Electrical computers and digital processing systems: multicomput – Computer-to-computer session/connection establishing – Network resources access controlling
Reexamination Certificate
1999-10-18
2004-02-24
Maung, Zarni (Department: 2154)
Electrical computers and digital processing systems: multicomput
Computer-to-computer session/connection establishing
Network resources access controlling
C709S217000
Reexamination Certificate
active
06697864
ABSTRACT:
TECHNICAL FIELD OF THE INVENTION
This invention relates generally to providing access to a computer network, and more particularly to the administration of access to a wide-area network, such as the Internet, through a cable system.
BACKGROUND OF THE INVENTION
The Internet is rapidly becoming one of the most important information resources as well as the backbone of electronic commerce. To tap into the vast market of Internet connectivity, various systems have been proposed and implemented to provide Internet access to average households. For example, cable networks, which conventionally were used to provide video services, have been converted to offer broadband data transmission for connecting home computers to the Internet.
Typically, a cable architecture for Internet access includes two different entities: the cable company (often referred to as a Multi-Service Operator (“MSO”)) that owns the cable network, and an Internet service provider (“ISP”). The MSO provides cable access to the end user and controls the cable plant connected to the ISP. When a user uses the cable network to access the Internet, the network communication data from the user's computer are first transmitted through the cable network to the cable plant, which then forwards the communication data to the Internet through the Internet service provider.
In order to access the Internet, a home computer has to have an Internet Protocol (IP) address. In existing cable architectures, such an IP address is dynamically allocated by a Dynamic Host Configuration Protocol (DHCP) server of the MSO. In a conventional arrangement, the home computer first makes a connection to the cable plant of the MSO and receives an IP address from the DHCP server. Once the home computer is assigned an IP address, it can access the Internet without further intervention of the cable system.
This conventional arrangement of Internet access through a cable system has several shortcomings. First of all, the IP address for Internet access is assigned to the home computer, not to the user using the computer. The process of connecting the home computer to the Internet does not require information regarding the identity of the user. As a result, the MSO does not know who is accessing the Internet using the assigned IP address. Since the MSO has no knowledge of the identity of the users using its cable system, it is not able to tailor the services it offers to individual users.
Another shortcoming of the conventional cable connection arrangement is that the allocation of IP addresses to home computers for Internet access can result in inefficient use of the IP addresses. IP addresses are a valuable resource, and in some countries there is a shortage of IP addresses. Under the conventional cable connection architectures, however, the allocation of an IP address is not on a need-only basis, i.e., an IP address may be assigned to a computer even if that computer is not being used to access the Internet. Once an IP address is assigned to a home computer, the user may use the computer for other applications or simply leave the computer on, and the MSO does not know whether the user is actually using the IP address for Internet access.
Another shortcoming of existing cable connection architectures is that each MSO typically has connection to only one Internet service provider. As a result, the users are not given a choice of the ISPs they prefer to use but can only accept the ISP associated with the MSO that owns the cable network.
SUMMARY OF THE INVENTION
In view of the foregoing, the present invention provides a login architecture that provides session-based access of an external computer network, such as the Internet or a network providing special services, through a cable system. A computer used to access the external computer network through the cable system is first assigned a restricted network address that enables the computer to access a private network of the cable system. With the restricted network address, a user may access a “walled garden” of the cable system, but cannot access the external computer network. When the user wants to access the external computer network, a session-based connection is formed between the user's computer and a connection server of the cable system, which is connected to the external computer network. The user is authenticated over the session-based connection between the computer and the connection server. After the user is authenticated, a public network address routable through the external network is assigned to the user's computer. The user's computer sends network communication packets using the public network address through the session-based connection to the connection provider, which then forwards the communication packets to the external computer network. The login architecture may be implemented with the user's computer connected directly to a bridging device, such as a cable modem, to the cable network, or with the user's computer being part of a local area network (“LAN”) that is connected to the cable system through a gateway computer. The login architecture may be implemented to require each user to have a separate account or require only a single account setup for the LAN. In the case where the wide-area network is the Internet, Internet access through multiple ISPs is provided by employing multiple connection servers connected respectively to different ISPs.
Additional features and advantages of the invention will be made apparent from the following detailed description of illustrative embodiments, which proceeds with reference to the accompanying figures.
REFERENCES:
patent: 6118768 (2000-09-01), Bhatia et al.
patent: 6393484 (2002-05-01), Massarani
Egevang, K, and Francis, P, “RFC 1631: The IP Network Address Translator”, Internet Engineering Task Force.*
Rekhter, Y., Moskowitz, B., Karrenberg, D., de Groot, G.J., and Lear, E, “RFC 1918: Address Allocation for Private Internets”, Internet Engineering Task Force.*
Microsoft Corporation,Microsoft Windows NT Server: Understanding Point-to-Point Tunneling Protocol(PPTP). (1997).
Demirtjis Ann
Jeffrey Mark T.
Maung Zarni
Microsoft Corporation
LandOfFree
Login architecture for network access through a cable system does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Login architecture for network access through a cable system, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Login architecture for network access through a cable system will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3288507