WO2007091098A1 - Ip-based communication - Google Patents

Ip-based communication Download PDF

Info

Publication number
WO2007091098A1
WO2007091098A1 PCT/GB2007/000486 GB2007000486W WO2007091098A1 WO 2007091098 A1 WO2007091098 A1 WO 2007091098A1 GB 2007000486 W GB2007000486 W GB 2007000486W WO 2007091098 A1 WO2007091098 A1 WO 2007091098A1
Authority
WO
WIPO (PCT)
Prior art keywords
service
device identifier
registered
service provider
candidate
Prior art date
Application number
PCT/GB2007/000486
Other languages
French (fr)
Inventor
Sean Gerrard Murray
Original Assignee
Rabbit Point Limited
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Rabbit Point Limited filed Critical Rabbit Point Limited
Publication of WO2007091098A1 publication Critical patent/WO2007091098A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/101Access control lists [ACL]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/08Access security
    • H04W12/086Access security using security domains
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint

Definitions

  • the present invention relates to communication systems, and more particularly to IP- based (Internet Protocol-based) communication systems distributed over the Internet.
  • IP- based Internet Protocol-based
  • the present invention also relates to devices, apparatuses, and methods, and computer programs for use in such systems.
  • Broadband Internet access allows the integration of communication and digital media services.
  • Service providers can offer telephony, web-surfing, e-mail and audiovisual services over high-speed connections to homes and businesses.
  • Voice telephony e.g. VoIP
  • Internet access are proven to be well suited to share the same network. These services may be integrated over the unbundled local loop and high-speed fibre to homes and businesses.
  • wireless communications standards IEEE 802.11
  • IEEE 802.11 wireless communications standards
  • wireless user devices such as laptop computers with a wireless access capability
  • Conventional wireless routers are operable to store a number of recognised MAC addresses, each MAC address relating to a wireless communication facility (e.g. a wireless network card) of a recognised communication device (e.g. a laptop computer).
  • a wireless communication facility e.g. a wireless network card
  • a recognised communication device e.g. a laptop computer
  • Such conventional wireless routers are therefore operable to permit communication devices having a recognised MAC address to access an IP-based network via a wireless router, and to deny communication devices not having a recognised MAC address from such access.
  • Existing wireless routers can enable a recognised wireless communication device to access, for example, a private IP-based network without requiring a user of the device to enter a username or password. However, the user may still have to enter a username and password if he tries to access another IP-based network via another wireless router. Accordingly, it is recognised that although such wireless routers allow the benefits of mobility to be exploited by "recognised" user communication devices, such mobility can only be realistically exploited when accessing an IP-based network via the user's "home" wireless router, or another wireless router in which the user communication device's MAC address has been stored. That is, the true potential benefits of mobility cannot be fully exploited using conventional IP-based communication systems as user communication devices in such systems can only access large IP-based networks, such as the Internet, from a small number of wireless routers.
  • WiFi Wireless Fidelity
  • Such telephones are, more than other types of device, likely to be moved about geographically, such that they are moved from the zone of operation of one wireless router to the next.
  • users of such devices currently have to enter a username and/or password (or other equivalent identification data) in order to access telephony services at a wireless router. Due to this disadvantage, the uptake of such WiFi mobile telephones has been relatively modest, and the network coverage for such devices is similarly modest. It is desirable to solve the above-mentioned problems with existing IP-based communication systems. It is further desirable to provide an IP-based communication system in which users may be granted access universally in an efficient manner.
  • a method of granting a candidate device access to a service provided by a service provider in an IP-based communication system comprising service provider apparatus of the service provider and a plurality of service point apparatuses interconnected by the Internet, the service point apparatuses being separate from one another and from the service provider apparatus, the candidate device having a predetermined device identifier unique to that device stored therein, method comprising: maintaining at the service provider apparatus a record of at least one registered device identifier; obtaining the device identifier of the candidate device from the candidate device via a particular one of the service point apparatuses without the user of the candidate device having to supply that identifier; determining whether the obtained device identifier is a registered device identifier; and if it is determined that the obtained device identifier is such a registered device identifier, granting the candidate device access to said service via said particular one of the service point apparatuses.
  • the device identifier is preferably not defined by a user of the device and is preferably defined by the service provider or an agent thereof before the candidate device is provided to the user. It will be appreciated that such a device identifier, being unique to the device, could be a link-layer address of the device, for example a MAC address. However, the identifier could alternatively be a pass-code or number stored within the device.
  • the identifier is preferably "embedded" within the communication functionality of the candidate device and therefore does not need to be “entered” by the user. This information is also unique to the candidate device and is relatively difficult to duplicate in another device. Accordingly, a sufficient degree of system security is afforded by granting access on this basis.
  • a candidate device by its identifier (e.g. by its link-layer address) as this enables the logical location of the device within the communication system to be identified. This is possible since, in the case of a link-layer address, each such link-layer address of each participating device in a communication link across the system may be identified, since the link is defined using these addresses.
  • the system may however be designed such that a pass-code rather than a link-layer address is identified from each such participating device.
  • access is granted to the service based on the device identifier (e.g. link- layer address) alone.
  • the device identifier e.g. link- layer address
  • This apparatus may be accessible by each of the service point apparatuses, and accordingly a candidate device may gain access irrespective of which service point apparatus is employed.
  • the determination as to whether the obtained device identifier is registered is carried out by determining if the device identifier is registered at the service provider apparatus.
  • the service point apparatuses may each access a "central store" of such records, and thereby not need to store such information themselves. This use of a central store may enable a particular candidate device to access services from any service point apparatus.
  • a record of at least one registered device identifier is maintained at each of one or more of the service point apparatuses. Accordingly, it may be possible to first determine whether the obtained identifier is registered at the service point apparatus via which that device identifier was obtained. Then, if the obtained device identifier is not registered at the service point apparatus via which that device identifier was obtained, it may be possible to determine whether the obtained device identifier is registered at said service provider apparatus. This may have the advantage that on certain occasions it may not be necessary to consult the "central store" of information, the obtained identifier being instead registered in the service point apparatus concerned.
  • the service can be provided from any one of two or more service point apparatuses at which the device identifier is obtained from the candidate device. It is advantageous for the candidate device to be able to access the service from at least two different service point apparatuses, and preferably from all such service point apparatuses.
  • the service provider apparatus and the service point apparatuses are distributed across the Internet. This increases the geographical coverage of the system and maximises the benefits obtainable from the use of wireless candidate devices and wireless service point apparatuses.
  • the method further comprises: maintaining at the service provider apparatus, for the or each registered device identifier (e.g. link-layer address), a record of at least one item of user information corresponding thereto; and granting the candidate device access to said service via said one of the service point apparatuses in dependence upon the obtained device identifier and at least one such corresponding item of user information.
  • the service provider apparatus for the or each registered device identifier (e.g. link-layer address), a record of at least one item of user information corresponding thereto; and granting the candidate device access to said service via said one of the service point apparatuses in dependence upon the obtained device identifier and at least one such corresponding item of user information.
  • the corresponding information may comprise any of a name and address of a user of the device, payment information for the user, or one or more telephone numbers to be associated with the candidate device.
  • the corresponding information may optionally also comprise a username and password to allow the user to access services, and the stored information, over the Internet.
  • the username and password may be employed to provide increased system security.
  • the payment information may be associated with a candidate device and ultimately with a user of the candidate device to link an ability of a user to pay for services with the candidate device.
  • Such services may comprise any of telephony, e-mail, or Internet-browsing services. Accordingly, it is to be understood that the present invention is intended to relate to the transfer of any type of data over an IP-based communication system.
  • the or each device identifier is a link-layer address.
  • the or each device identifier is a MAC address.
  • Such addresses are commonly pre-embedded within candidate devices on manufacture, and, as such, no further pass-code need be employed.
  • MAC addresses are link-layer addresses, or data-link- layer addresses, for use in IP-based networks designed around the OSI 7-layer network model.
  • MAC address may be rendered obsolete by future developments in Internet protocols.
  • link-layer address is intended to cover any equivalent device-specific and unique-per- device address employed for Internet-based communication.
  • the candidate device may be an IP-capable (WiFi) telephone, PDA, computer, or any other communication device capable of communicating across an IP- based network.
