAN user terminal of the success of the access authentication and the access authorization using a single message.12. The network system of claim 11, wherein the AAA server is further configured to inform the WLAN user terminal of the determined access rules using the single message.13. The network system of claim 10, wherein the AAA server is further configured to notify a network entity, capable of implementing the access rules, of the determined access rules in order to restrict the access of the WLAN user terminal in accordance with the access rules.14. The network system of claim 13, wherein the network entity capable of implementing the access rules comprises one or more of the following: a WLAN access gateway (WAG), a service authorization unit, an Access Point (AP), and an access controller (AC).15. The network system of claim 10, wherein the WLAN operational network comprises one of: a 3GPP-WLAN inter-working network, and a 3GPP2-WLAN inter-working network.16. A wireless telecommunications network, comprising:
an access authentication module, configured to authenticate a wireless local area network (WLAN) user terminal requesting an access to the network, in response to an access request for accessing the network from the user terminal;
an access authorization module, configured to perform an access authorization of the WLAN user terminal after the access authentication module successfully authenticates the WLAN user terminal; and
a service authorization module;
wherein the access authorization process comprises verifying whether the WLAN user terminal is allowed to access the network according to authorization conditions and determining access rules to be applied to the WLAN user terminal based on the authorization conditions,
wherein the access rules are configured to allow the network to restrict the access of the user terminal to access the WLAN operational network, and
wherein if the access request complies with the access rules, the service authorization module is configured to perform a service authorization process to determine whether the WLAN user terminal is allowed to access a service.', 'an access authentication module, configured to authenticate a wireless local area network (WLAN) user terminal requesting an access to the network, in response to an access request for accessing the network from the user terminal;', 'an access authorization module, configured to perform an access authorization of the WLAN user terminal after the access authentication module successfully authenticates the WLAN user terminal; and', 'a service authorization module;', 'wherein the access authorization process comprises verifying whether the WLAN user terminal is allowed to access the network according to authorization conditions and determining access rules to be applied to the WLAN user terminal based on the authorization conditions,', 'wherein the access rules are configured to allow the network to restrict the access of the user terminal to access the WLAN operational network, and', 'wherein if the access request complies with the access rules, the service authorization module is configured to perform a service authorization process to determine whether the WLAN user terminal is allowed to access a service.17. The wireless telecommunications network of claim 16, wherein the access authentication module and the access authorization module are included in an authentication, authorization and accounting (AAA) server.18. The wireless telecommunications network according to claim 17, wherein the access rules to be applied to the WLAN user terminal are determined by the AAA server.19. The wireless telecommunications network according to claim 18, wherein the AAA server is configured to inform the WLAN user terminal of success of the access authentication and access authorization in a single message.', '20. The wireless telecommunications network according to claim 19, wherein the AAA server is further configured to notify the WLAN user terminal of the determined access rules. | 21. The wireless telecommunications network according to claim 16, wherein the determined access rules are implemented in one or more of the following: a WLAN access gateway (WAG), a service authorization unit, an Access Point (AP), and an access controller (AC) within the network.', '22. The wireless telecommunications network according to claim 16, wherein the wireless telecommunication network comprises one of: a 3GPP-WLAN inter-working network, and a 3GPP2-WLAN inter-working network.', '23. An authentication, authorization and accounting (AAA) server, comprising:
a receiver, configured to receive an access request for accessing a wireless local area network (WLAN) operational network from a WLAN user terminal; and
a processor, configured to:
authenticate the WLAN user terminal in response to the access request from the WLAN user terminal; and
perform an access authorization process of the WLAN user terminal after the WLAN user terminal is authenticated successfully;
wherein the access authorization process comprises verifying whether the WLAN user terminal is allowed to access the WLAN operational network according to authorization conditions; and determining access rules to be applied to the WLAN user terminal based on the authorization conditions; wherein the access rules are configured to allow the WLAN operational network to restrict the access of the user terminal to access the WLAN operational network; and
wherein if the access request complies with the access rules, the processor is further configured to:
perform a service authorization process to determine whether the WLAN user terminal is allowed to access a service.', 'a receiver, configured to receive an access request for accessing a wireless local area network (WLAN) operational network from a WLAN user terminal; and', 'a processor, configured to:', 'authenticate the WLAN user terminal in response to the access request from the WLAN user terminal; and', 'perform an access authorization process of the WLAN user terminal after the WLAN user terminal is authenticated successfully;', 'wherein the access authorization process comprises verifying whether the WLAN user terminal is allowed to access the WLAN operational network according to authorization conditions; and determining access rules to be applied to the WLAN user terminal based on the authorization conditions; wherein the access rules are configured to allow the WLAN operational network to restrict the access of the user terminal to access the WLAN operational network; and', 'wherein if the access request complies with the access rules, the processor is further configured to:', 'perform a service authorization process to determine whether the WLAN user terminal is allowed to access a service.', "24. The AAA server according to claim 23, wherein the authorization conditions comprise one or more of the following: a user's account information, a user's subscriber information, managing rules of operators, and operational rules of operators.", '25. The AAA server according to claim 23, wherein the access rules comprises one or more of the following: access scope limitation, access time limitation, and access path.', '26. The AAA server according to claim 23, wherein the AAA server is further configured to notify the WLAN user terminal of the determined access rules.', '27. The AAA server according to claim 23, wherein the determined access rules are implemented in one or more of the following: a WLAN access gateway (WAG), a service authorization unit, an Access Point (AP), and an access controller (AC).']

Associated Portfolios

Licensor Claim Chart

Claim Chart	Technology	Creation Date	Download
Claim charts will soon be available!

Patent claim chart for sale

SUMMARY

Please Place the order to get the claim chart for the patent

ClaimChart-US8077688B2-STO

Patent number:US8077688B2

Claim Chart Type : SEP Claim Chart

Price: 200 €

Add To Cart

Note:

The information in blue was extracted from the third parties (Standard Setting Organisation, Espacenet)

The information in grey was provided by the patent holder

The information in purple was extracted from the FrandAvenue

Explicitly disclosed patent:openly and comprehensibly describes all details of the invention in the patent document.

Implicitly disclosed patent:does not explicitly state certain aspects of the invention, but still allows for these to be inferred from the information provided.

Basis patent:The core patent in a family, outlining the fundamental invention from which related patents or applications originate.

Family member:related patents or applications that share a common priority or original filing.