US2011030037A1PendingUtilityA1

Zone migration in network access

54
Assignee: OLSHANSKY VADIMPriority: Jul 7, 2009Filed: Aug 3, 2009Published: Feb 3, 2011
Est. expiryJul 7, 2029(~3 yrs left)· nominal 20-yr term from priority
H04L 12/4641H04W 84/12H04L 63/10H04L 63/107H04L 63/08H04L 63/102G06F 21/30H04L 63/0209H04W 12/08
54
PatentIndex Score
0
Cited by
0
References
0
Claims

Abstract

The present disclosure is directed to providing a network user the ability to travel between different zones or locations within a network environment, such as, for example, a hospitality location, without requiring a user to re-login to the new location, while requiring a user to re-login to other locations within the network environment.

Claims

exact text as granted — not AI-modified
1 . A method for determining whether to allow a network user communicating with a first access location within a privately controlled computer network including multiple access locations to migrate from one access location to another access location without re-authentication, the method comprising:
 providing a plurality of network access locations configured to provide one or more user device's access to a privately controlled computer network;   defining migration permissions for migrating between individual network access locations in the plurality of network access locations, where the migration permissions establish migration rights between individual network access locations in the plurality of network access locations without requiring a user to re-login;   allowing a user device to migrate from communicating with a first network access location in the plurality of network access locations to a second network access location in the plurality of network access locations without requiring the user to re-login; and   requiring the user to re-login when migrating from the first network access location to a third network access location.   
     
     
         2 . The method of  claim 1 , wherein the network access location is a port. 
     
     
         3 . The method of  claim 2 , wherein the port is a VLAN port. 
     
     
         4 . The method of  claim 1 , wherein the first and second network access locations are comprised in a first zone of network access location and the third network access location is comprised in a second zone of network access locations. 
     
     
         5 . The method of  claim 4 , wherein the first zone comprises network access locations located in a first physical area and the second zone comprises network access locations located in a second physical area. 
     
     
         6 . The method of  claim 4 , further comprising assigning a first SSID to the first zone and a second SSID to the second zone. 
     
     
         7 . The method of  claim 1 , further comprising assigning a first SSID to the first and second network access locations and a second SSID to the third access location. 
     
     
         8 . A system for providing computer network access in a secure computer network including a plurality of computer network access points, the system comprising:
 one or more network management devices configured to provide network communications services for one or more network enabled devices; and   a plurality of network access points configured to provide communications portals for facilitating communications between the one or more network management devices and the one or more network enabled devices, the one or more network access points are controllable by the one or more network management devices to allow or deny communications via a second network access point of the plurality of network access points based on an authorization to use a first network access point of the plurality of network access points.   
     
     
         9 . The system of  claim 8 , wherein the network access points are organized into a plurality of zones, wherein each zone includes at least one network access point. 
     
     
         10 . The system of  claim 9 , wherein at least one SSID is assigned to at least one zone in the plurality of zones. 
     
     
         11 . The system of  claim 10 , wherein at least two SSID's are assigned to the at least one zone in the plurality of zones. 
     
     
         12 . The system of  claim 9 , wherein the one or more network management devices allow communications via the second network access point if the first access point is in the same zone and deny communications via the second network access point if the second network access point is in a different zone. 
     
     
         13 . The system of  claim 9 , wherein the one or more network management devices define the zone of the first network access point as a home zone and allow communications with other access points in the plurality of access points corresponding to a second zone if the home zone is defined to allow access to the second zone access points. 
     
     
         14 . The method of  claim 8 , wherein the network access point is a port. 
     
     
         15 . A method of providing a user the ability to move between different locations of network access without requiring re-authentication comprising:
 defining one or more zones, each zone including a plurality of network access locations;   allowing a network user to move from a first network access location in the plurality of network access locations to a second network access location in the plurality of network access locations without requiring re-authorization to access the second network access location, where the first network access location and the second network access location form part of a first zone in the one or more zones; and   requiring re-authentication from the user when moving from either the first or second network access locations to a third access location, where the third access location is not part of the first zone.   
     
     
         16 . The method of  claim 15 , wherein the network access location is a port. 
     
     
         17 . The method of  claim 15 , wherein re-authorization is required to access a network access location forming part of a second zone. 
     
     
         18 . The method of  claim 15 , wherein defining comprises assigning one or more network address locations to a zone. 
     
     
         19 . The method of  claim 15 , wherein re-authentication comprises using a login screen. 
     
     
         20 . A system which provides access rights to a secure computer network based on a physical location of a user, the system comprising:
 a network interface configured to communicate with one or more network enabled user devices and to communicate with other network devices, the network interface configured to provide communications between the one or more network enabled user devices and the other network devices;   a database configured with location dependant network access rights; and   a processor in communication with the network interface and the database, the processor configured to allow or deny network communications through the network interface based on a first location dependant authorization for a network enabled user devices at a first location to communicate through the network interface, the processor further configured to allow communications for the network enabled user device at a second location without re-authorization and require reauthorization for the network enabled user device at a third location.   
     
     
         21 . The system of  claim 20 , the location of the network enabled user device is determined based on a port accessed by the network enabled user device. 
     
     
         22 . The system of  claim 21 , wherein the location dependant network access rights are configured to provide access without re-authorization between ports that form part of a first zone, the first zone including one or more ports, and to require re-authorization when the network enabled user device migrates to a port in a second zone, the second zone including one or more ports. 
     
     
         23 . The system of  claim 20 , wherein authorization comprises one or more of a login, payment of fees, a request for access, or entry of a code. 
     
     
         24 . The system of  claim 20 , wherein authorization comprises the payment of a fee. 
     
     
         25 . The system of  claim 20 , wherein a first SSID is assigned to the first location. 
     
     
         26 . The system of  claim 20 , wherein a plurality of SSIDs are assigned to the first location. 
     
     
         27 . The system of  claim 20 , wherein a first SSID is assigned to the first and second locations and a second SSID is assigned to the third location. 
     
     
         28 . The system of  claim 27 , wherein a third SSID is assigned to the first, second and third locations, and wherein a second network enabled user device configured to access the third SSID is allowed to access the first, second and third locations without re-authorization.

Cited by (0)

No later patents cite this yet.

References (0)

No backward citations on record.