  • WiFi IP-capable
  • a large range of products, from RFID devices to credit cards to set-top boxes may be fitted with communication equipment having a device identifier such as a link-layer address and being capable of communication over an IP-based network.
  • the term candidate device is intended to include any such device fitted with communication equipment having a device identifier such as a link-layer address and being capable of communication over an IP-based network.
  • At least one (or each) service point apparatus comprises wireless service point apparatus
  • the candidate device is a wireless communication device.
  • the service point device may, for example, be a wireless router. It is particularly advantageous to employ wireless communication techniques (WiFi) between a service point apparatus and a candidate device so as to maximise the benefit of the mobility provided thereby.
  • WiFi wireless communication techniques
  • the wireless candidate device is a WiFi telephone
  • the user may carry his telephone around with him, and use it when he is in the operational vicinity of any wireless service point apparatus by gaining access to a telephony service provided by a service provider.
  • the telephony service may enable him to both receive and make telephone calls using his WiFi telephone.
  • the obtaining, determining and granting operations are carried out automatically when the candidate device is reconfigured or relocated from a first state, in which communication with said one of the service point apparatuses is not possible, to a second state, in which communication with said one of the service point apparatuses is possible.
  • the first state may be when the candidate device is switched off or when the candidate device is out of range of the service point apparatus.
  • the second state may therefore be when the candidate device is in range of the service point apparatus and is switched on.
  • the range of operation of a wireless service point apparatus (the zone of operation) may differ from one apparatus to the next, and also be dependent on its location. That is, it is preferable to automatically carry out the obtaining, determining and granting steps when the candidate device begins a communication with one of the service point apparatuses.
  • the services provided by the service provider may include any service which is providable over the communication system.
  • Many devices are controllable over the Internet. Therefore, for example, when the candidate device is granted access to the services provided by the service provider, an operation of another device may be triggered.
  • the other device could be a security system. For example, doors may be unlocked as the provided service.
  • the other device may be a home environment system. For example, heating, lighting, and/or air conditioning may be activated as the provided service. It will be appreciated that the other devices controlled as the provided service may be located anywhere in the world, provided that they are controllable via the communication system.
  • the provision of such services may be pre-arranged by a user with the service provider, such that, for example, the service is automatically provided when the candidate device of the user is granted access to services via a particular service point apparatus.
  • This is advantageous as the service may effectively be provided based on the location of the candidate device. For example, if the candidate device is granted access to services via a service point apparatus of an airport lounge, access to that lounge may be granted as the service (for example, by opening the lounge doors).
  • Knowledge of the location of a candidate device having been granted access to services may also enable services to be offered to other parties.
  • an owner of a chain of retail shops may have a wireless service point apparatus located in each shop of the chain.
  • a message may be transmitted exclusively to each wireless candidate device currently being provided services via wireless service point apparatuses in those retail shops.
  • the message may contain marketing information, for example notifying users in those shops of current offers or discounts.
  • the agent in this case, the owner of a retail shop, or a member of his staff
  • the agent may be notified that a particularly important client or customer is logged on for receiving services via his wireless service point apparatus. This may enable the owner, or a member of his staff, to direct staff or services in the shop to the particularly important client or customer.
  • the service provided to a candidate device by the service provider may be the ability for that candidate device to be accessed from other devices over the Internet. For example, it may be possible to use another device, for example a computer or PDA, to retrieve information from the candidate device once it has been granted access to the service. Alternatively, if the candidate device is a WiFi telephone, it may be possible to telephone the candidate device from another telephone or other equipment equipped for telephony (e.g. a laptop with VoIP software).
  • the service provided by the service provider may comprise a transfer of data over a communication path between first and second devices, the method further comprising taking into account path cost when determining a route for said path between said first and second devices.
  • the use of certain paths across a communication network may incur costs to the service provider, and ultimately to the user of the candidate device.
  • part of a communication path may comprise a cellular network, or a conventional land-line network, for which charges are raised for use thereof.
  • the transfer of data over a communication path between first and second devices as the provided service may be routed over the least cost path, in order to provide the user of the candidate device value for money.
  • use of the Internet where possible in preference over land lines may lead to a lower cost communication path, as compared to a path predominantly using such land lines.
  • an IP-based communication system for granting a candidate device access to a service provided by a service provider, the candidate device having a predetermined device identifier unique to that device stored therein, the system comprising: service provider apparatus of the service provider operable to maintain a record of at least one registered device identifier; a plurality of service point apparatuses operable to provide at least part of a communication link between the candidate device and the service provider apparatus, the plurality of service point apparatuses being separate from one another and from the server provider apparatus, and the plurality of service point apparatuses and the server provider apparatus being interconnected by the Internet; means operable to obtain the device identifier of the candidate device from the candidate device via a particular one of the service point apparatuses without the user of the candidate device having to supply that identifier; determining means operable to determine whether the obtained device identifier is a registered device identifier; and access-granting means operable, if it is determined that the obtained device identifier is
  • a communication device adapted for use at a service provider apparatus in an IP-based communication system to grant a candidate device access to a service provided by a service provider, the candidate having a predetermined device identifier unique to that device stored therein, the system also comprising a plurality of service point apparatuses separate from one another and from the server provider apparatus, and the service provider apparatus and the plurality of service point apparatuses being interconnected by the Internet, the communication device comprising: address- obtaining means operable to obtain the device identifier of the candidate device from the candidate device via a particular one of the service point apparatuses without the user of the candidate device having to supply that identifier; determining means operable to determine whether the obtained device identifier is registered in information storage means of the service provider separate from the plurality of service point apparatuses; and access-granting means operable, if it is determined that the obtained device identifier is so registered, to grant the candidate device access to said service via said particular one of the service point
  • the communication device further comprises the information storage means, such means being operable to maintain a record of at least one registered device identifier.
  • the communication device may be, for example, a server.
  • a method of granting a candidate device access to a service provided by a service provider the candidate having a predetermined device identifier unique to that device stored therein, and the system also comprising a plurality of service point apparatuses separate from one another and from the server provider apparatus, and the service provider apparatus and the plurality of service point apparatuses being interconnected by the Internet, the method comprising: obtaining the device identifier of the candidate device from the candidate device via a particular one of the service point apparatuses without the user of the candidate device having to supply that identifier; determining whether the obtained device identifier is registered in information storage means of the service provider separate from the plurality of service point apparatuses; and if it is determined that the obtained device identifier is so registered, granting the candidate device access to said service via said particular one of the service point apparatuses.
  • a computer program which, when executed on a communication device, causes the communication device to carry out the steps of a method embodying the aforementioned fourth aspect of the present invention.
  • the device identifier e.g. the link-layer address of the device
  • an employed registered service point apparatus both on initial registration of the device, and when the device is in use, to allow an owner of the service point apparatus to obtain a share of revenues generated from use of the candidate device having the device identifier. Examples of such methods are provided in the description of embodiments of the present invention.
  • FIG 1 is a schematic diagram of an IP-based communication system embodying the present invention.
  • Figure 2 is a flowchart of a method embodying the present invention.
  • FIG. 3 is a schematic diagram of an IP-based communication system embodying the present invention.
  • Figure 4 is a schematic diagram of service provider apparatus embodying the present invention.
  • Figure 5 is a schematic diagram of an IP-based communication system embodying the present invention.
  • FIG. 6 is a schematic diagram of an IP-based communication system embodying the present invention.
  • FIG. 7 is a schematic diagram of an IP-based communication system embodying the present invention.
  • FIG 8 is a schematic diagram of an IP-based communication system embodying the present invention.
  • Embodiments of the present invention described below employ link-layer addresses (MAC addresses) as the device identifier.
  • MAC addresses have been employed in those embodiments as a preferable example of a device identifier as those addresses are pre-embedded in the example candidate devices provided in those embodiments during manufacture of those devices.
  • each of those embodiments may instead employ, as the device identifier, a pass-code or the like pre- loaded into the candidate devices by the service provider, or by an agent thereof.
  • FIG. 1 is a schematic diagram of an IP-based communication system 1 embodying the present invention.
  • the communication system 1 comprises a number of devices accessible via the Internet 4.
