Electrical computers and digital processing systems: multicomput – Computer network managing – Computer network access regulating
Reexamination Certificate
1998-04-14
2001-03-20
Maung, Zarni (Department: 2154)
Electrical computers and digital processing systems: multicomput
Computer network managing
Computer network access regulating
C709S229000, C709S203000, C709S217000
Reexamination Certificate
active
06205479
ABSTRACT:
FIELD OF THE INVENTION
The invention relates to communications networks. More particularly, the invention relates to a method and apparatus to control a client in a communications network.
BACKGROUND OF THE INVENTION
A packet-based communications network can transmit a data stream of bits in the form of packets of fixed or variable length for the purpose of moving information between computers. Each packet is routed through the network based on address information contained in the data stream. There are approximately 30 million users of packet networks in the U.S. The Internet, the largest and most well-known of the existing packet networks, connects millions of computers in countries across the world. In addition to the Internet, many companies use packet networks, locally or internally within the company, which are functionally modeled on the Internet. These packet networks, denoted “intranets” or “extranets,” are compatible with the Internet Protocol (IP), a communications protocol for the address information of data packets transmitted using the Internet.
The World Wide Web, or “Web,” represents a portion of the information on the Internet accessible through a graphical user interface software program, commonly known as a Web “browser.” The Netscape Navigator™ browser, available from Netscape Communications Corporation in Mountain View, Calif., is one example of a Web browser. The Web is made up of “pages” that are stored and transmitted over the Internet using the Hyper Text Markup Language (HTML) by computer, known as “servers.” In general, a Web page can include combinations of text, graphics, sound, video and small application programs. A Web page can also include a “link” which, when selected by a user, results in the automatic display of another Web page.
Typically, a user will access the Web by establishing a communications link with, or “logging onto,” an Internet Service Provider (ISP), perhaps over a telephone line using a modem. When the user requests a Web page, the user's browser communicates with the Internet through the ISP to retrieve the information related to the requested page. The ISP, which can serve thousands of users, generates revenue by charging each user a fee, such as a flat monthly fee, for the service. The ISP can also charge the user a time based fee in addition to, or instead of, the flat fee. Some ISPs also limit the amount of time that a given user can spend accessing the Internet.
The equipment required to operate an ISP can be very expensive, especially if the ISP expects to serve many users. The ISP may have to install, for example, a large number of phone lines, packet routers and communication switches. Moreover, the maintenance and technical support required to keep this equipment running can be difficult and expensive.
A company with the marketing ability required to attract a large number of users may not have the resources and expertise needed to provide Internet access. The company may, for example, be well known by users in a different, but related, field. Such company may also have, or not have, the resources and expertise needed to handle the billing and accounting functions typically provided by an ISP. Conversely, a company with Internet access equipment may not be interested in, or be capable of, the marketing required to attract a large number of users. The company may also lack a support staff to answer user questions and an accounting system to track and bill users.
To solve this problem, it is known that a branded Internet access re-seller can be established to handle the marketing and accounting aspects of Internet access. Such a “virtual” ISP can lease Internet access time from a traditional “hardware capable” ISP, such as for a flat or time based fee.
FIG. 1
is a block diagram of a known system of providing access to the Internet
300
through a virtual ISP
200
. The virtual ISP
200
serves a number of users
110
,
120
,
130
by leasing access from a number of ISPs
210
,
220
that route communications to and from the Internet
300
.
A user subscribes directly with the virtual ISP
200
for Internet access. The virtual ISP
200
assigns a user identifier (ID) and password to the user, and provides this information to one of the ISPs, such as the first ISP
210
. The user is typically unaware of the identity of the ISP
210
that actually provides access to the Internet. The virtual ISP
200
also provides the user with a client software program
114
to be used when accessing the Internet
300
. As used herein, a “client” is a requesting computer program, and a “server” is a computer program that provides service to the client in response to the request.
To access the Internet
300
, the user runs the client program
114
on a PC
110
. The client program
114
may include, for example, a communications software program and may be configured to display the name and logo of the virtual ISP
200
. The client program
114
is configured to directly contact the ISP
210
, using, for example, a modem
116
. The client program
114
then presents the user's ID and password to the ISP
210
in order to “log onto” the system. Once the user logs onto the ISP
210
, the user can access the Internet
300
with a browser program
112
. When the user is finished, he can “log off” the system to end the Internet access “session.”
The virtual ISP
200
generally receives a periodic report from each ISP
210
,
220
for billing purposes. For example, the ISP
210
may provide the virtual ISP
200
with a usage report each night listing the user ID of every user that accessed the Internet
300
during the last 24 hour period. The report can also reflect the start time and end time, or length, of each such user session in order to determine how much the ISP
210
will bill the virtual ISP
200
for access. The report can also be used by the virtual ISP
200
to in turn bill each user directly.
One problem with known virtual ISP systems, however, is that the virtual ISP
200
does not know which users are currently logged on. That is, although a nightly report may be accurate for billing purposes, it does not reflect in real time which users are communicating with the Internet
300
. A known protocol, called the Remote Authentication Dial In User Service (RADIUS) authentication protocol, can alert the virtual ISP
200
when a user logs on, but there is no way to inform the virtual ISP
200
when the user logs off. A related protocol called, the RADIUS accounting protocol, can alert the virtual ISP
200
both when the user logs on and when the user logs off the system. However, the RADIUS accounting protocol operates between a virtual ISP
200
and a physical ISP
210
, not between a virtual ISP
200
and a client program
114
. Therefore, even the RADIUS accounting protocol does not let the virtual ISP
200
exercise any control over the client program
114
.
There are several reasons why a virtual ISP
200
may want to know which users are currently logged onto the system. For example, the virtual ISP
200
may want to communicate with all users who are currently on-line, such as to announce a special event. The virtual ISP
200
would not want to deal with a large number of ISPs to determine which users are currently logged onto each ISP. The virtual ISP
200
may also be interested in which users are currently logged on for trouble shooting purposes.
Moreover, user fraud could be detected, and deterred, if the virtual ISP
200
could maintain an independent log of user access, instead of relying on the report generated by the ISP
210
. For example, a user that bypasses the client program
114
and contacts the ISP
210
directly would be detected by comparing the virtual ISP's log with the ISP's report. Similarly, such a log could be used to detect and resolve billing errors between the virtual ISP
200
and the ISP
210
.
Another problem with known virtual ISP systems is that the virtual ISP
200
cannot directly control the client program
114
when a user is on-line. Suppose, for example, that the virtu
Dulai Dharmender S.
Marur Vinod R.
Vitale Benjamin F.
Zenel Bruce A.
Caldwell Andrew
Juno Online Services, Inc.
Kenyon & Kenyon
Maung Zarni
LandOfFree
Two-tier authentication system where clients first... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Two-tier authentication system where clients first..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Two-tier authentication system where clients first... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2550120