  • the communication system 1 comprises a service provider server 2, a database 6, a plurality of registered service points 8, a plurality of user terminals 10 served by the registered service points 8, a plurality of unregistered service points 12, a further plurality of user terminals 10 served by the unregistered service points 12, a land line provider 14, a plurality of land-line devices 16 served by the land line provider 14, a cellular network provider 18, a plurality of cellular devices 20 served by the cellular network provider 18, a satellite or cable service provider 22, a plurality of user units 24 served by the satellite or cable service provider 22, a conventional-internet-service provider 26, and a plurality of internet- ready devices 28.
  • a service provider it is desirable for a service provider to provide services to or on behalf of users of the user terminals 10.
  • the service provider controls the operation of the service provider server 2, and the database 6.
  • the service provider arranges for a number of registered service points 8 to be installed in various locations, such that they are accessible via the
  • the registered service points 8 may be owned by the service provider or by agents of the service provider. Such services may also be provided by means of unregistered service points 12, also accessible via the Internet 4.
  • the Internet 4 is a distributed network, and accordingly the service provider server 2, the database 6, the registered service points 8, the unregistered service points 12, the land line provider 14, the cellular network provider 18, the satellite or cable service provider 22, and the conventional-internet-service provider 26 may be distributed across the world, or alternatively ail located within a single country.
  • the service provider server 2 may be a single device, or may comprise a plurality of devices distributed across the Internet 4.
  • the database 6 may also be a single device, or may comprise a plurality of devices distributed across the Internet 4.
  • the or each database 6 may be a device in its own right, or may be part of a service provider server 2.
  • Embodiments of the present invention employ the database 6 to store a user-terminal record for at least one registered user terminal 10.
  • the database stores records for a plurality of user terminals 10.
  • Such records each comprise at least a MAC address (link-layer address) of a particular registered user terminal 10.
  • Those records preferably also comprise further information relating both to the user terminal 10 concerned, and to a user of that user terminal 10.
  • Such further information may include, for example, a name and address of the user, and account payment details for the user.
  • the account payment details may, for example, comprise credit card details for the user concerned, such that the user may be billed for his use of the service via his user terminal 10.
  • the further information may also include, in the case of the user terminal 10 being a telephone, one or more telephone numbers to be assigned to that telephone.
  • Embodiments of the present invention also employ the database 6 to store a service- point record for at least one registered service point 8.
  • the database 6 stores records for a plurality of registered service points 8.
  • Such records each comprise at least a MAC address (link-layer address) of a particular registered service point 8.
  • the service-point records preferably also comprise further information relating both to the registered service point 8 concerned, and to a party responsible for that registered service point 8.
  • Such further information may include, for example, a name and address of the responsible party, and account payment details therefor.
  • the account payment details may, for example, comprise bank account details for the party concerned, such that the party may be financially rewarded for use made of its registered service point 8 by users.
  • Such further information may also include, a unique equipment identification number (UEIN) assigned to each registered service point 8 by the service provider so as to clearly identify that registered service point 8 to the service provider.
  • UEIN unique equipment identification number
  • Such further information may also include a geographical location of the registered service point 8, and a logical or network location thereof.
  • a party responsible for a particular registered service point 8 may be the service provider itself or an agent thereof.
  • a particular registered service point 8 may be owned or rented (or leased) by an agent of the service provider.
  • Such an agent could, for example, be an owner of a restaurant or bar or other establishment in which the registered service point 8 is installed.
  • An agent could alternatively be a public body responsible for public areas in which such registered service points 8 may be installed.
  • Embodiments of the present invention also employ the database 6 to store a further service-point record for at least one unregistered service point 12. Whilst the records for registered service points 8 may be populated during registration thereof, the records for an unregistered service point 12 may be populated over time as a user employs that unregistered service point 12 to access services provided by the service provider. It will be appreciated that although less information will in practice be recorded in respect of unregistered service points 12 as compared to that recorded in respect of registered service points 8, the same information could be recorded if made available to the service provider.
  • each user terminal 10 is a WiFi-enabled (Wireless Fidelity) mobile telephone having a MAC address
  • each registered service point 8 and unregistered service point 12 is a wireless router also having a MAC address.
  • the user terminals 10 could be, for example, personal computers, PDAs (Personal Digital Assistants), or any other communication device capable of communicating over an IP-based network and having a MAC address (link-layer address).
  • the service points 8, 12 could be wired routers, modems, servers, or any other device having a MAC address and capable of enabling a communication device also having a MAC address to access the Internet 4 therethrough.
  • Each wireless router (service point 8, 12) of the communication system 1 has an associated zone of operation, within which user terminals 10 may communicate therewith. Accordingly, user terminals 10 may pass in and out of zones of operation of such wireless routers.
  • the land line provider 14, the plurality of land-line devices 16 served by the land line provider 14, the cellular network provider 18, the plurality of cellular devices 20 served by the cellular network provider 18, the satellite or cable service provider 22, the plurality of user units 24 served by the satellite or cable service provider 22, the conventional-internet-service provider 26, and the plurality of internet-ready devices 28 may be conventional devices.
  • any of the devices 14, 18, 22, and 26 could be adapted to become a service point 8, 12, for example by providing those devices with the necessary capability (hardware and/or software) to operate over an IP-based network such that those devices possess a MAC address.
  • any of the devices 16, 20, 24, and 28 could be adapted to become a service point 8, 12, or a user terminal 10, for example by providing those devices with the necessary capability to operate over an IP-based network such that those devices possess a MAC address.
  • An internet-ready device 28 may be, for example, a computer, a PDA, or any other type of communication device.
  • An internet- ready device 28 may be provided with VoIP software, and thus be capable of telephony with a user terminal 10 (also being capable of telephony) in a similar way as described below in respect of land-line devices 16 (telephones) and cellular devices 20 (mobile telephones) with reference to Figure 3.
  • FIG. 2 is a flow diagram of a method 30 embodying the present invention.
  • the method 30 commences at step 32, and proceeds to step 34.
  • a device identifier of a candidate device is obtained via a service point apparatus.
  • the candidate device may be, for example, a user terminal 10.
  • the service point apparatus may be, for example, a registered service point 8, or an unregistered service point 12.
  • the device identifier in the Figure 1 embodiment is a MAC address (link-layer address).
  • step 38 it is determined in step 38 whether the obtained device identifier is a registered device identifier or not. This determination may involve access to a database of registered device identifiers such as the database 6, which in the Figure 1 embodiment stores MAC addresses.
  • the method 30 proceeds to step 40, in which the candidate device is granted access to a service provided by the service provider. The method 30 then terminates 42. If, however, the obtained device identifier is not a registered address, the method 30 may proceed from step 38 to step 44, in which the candidate device is denied access to any services provided by the service provider. In this case, the method 30 terminates 42. Alternatively, if the obtained device identifier is not a registered address, the method 30 may proceed from step 38 to step 46, in which a user of the candidate device is permitted to register that candidate device. The method 30 may then be carried out again, the device identifier of the candidate device having been registered in the database 6.
  • Methods embodying the present invention may include further steps in which credit- card details registered in respect of a candidate device are confirmed before granting it access to services.
  • Other methods embodying the present invention may include further steps for checking that an entered username and/or password is registered in respect of a candidate device before granting it access to services.
  • these extra steps may optionally be carried out for commercial or security reasons, a preferred embodiment of the present invention omits these extra steps so as to enable a registered user terminal to access the available service as conveniently as possible.
  • a user may carry a registered WiFi mobile telephone (user terminal 10) into the zone of operation of a registered wireless router (registered service point 8).
  • the telephone may, by means of software or hardware provided therein, recognise that it is in operational range of the wireless router and attempt to access services provided by the service provider through the router. This attempt to access services provided by the service provider may be initiated by the user, for example pressing a button on the telephone, or may preferably be initiated automatically by the software provided therein.
  • This activity will initiate (step 32) the execution of method 30, and the MAC address (link-layer address) of the WiFi telephone will be obtained (step 34) either by the wireless router and/or by other equipment such as the service provider server 2.
  • a determination will then be made (step 38) as to whether the obtained MAC address is registered in the database 6.
  • the WiFi telephone is a registered user terminal 10, and the telephone will be granted access to services provided by the service provider (step 40).
  • the user may then be considered to be "logged on" to the service such that the telephone may communicate with the service provider server 2 via the wireless router.
  • the method 30 may be carried out in a combination of the service provider server 2 and the database 6, or in a combination of the service provider server 2, the service point 8, 10, and the database 6.
  • the present invention extends to a computer program or a series or set or suite of computer programs operable to cause computing devices such as servers and routers to carry out methods embodying the present invention, or to become service provider apparatuses and service point apparatuses.
  • the service provider server 2 may record the logical location of a logged-on user terminal 10 by reference to the service point 8, 10, serving that user terminal 10. This may be achieved by recording the MAC address of the service point 8, 10 serving that user terminal 10. If the geographical location of the service point 8, 10 is known to the service provider, for example if the service point is a registered service point 8, then the service provider server 2 may also record the geographical location of the logged-on user terminal 10.
  • the location (logical and/or geographical) of a logged-on user terminal 10 may be stored after the user has logged off, or deleted. For example, the location of a user terminal 10 when it first logs on may be permanently stored. This may be advantageous for commercial reasons.
  • Agents may sell user terminals 10 to new users so as to increase the number of users taking advantage of the services provided by the service provider.
  • a record of the agent having sold a particular new user terminal 10 may be recorded, for example by allowing the new user terminal 10 to log on for the first time via a registered service point 8 operated by that agent.
  • the MAC address of the agent's registered service point 8 can be captured as the new user terminal first logs on, and a financial reward can be paid to the agent for introducing that new user. That is, a permanent association may be made between the link-layer address of the registered service point 8 at which a new user terminal 10 is first logged on to receive services, and the link-layer address of the new user terminal 10.
  • One commercial model may be to pay a proportion of any future revenues generated from that user to the agent that sold him the user terminal.
  • Another commercial model may be to reward not only the agent that sold the new user terminal, but also to reward agents on a per-use basis, such that each time a user uses his user terminal 10 via a registered service point 8, a proportion of any revenue generated from that use is paid to the agent responsible for that registered service point 8. That is, a transitory association may be made between the link-layer address of a currently-used registered service point 8 at which a user terminal 10 is receiving services, and the link-layer address of that user terminal 10.
  • commercial models may be changed from time to time, however it is clear that knowledge of the MAC addresses of service points can enable a variety of commercial models to be employed. It may be possible through these models to share revenues with service point 8, 12 owners.
  • the WiFi telephones (user terminals 10) each have a number of telephone numbers assigned thereto, and stored in the record for the telephone concerned in the database 6.
  • the telephone may have more than one number assigned thereto so as to enable the user, for example, to have a business and a personal telephone number.
  • the telephone may also have telephone numbers registered in different countries of the world. For example, the telephone may have a British, an American, and a Japanese telephone number. A particular logged-on telephone may make or receive telephone calls to or from other telephones.
  • the provision of telephone numbers registered in different countries may enable the routing of telephone calls to or from the registered WiFi telephone to be routed by the most cost-effective route.
  • a user of a candidate device may offer a Japanese friend his Japanese telephone number.
  • the call may be routed (as a domestic call) to a telephone provider in Japan, and then over the Internet 4 to the WiFi telephone.
  • This may be a lower-cost route than if the user had provided his Japanese friend only with his British telephone number, in which case the call may have been routed at high cost (as an international call) to a telephone provider in the UK before being routed over the Internet 4.
  • Figure 3 is a schematic diagram of an IP-based communication system 50 embodying the present invention.
  • Figure 3 is useful for explaining examples of possible telephone calls made or received by users of logged-in user terminals 10.
  • the communication system 50 is a part of the communication system 1 , and those common component devices already discussed with reference to Figure 1 have been numbered in the same way and duplicate description, and labelling of the computer devices in Figure 3, is omitted.
  • the letters A to G have been provided in Figure 3 to identify the origin, route, and destination of example telephone calls.
  • a particular logged-on telephone may make or receive telephone calls to or from a conventional land-line telephone 16 or cellular telephone 18, telephone calls being transmitted using VoIP (Voice over Internet Protocol) techniques where possible, and over conventional telephone networks where necessary. That is, it is possible for a registered user terminal, if enabled for telephony services, to make and receive telephone calls to and from non-registered devices such as a conventional telephone (or any other device enabled for telephony such as a laptop having VoIP software).
  • VoIP Voice over Internet Protocol
  • a telephone call between a user terminal 10 and a conventional land-line phone 16 could be transmitted using VoIP techniques between the user terminal 10 and the land-line provider 14 (A to B, via F) 1 and then using conventional land-line services (POTS) from the land line provider 14 to the land-line phone 16 (B to C).
  • POTS Packet Old Telephone Service
  • POTS refers to conventional analogue telephony transmitted over copper wires.
  • a telephone call between two users of user terminals 10 may be routed entirely using VoIP services, via the service provider server 2 (A to G, via F). This may be advantageous to users of the user terminals 10, as no charges are incurred through use of conventional telephone networks.
  • the telephone numbers associated with each user terminal 10 are preferably recognisable by conventional telephone networks as standard telephone numbers, such as PSTN (Public Switched Telephone Network) numbers.
  • PSTN Public Switched Telephone Network
  • a user of a conventional telephone such as a cellular device 20 may call a user of a particular user terminal 10 using a particular associated PSTN number.
  • such a call could first be routed to a conventional telephone service operator of the country in which the particular PSTN number is registered (for example, from D to E to B). The call would then be routed to the service provider server 2 (B to F) because that number has been registered as being assigned to the service provider.
  • the particular PSTN number would be identified in the database 6 and the associated MAC address of the user terminal retrieved therefrom. Accordingly, the remaining part of the routing would be carried out on the basis of the retrieved MAC address.
  • the user terminal 10 may be recorded as being currently logged-on at a particular registered service point 8 (G), and the call routed directly thereto (F to G).
  • FIG 4 is a schematic diagram of service provider apparatus 60 embodying the present invention.
  • the service provider apparatus 60 comprises a communication link 62, identifier-obtaining means 64, determining means 66, information storage means 68, and access-granting means 70.
  • the information storage means 68 is operable to maintain a record of at least one registered device identifier such as a MAC (link-layer) address, and in the present case maintains a plurality of such records.
  • the identifier-obtaining means 64 is operable to obtain a device identifier of a candidate device from signals transmitted thereto via the communication link 62.
  • the candidate device may be, for example, attempting to access services which may be provided by the service provider apparatus 60 via a service point apparatus 8, 10.
  • the determining means 66 is operable to determine whether the device identifier of the candidate device is such a registered device identifier, for example by accessing the information storage means 68.
  • the access- granting means 70 is operable, if it is determined that said device identifier is such a registered address, to grant the candidate device access to services via a service point 8, 10.
  • the service provider server 2 of Figure 1 may comprise the service provider apparatus 60 of Figure 4, or alternatively, the service provider apparatus may be distributed between the service provider server 2, the database 6, and a service point 8, 10.
  • FIG 5 is a schematic diagram of an IP-based communication system 70 embodying the present invention.
  • the communication system 50 comprises a service provider server 2, a database 6, and two registered service points 8 distributed across the Internet 4. These elements have already been described with respect to the IP-based communication system 1 of Figure 1 , and duplicate description is omitted.
  • the communication system 70 further comprises a user terminal 10, a door-activation unit 72, and a central heating system 74. It is to be understood that the door-activation unit 72 and the central heating system 74 may be considered to be user terminals of the communication system 70.
  • the door-activation unit 72 may, for example, be located in an airport, for example for controlling the entrance doors of a corporate lounge. Accordingly, a user having a user terminal 10 and entering the operational zone of the registered service point 8 adjacent to the corporate lounge may be automatically granted access to the airport lounge. That is, the service provided by the service provider may, in this case, be the controlling of the entrance doors to the corporate lounge using the door-activation unit 72.
  • the doors of the corporate lounge may be caused to open as follows.
  • the user terminal 10 concerned may automatically detect that it has come into the operational zone of a registered service point 8. This may be the case if the user terminal 10 is a WiFi telephone, and if the registered service point 8 is a wireless router.
  • the user terminal 10 may then seek access to services provided by the service provider. Assuming that the MAC address of the user terminal 10 is registered in the database 6, and that further information is registered in relation to that MAC address indicating that the user should be permitted access to the corporate lounge, the user terminal 10 may be granted access to the door-opening service, and accordingly the doors of the corporate lounge may be opened.
  • the example of the door-activation unit 72 is only one example of a multitude of devices that may be controlled in a similar way.
  • the central heating system 74 of the user may be triggered to heat the home of the user. This may be desirable, for example, if the user has just returned to the country after a holiday abroad, and would like his house to be heated by the time he returns home from the airport.
  • the device, in this case the central heating system 74, controlled as the service provided by the service provider may be anywhere in the world, as long as it may be controlled via a service point apparatus, or directly over the communication system.
  • FIG 6 is a schematic diagram of an IP-based communication system 80 embodying the present invention.
  • the communication system 80 comprises a service provider server 2 and a database 6 distributed across the Internet 4. These elements have already been described with respect to the communication system 1 of Figure 1, and duplicate description has been omitted.
  • the communication system 80 further comprises a set-top box 82, and a cash machine controller 89.
  • the set-top box 82 and the cash machine controller 89 are equivalent to the registered service points 8 of Figure 1.
  • the communication system 80 further comprises a plurality of user terminals 10 (as described with reference to Figure 1) and a payment device 92.
  • the payment device 92 is equivalent to a user terminal 10.
  • the set-top box 82 is connected to a television 84, and accordingly controls those channels that may be viewed on the television. An adult user 86 and an infant user 88 are shown next to the television 84.
  • the set-top box 82 (registered service point) has the functionality of a wireless router.
  • the user terminals 10 are WiFi telephones.
  • the user terminals 10 When the user terminals 10 are in the operational zone of the set-top box 82, they may be automatically logged on for receiving services provided by the service provider, as explained above.
  • the database may store, in addition to the MAC addresses of the use terminals 10, details of those television channels that the relevant users are permitted to watch. This information may have been supplied to the service provider by the adult user 86. Accordingly, the set-top box may be controlled to only allow certain channels to be watched when the adult user 86, and, more particularly, his user terminal 10, is in the operational zone of the set-top box 82.
  • the cash machine controller 89 may be located in a restaurant, and connected to a cash machine 90.
  • the cash machine controller 89 in the present embodiment has the functionality of a wireless router, and the payment device 92 is capable of wireless communication (WiFi) with the cash machine controller 89. Accordingly, it can be seen that a user having the payment device 92 may pay for a meal 94 received in the restaurant without having to hand over any credit-card details or the like to an owner of the restaurant. It will be appreciated that the functionality of the payment device 92 may be built into a WiFi telephone, PDA, or other similar equipment.
  • FIG 7 is a schematic diagram of an IP-based communication system 90 embodying the present invention.
  • the communication system 90 comprises a service provider server 2, a database 6, and a plurality of registered service points 8 distributed across the Internet 4. These elements have already been described with reference to the communication system 1 of Figure 1 and duplicate description has been omitted.
  • the IP-based communication system 90 further comprises a plurality of user terminals 92, 94, and 96.
  • the user terminals are examples of office equipment, for example a computer 92, a telephone 94, and a printer/scanner/fax machine 96.
  • the registered service points are wireless routers, and the user terminals 92, 94, 96 are capable of wireless communication with the wireless routers.
  • the two registered service points 8 may be situated in different office buildings, perhaps located in different countries. It will be appreciated, that because the user terminals 92, 94, and 96 are identified by their MAC addresses, those devices may be moved from the operational zone of one registered service point 8 to the operational zone of another registered service point, regardless of where those registered service points 8 are located. Accordingly, following the move 98, the terminals 92, 94 and 96 may be used without needing to reconfigure them and without the need for new telephone numbers or the like.
  • FIG 8 is a schematic diagram of an IP-based communication system 100 embodying the present invention.
  • the communication system 100 comprises a service provider server 2, a database 6, and a plurality of registered service points 8 distributed across the Internet 4. These elements have already been described with reference to the communication system 1 of Figure 1 and duplicate description has been omitted.
  • the communication system 100 further comprises a plurality of user terminals 102, 104, 106, 108, 110, and 112. Those user terminals are equivalent to the user terminal 10 of Figure 1.
  • the three registered service points 8 are located in three separate locations 114, 116, and 118.
  • the registered service points 8 in locations 114 and 118 are both operated by the same agent of the service provider, and that the registered service point 8 in location 116 is operated by a different agent of the service provider.
  • Services may be provided to users of the user terminals on behalf of agents of the service provider.
  • the agent of the service provider operating the registered service points 8 of locations 114 and 118 may be an owner of a chain of retail shops, and locations 114 and 118 may be considered to be shops of that chain.
  • each of the user terminals 102, 104, 106, 108, 110, and 112 is currently logged on for receiving services from the service provider, it may be possible for the service provider to send a message or other communication to the user terminals 102, 104, 110, and 112, but not to the user terminals 106, and 108. This may be advantageous to an agent, for example for targeting marketing and advertising information to customers of that agent.
  • an agent may be informed by the service provider when a particular user terminal is logged on for receiving services from the service provider via a registered service point 8 operated by that agent.
  • the agent of location 116 may be particularly interested to know when the user of user terminal 106 is logged on for receiving services in his location 116, but not interested to know when the user of user terminal 108 is logged on.
  • an agent may specify a particular user or group of users that he is interested in. Such a group of users may be specified in a number of different ways, for example by age, gender, occupation, marital status, or in any other way.
  • Embodiments of the present invention may be implemented in hardware, or as software modules running on one or more processors, or on a combination thereof. That is, those skilled in the art will appreciate that a microprocessor or digital signal processor (DSP) may be used in practice to implement some or all of the functionality of a server (or other communication equipment) embodying the present invention.
  • DSP digital signal processor
  • the invention may also be embodied as one or more device or apparatus programs (e.g. computer programs and computer program products) for carrying out part or all of any of the methods described herein.
  • Such programs embodying the present invention may be stored on computer-readable media, or could, for example, be in the form of one or more signals.
  • Such signals may be data signals downloadable from an Internet website, or provided on a carrier signal, or in any other form.
  • the present invention is applicable to different types of distributed communication network and does not necessarily need to be implemented over the Internet 4.
  • the present invention may be implemented within a private network such as an intranet.
  • IP communication standards and to wireless communications standards (such as IEEE 802.11) to better understand embodiments of the present invention.

Abstract

There is disclosed a method of granting a candidate device access to a service provided by a service provider in an IP-based communication system, the system comprising service provider apparatus of the service provider and a plurality of service point apparatuses interconnected by the Internet, the service point apparatuses being separate from one another and from the service provider apparatus, the candidate device having a predetermined device identifier unique to that device and not defined by a user of the device stored therein, method comprising: maintaining at the service provider apparatus a record of at least one registered device identifier; obtaining the device identifier of the candidate device from the candidate device via a particular one of the service point apparatuses without the user of the candidate device having to supply that identifier; determining whether the obtained device identifier is a registered device identifier; and if it is determined that the obtained device identifier is such a registered device identifier, granting the candidate device access to said service via said particular one of the service point apparatuses.

Description

IP-BASED COMMUNICATION
The present invention relates to communication systems, and more particularly to IP- based (Internet Protocol-based) communication systems distributed over the Internet. The present invention also relates to devices, apparatuses, and methods, and computer programs for use in such systems.
The digitalisation of communication and media in the past two decades has created unprecedented opportunities to develop services of increased reach, capacity and mobility. The adoption of services such as mobile telephony, Internet browsing and e- mail have had a profound effect on people's lifestyles.
Residential and business broadband access to the Internet has increased significantly in the past decade, and has brought about profound changes in the telecommunication industry. Broadband Internet access allows the integration of communication and digital media services. Service providers can offer telephony, web-surfing, e-mail and audiovisual services over high-speed connections to homes and businesses. Voice telephony (e.g. VoIP) and Internet access are proven to be well suited to share the same network. These services may be integrated over the unbundled local loop and high-speed fibre to homes and businesses.
In parallel, wireless communications standards (IEEE 802.11 ) have been developed and adopted. This has allowed the possibility of wider access to the Internet and IP- based services from a range of wireless enabled devices.
However, problems exist in respect of existing IP-based communication systems. Typically, users of conventional IP-based communication systems must enter one or more usernames and/or passwords in order to gain access to such systems. The need to enter such usernames and passwords renders such systems cumbersome to use.
This problem manifests itself particularly in wireless systems where the advantage of mobility is outweighed by the disadvantage of having to enter usernames and passwords. For example, wireless user devices, such as laptop computers with a wireless access capability, may be carried from the zone of operation of one wireless router to another. It is inconvenient for the user to have to enter his (or, once and for all, her) username and password when moving from one router to another.
Conventional wireless routers are operable to store a number of recognised MAC addresses, each MAC address relating to a wireless communication facility (e.g. a wireless network card) of a recognised communication device (e.g. a laptop computer).
Such conventional wireless routers are therefore operable to permit communication devices having a recognised MAC address to access an IP-based network via a wireless router, and to deny communication devices not having a recognised MAC address from such access.
Existing wireless routers can enable a recognised wireless communication device to access, for example, a private IP-based network without requiring a user of the device to enter a username or password. However, the user may still have to enter a username and password if he tries to access another IP-based network via another wireless router. Accordingly, it is recognised that although such wireless routers allow the benefits of mobility to be exploited by "recognised" user communication devices, such mobility can only be realistically exploited when accessing an IP-based network via the user's "home" wireless router, or another wireless router in which the user communication device's MAC address has been stored. That is, the true potential benefits of mobility cannot be fully exploited using conventional IP-based communication systems as user communication devices in such systems can only access large IP-based networks, such as the Internet, from a small number of wireless routers.
These problems are particularly apparent in mobile telephony. WiFi (Wireless Fidelity) mobile telephones are well known. However, use of such telephones is currently very limited. Such telephones are, more than other types of device, likely to be moved about geographically, such that they are moved from the zone of operation of one wireless router to the next. However, users of such devices currently have to enter a username and/or password (or other equivalent identification data) in order to access telephony services at a wireless router. Due to this disadvantage, the uptake of such WiFi mobile telephones has been relatively modest, and the network coverage for such devices is similarly modest. It is desirable to solve the above-mentioned problems with existing IP-based communication systems. It is further desirable to provide an IP-based communication system in which users may be granted access universally in an efficient manner.
According to an embodiment of a first aspect of the present invention, there is provided a method of granting a candidate device access to a service provided by a service provider in an IP-based communication system, the system comprising service provider apparatus of the service provider and a plurality of service point apparatuses interconnected by the Internet, the service point apparatuses being separate from one another and from the service provider apparatus, the candidate device having a predetermined device identifier unique to that device stored therein, method comprising: maintaining at the service provider apparatus a record of at least one registered device identifier; obtaining the device identifier of the candidate device from the candidate device via a particular one of the service point apparatuses without the user of the candidate device having to supply that identifier; determining whether the obtained device identifier is a registered device identifier; and if it is determined that the obtained device identifier is such a registered device identifier, granting the candidate device access to said service via said particular one of the service point apparatuses.
It is advantageous to grant a candidate device access to services provided over an IP- based communication system based on a device identifier of the device. The device identifier is preferably not defined by a user of the device and is preferably defined by the service provider or an agent thereof before the candidate device is provided to the user. It will be appreciated that such a device identifier, being unique to the device, could be a link-layer address of the device, for example a MAC address. However, the identifier could alternatively be a pass-code or number stored within the device. The identifier is preferably "embedded" within the communication functionality of the candidate device and therefore does not need to be "entered" by the user. This information is also unique to the candidate device and is relatively difficult to duplicate in another device. Accordingly, a sufficient degree of system security is afforded by granting access on this basis.
It is advantageous to identify a candidate device by its identifier (e.g. by its link-layer address) as this enables the logical location of the device within the communication system to be identified. This is possible since, in the case of a link-layer address, each such link-layer address of each participating device in a communication link across the system may be identified, since the link is defined using these addresses. The system may however be designed such that a pass-code rather than a link-layer address is identified from each such participating device.
Preferably, access is granted to the service based on the device identifier (e.g. link- layer address) alone. This is advantageous as no other information need be checked in order to grant the access. Accordingly, such a method is efficient in terms of processing time required and information that need be transmitted across such communication systems.
It is advantageous to maintain the at least one record in the service provider apparatus. This apparatus may be accessible by each of the service point apparatuses, and accordingly a candidate device may gain access irrespective of which service point apparatus is employed.
Preferably, the determination as to whether the obtained device identifier is registered is carried out by determining if the device identifier is registered at the service provider apparatus. This is advantageous as the service point apparatuses may each access a "central store" of such records, and thereby not need to store such information themselves. This use of a central store may enable a particular candidate device to access services from any service point apparatus.
Optionally, however, a record of at least one registered device identifier is maintained at each of one or more of the service point apparatuses. Accordingly, it may be possible to first determine whether the obtained identifier is registered at the service point apparatus via which that device identifier was obtained. Then, if the obtained device identifier is not registered at the service point apparatus via which that device identifier was obtained, it may be possible to determine whether the obtained device identifier is registered at said service provider apparatus. This may have the advantage that on certain occasions it may not be necessary to consult the "central store" of information, the obtained identifier being instead registered in the service point apparatus concerned.
Preferably, the service can be provided from any one of two or more service point apparatuses at which the device identifier is obtained from the candidate device. It is advantageous for the candidate device to be able to access the service from at least two different service point apparatuses, and preferably from all such service point apparatuses.
Preferably, the service provider apparatus and the service point apparatuses are distributed across the Internet. This increases the geographical coverage of the system and maximises the benefits obtainable from the use of wireless candidate devices and wireless service point apparatuses.
Preferably, the method further comprises: maintaining at the service provider apparatus, for the or each registered device identifier (e.g. link-layer address), a record of at least one item of user information corresponding thereto; and granting the candidate device access to said service via said one of the service point apparatuses in dependence upon the obtained device identifier and at least one such corresponding item of user information.
The corresponding information may comprise any of a name and address of a user of the device, payment information for the user, or one or more telephone numbers to be associated with the candidate device. The corresponding information may optionally also comprise a username and password to allow the user to access services, and the stored information, over the Internet. The username and password may be employed to provide increased system security.
It is preferable to maintain payment information for a user of the candidate device to enable such a user to be billed for use of services provided by a service provider. That is, the payment information may be associated with a candidate device and ultimately with a user of the candidate device to link an ability of a user to pay for services with the candidate device. Such services may comprise any of telephony, e-mail, or Internet-browsing services. Accordingly, it is to be understood that the present invention is intended to relate to the transfer of any type of data over an IP-based communication system.
Preferably, the or each device identifier is a link-layer address. Preferably, the or each device identifier is a MAC address. Such addresses are commonly pre-embedded within candidate devices on manufacture, and, as such, no further pass-code need be employed. It is well-known that MAC addresses are link-layer addresses, or data-link- layer addresses, for use in IP-based networks designed around the OSI 7-layer network model. However, it is recognised that the term "MAC address" may be rendered obsolete by future developments in Internet protocols. Accordingly, the term link-layer address is intended to cover any equivalent device-specific and unique-per- device address employed for Internet-based communication.
Optionally, the candidate device may be an IP-capable (WiFi) telephone, PDA, computer, or any other communication device capable of communicating across an IP- based network. It is envisaged, for example, that a large range of products, from RFID devices to credit cards to set-top boxes may be fitted with communication equipment having a device identifier such as a link-layer address and being capable of communication over an IP-based network. Accordingly, the term candidate device is intended to include any such device fitted with communication equipment having a device identifier such as a link-layer address and being capable of communication over an IP-based network.
Advantageously, at least one (or each) service point apparatus comprises wireless service point apparatus, and the candidate device is a wireless communication device. The service point device may, for example, be a wireless router. It is particularly advantageous to employ wireless communication techniques (WiFi) between a service point apparatus and a candidate device so as to maximise the benefit of the mobility provided thereby. If, for example, the wireless candidate device is a WiFi telephone, the user may carry his telephone around with him, and use it when he is in the operational vicinity of any wireless service point apparatus by gaining access to a telephony service provided by a service provider. The telephony service may enable him to both receive and make telephone calls using his WiFi telephone.
Preferably, the obtaining, determining and granting operations are carried out automatically when the candidate device is reconfigured or relocated from a first state, in which communication with said one of the service point apparatuses is not possible, to a second state, in which communication with said one of the service point apparatuses is possible.
In the case of a wireless service point apparatus (e.g. a wireless router) and a wireless candidate device (e.g. a WiFi telephone), the first state may be when the candidate device is switched off or when the candidate device is out of range of the service point apparatus. The second state may therefore be when the candidate device is in range of the service point apparatus and is switched on. The range of operation of a wireless service point apparatus (the zone of operation) may differ from one apparatus to the next, and also be dependent on its location. That is, it is preferable to automatically carry out the obtaining, determining and granting steps when the candidate device begins a communication with one of the service point apparatuses.
The services provided by the service provider may include any service which is providable over the communication system. Many devices are controllable over the Internet. Therefore, for example, when the candidate device is granted access to the services provided by the service provider, an operation of another device may be triggered. The other device could be a security system. For example, doors may be unlocked as the provided service. The other device may be a home environment system. For example, heating, lighting, and/or air conditioning may be activated as the provided service. It will be appreciated that the other devices controlled as the provided service may be located anywhere in the world, provided that they are controllable via the communication system.
The provision of such services may be pre-arranged by a user with the service provider, such that, for example, the service is automatically provided when the candidate device of the user is granted access to services via a particular service point apparatus. This is advantageous as the service may effectively be provided based on the location of the candidate device. For example, if the candidate device is granted access to services via a service point apparatus of an airport lounge, access to that lounge may be granted as the service (for example, by opening the lounge doors).
Knowledge of the location of a candidate device having been granted access to services (due to knowledge of the logical location of the link-layer address, or other device identifier, of the candidate device with respect to that of a particular service point apparatus) may also enable services to be offered to other parties. For example, in the case of wireless communication devices, an owner of a chain of retail shops may have a wireless service point apparatus located in each shop of the chain. In that case, it may be possible for a message to be transmitted exclusively to each wireless candidate device currently being provided services via wireless service point apparatuses in those retail shops. The message may contain marketing information, for example notifying users in those shops of current offers or discounts. In another example, it may be possible for the agent (in this case, the owner of a retail shop, or a member of his staff) to be notified that a particularly important client or customer is logged on for receiving services via his wireless service point apparatus. This may enable the owner, or a member of his staff, to direct staff or services in the shop to the particularly important client or customer.
The service provided to a candidate device by the service provider may be the ability for that candidate device to be accessed from other devices over the Internet. For example, it may be possible to use another device, for example a computer or PDA, to retrieve information from the candidate device once it has been granted access to the service. Alternatively, if the candidate device is a WiFi telephone, it may be possible to telephone the candidate device from another telephone or other equipment equipped for telephony (e.g. a laptop with VoIP software).
The service provided by the service provider may comprise a transfer of data over a communication path between first and second devices, the method further comprising taking into account path cost when determining a route for said path between said first and second devices. The use of certain paths across a communication network may incur costs to the service provider, and ultimately to the user of the candidate device.
For example, part of a communication path may comprise a cellular network, or a conventional land-line network, for which charges are raised for use thereof.
Accordingly, where possible, the transfer of data over a communication path between first and second devices as the provided service may be routed over the least cost path, in order to provide the user of the candidate device value for money. For example, use of the Internet where possible in preference over land lines may lead to a lower cost communication path, as compared to a path predominantly using such land lines.
According to an embodiment of a second aspect of the present invention, there is provided an IP-based communication system for granting a candidate device access to a service provided by a service provider, the candidate device having a predetermined device identifier unique to that device stored therein, the system comprising: service provider apparatus of the service provider operable to maintain a record of at least one registered device identifier; a plurality of service point apparatuses operable to provide at least part of a communication link between the candidate device and the service provider apparatus, the plurality of service point apparatuses being separate from one another and from the server provider apparatus, and the plurality of service point apparatuses and the server provider apparatus being interconnected by the Internet; means operable to obtain the device identifier of the candidate device from the candidate device via a particular one of the service point apparatuses without the user of the candidate device having to supply that identifier; determining means operable to determine whether the obtained device identifier is a registered device identifier; and access-granting means operable, if it is determined that the obtained device identifier is such a registered device identifier, to grant the candidate device access to said service via said particular one of the service point apparatuses.
According to an embodiment of a third aspect of the present invention, there is provided a communication device adapted for use at a service provider apparatus in an IP-based communication system to grant a candidate device access to a service provided by a service provider, the candidate having a predetermined device identifier unique to that device stored therein, the system also comprising a plurality of service point apparatuses separate from one another and from the server provider apparatus, and the service provider apparatus and the plurality of service point apparatuses being interconnected by the Internet, the communication device comprising: address- obtaining means operable to obtain the device identifier of the candidate device from the candidate device via a particular one of the service point apparatuses without the user of the candidate device having to supply that identifier; determining means operable to determine whether the obtained device identifier is registered in information storage means of the service provider separate from the plurality of service point apparatuses; and access-granting means operable, if it is determined that the obtained device identifier is so registered, to grant the candidate device access to said service via said particular one of the service point apparatuses.
Preferably, the communication device further comprises the information storage means, such means being operable to maintain a record of at least one registered device identifier. The communication device may be, for example, a server.
According to an embodiment of a fourth aspect of the present invention, there is provided, in a communication device adapted for use at a service provider apparatus in an IP-based communication system, a method of granting a candidate device access to a service provided by a service provider, the candidate having a predetermined device identifier unique to that device stored therein, and the system also comprising a plurality of service point apparatuses separate from one another and from the server provider apparatus, and the service provider apparatus and the plurality of service point apparatuses being interconnected by the Internet, the method comprising: obtaining the device identifier of the candidate device from the candidate device via a particular one of the service point apparatuses without the user of the candidate device having to supply that identifier; determining whether the obtained device identifier is registered in information storage means of the service provider separate from the plurality of service point apparatuses; and if it is determined that the obtained device identifier is so registered, granting the candidate device access to said service via said particular one of the service point apparatuses.
According to an embodiment of a fifth aspect of the present invention, there is provided, a computer program which, when executed on a communication device, causes the communication device to carry out the steps of a method embodying the aforementioned fourth aspect of the present invention.
According to further aspects of the present invention there is provided a set of computer programs which, when loaded into respective computing devices, causes those devices to carry out a method embodying the aforementioned first aspect of the present invention.
According to further aspects of the present invention there are provided methods for routing communication from and to the candidate device via the most cost efficient route. Examples of such methods are provided in the description of embodiments of the present invention.
According to further aspects of the present invention there are provided methods for matching the device identifier (e.g. the link-layer address of the device) to an employed registered service point apparatus, both on initial registration of the device, and when the device is in use, to allow an owner of the service point apparatus to obtain a share of revenues generated from use of the candidate device having the device identifier. Examples of such methods are provided in the description of embodiments of the present invention.
It will be appreciated that features of method aspects may also be applicable to system apparatus or computer-program aspects and vice versa. Reference will now be made, by way of example, to the accompanying drawings, in which:
Figure 1 is a schematic diagram of an IP-based communication system embodying the present invention. Figure 2 is a flowchart of a method embodying the present invention.
Figure 3 is a schematic diagram of an IP-based communication system embodying the present invention.
Figure 4 is a schematic diagram of service provider apparatus embodying the present invention. Figure 5 is a schematic diagram of an IP-based communication system embodying the present invention.
Figure 6 is a schematic diagram of an IP-based communication system embodying the present invention.
Figure 7 is a schematic diagram of an IP-based communication system embodying the present invention.
Figure 8 is a schematic diagram of an IP-based communication system embodying the present invention.
Embodiments of the present invention described below employ link-layer addresses (MAC addresses) as the device identifier. MAC addresses have been employed in those embodiments as a preferable example of a device identifier as those addresses are pre-embedded in the example candidate devices provided in those embodiments during manufacture of those devices. However, it will be appreciated that each of those embodiments may instead employ, as the device identifier, a pass-code or the like pre- loaded into the candidate devices by the service provider, or by an agent thereof.
Figure 1 is a schematic diagram of an IP-based communication system 1 embodying the present invention. The communication system 1 comprises a number of devices accessible via the Internet 4. In particular, the communication system 1 comprises a service provider server 2, a database 6, a plurality of registered service points 8, a plurality of user terminals 10 served by the registered service points 8, a plurality of unregistered service points 12, a further plurality of user terminals 10 served by the unregistered service points 12, a land line provider 14, a plurality of land-line devices 16 served by the land line provider 14, a cellular network provider 18, a plurality of cellular devices 20 served by the cellular network provider 18, a satellite or cable service provider 22, a plurality of user units 24 served by the satellite or cable service provider 22, a conventional-internet-service provider 26, and a plurality of internet- ready devices 28.
It is desirable for a service provider to provide services to or on behalf of users of the user terminals 10. In order to provide such services, the service provider controls the operation of the service provider server 2, and the database 6. Also, in order to provide such services, the service provider arranges for a number of registered service points 8 to be installed in various locations, such that they are accessible via the
Internet 4. The registered service points 8 may be owned by the service provider or by agents of the service provider. Such services may also be provided by means of unregistered service points 12, also accessible via the Internet 4.
It will be appreciated that the Internet 4 is a distributed network, and accordingly the service provider server 2, the database 6, the registered service points 8, the unregistered service points 12, the land line provider 14, the cellular network provider 18, the satellite or cable service provider 22, and the conventional-internet-service provider 26 may be distributed across the world, or alternatively ail located within a single country.
The service provider server 2 may be a single device, or may comprise a plurality of devices distributed across the Internet 4. Similarly, the database 6 may also be a single device, or may comprise a plurality of devices distributed across the Internet 4. The or each database 6 may be a device in its own right, or may be part of a service provider server 2.
Embodiments of the present invention employ the database 6 to store a user-terminal record for at least one registered user terminal 10. Preferably, however, the database stores records for a plurality of user terminals 10. Such records each comprise at least a MAC address (link-layer address) of a particular registered user terminal 10. Those records preferably also comprise further information relating both to the user terminal 10 concerned, and to a user of that user terminal 10. Such further information may include, for example, a name and address of the user, and account payment details for the user. The account payment details may, for example, comprise credit card details for the user concerned, such that the user may be billed for his use of the service via his user terminal 10. The further information may also include, in the case of the user terminal 10 being a telephone, one or more telephone numbers to be assigned to that telephone.
Embodiments of the present invention also employ the database 6 to store a service- point record for at least one registered service point 8. Preferably, however, the database 6 stores records for a plurality of registered service points 8. Such records each comprise at least a MAC address (link-layer address) of a particular registered service point 8.
The service-point records preferably also comprise further information relating both to the registered service point 8 concerned, and to a party responsible for that registered service point 8. Such further information may include, for example, a name and address of the responsible party, and account payment details therefor. The account payment details may, for example, comprise bank account details for the party concerned, such that the party may be financially rewarded for use made of its registered service point 8 by users. Such further information may also include, a unique equipment identification number (UEIN) assigned to each registered service point 8 by the service provider so as to clearly identify that registered service point 8 to the service provider. Such further information may also include a geographical location of the registered service point 8, and a logical or network location thereof.
As above mentioned, a party responsible for a particular registered service point 8 may be the service provider itself or an agent thereof. For example, a particular registered service point 8 may be owned or rented (or leased) by an agent of the service provider. Such an agent could, for example, be an owner of a restaurant or bar or other establishment in which the registered service point 8 is installed. An agent could alternatively be a public body responsible for public areas in which such registered service points 8 may be installed.
Embodiments of the present invention also employ the database 6 to store a further service-point record for at least one unregistered service point 12. Whilst the records for registered service points 8 may be populated during registration thereof, the records for an unregistered service point 12 may be populated over time as a user employs that unregistered service point 12 to access services provided by the service provider. It will be appreciated that although less information will in practice be recorded in respect of unregistered service points 12 as compared to that recorded in respect of registered service points 8, the same information could be recorded if made available to the service provider.
In the communication system 1, each user terminal 10 is a WiFi-enabled (Wireless Fidelity) mobile telephone having a MAC address, and each registered service point 8 and unregistered service point 12 is a wireless router also having a MAC address. It will, however, be appreciated that other devices may be substituted as the service points 8, 12 and the user terminals 10. Other such embodiments will be described later, however, it is to be understood that the user terminals 10 could be, for example, personal computers, PDAs (Personal Digital Assistants), or any other communication device capable of communicating over an IP-based network and having a MAC address (link-layer address). The service points 8, 12 could be wired routers, modems, servers, or any other device having a MAC address and capable of enabling a communication device also having a MAC address to access the Internet 4 therethrough.
Each wireless router (service point 8, 12) of the communication system 1 has an associated zone of operation, within which user terminals 10 may communicate therewith. Accordingly, user terminals 10 may pass in and out of zones of operation of such wireless routers.
The land line provider 14, the plurality of land-line devices 16 served by the land line provider 14, the cellular network provider 18, the plurality of cellular devices 20 served by the cellular network provider 18, the satellite or cable service provider 22, the plurality of user units 24 served by the satellite or cable service provider 22, the conventional-internet-service provider 26, and the plurality of internet-ready devices 28 may be conventional devices. However, it will be appreciated that any of the devices 14, 18, 22, and 26 could be adapted to become a service point 8, 12, for example by providing those devices with the necessary capability (hardware and/or software) to operate over an IP-based network such that those devices possess a MAC address. It will also be appreciated that any of the devices 16, 20, 24, and 28 could be adapted to become a service point 8, 12, or a user terminal 10, for example by providing those devices with the necessary capability to operate over an IP-based network such that those devices possess a MAC address. An internet-ready device 28 may be, for example, a computer, a PDA, or any other type of communication device. An internet- ready device 28 may be provided with VoIP software, and thus be capable of telephony with a user terminal 10 (also being capable of telephony) in a similar way as described below in respect of land-line devices 16 (telephones) and cellular devices 20 (mobile telephones) with reference to Figure 3.
Operation of the communication system 1 will be discussed with reference to Figure 2. Figure 2 is a flow diagram of a method 30 embodying the present invention. The method 30 commences at step 32, and proceeds to step 34. In step 34, a device identifier of a candidate device is obtained via a service point apparatus. The candidate device may be, for example, a user terminal 10. The service point apparatus may be, for example, a registered service point 8, or an unregistered service point 12. The device identifier in the Figure 1 embodiment is a MAC address (link-layer address).
After step 34, it is determined in step 38 whether the obtained device identifier is a registered device identifier or not. This determination may involve access to a database of registered device identifiers such as the database 6, which in the Figure 1 embodiment stores MAC addresses.
If the obtained device identifier is a registered address, the method 30 proceeds to step 40, in which the candidate device is granted access to a service provided by the service provider. The method 30 then terminates 42. If, however, the obtained device identifier is not a registered address, the method 30 may proceed from step 38 to step 44, in which the candidate device is denied access to any services provided by the service provider. In this case, the method 30 terminates 42. Alternatively, if the obtained device identifier is not a registered address, the method 30 may proceed from step 38 to step 46, in which a user of the candidate device is permitted to register that candidate device. The method 30 may then be carried out again, the device identifier of the candidate device having been registered in the database 6.
Methods embodying the present invention may include further steps in which credit- card details registered in respect of a candidate device are confirmed before granting it access to services. Other methods embodying the present invention may include further steps for checking that an entered username and/or password is registered in respect of a candidate device before granting it access to services. Although these extra steps may optionally be carried out for commercial or security reasons, a preferred embodiment of the present invention omits these extra steps so as to enable a registered user terminal to access the available service as conveniently as possible. Considering method 30 with reference to the communication system 1 of Figure 1 , and therefore considering MAC addresses as link-layer addresses (device identifiers), a user may carry a registered WiFi mobile telephone (user terminal 10) into the zone of operation of a registered wireless router (registered service point 8). In that case, the telephone may, by means of software or hardware provided therein, recognise that it is in operational range of the wireless router and attempt to access services provided by the service provider through the router. This attempt to access services provided by the service provider may be initiated by the user, for example pressing a button on the telephone, or may preferably be initiated automatically by the software provided therein.
This activity will initiate (step 32) the execution of method 30, and the MAC address (link-layer address) of the WiFi telephone will be obtained (step 34) either by the wireless router and/or by other equipment such as the service provider server 2. A determination will then be made (step 38) as to whether the obtained MAC address is registered in the database 6. In the present case, the WiFi telephone is a registered user terminal 10, and the telephone will be granted access to services provided by the service provider (step 40). The user may then be considered to be "logged on" to the service such that the telephone may communicate with the service provider server 2 via the wireless router. The method 30 may be carried out in a combination of the service provider server 2 and the database 6, or in a combination of the service provider server 2, the service point 8, 10, and the database 6. The present invention extends to a computer program or a series or set or suite of computer programs operable to cause computing devices such as servers and routers to carry out methods embodying the present invention, or to become service provider apparatuses and service point apparatuses.
The service provider server 2 may record the logical location of a logged-on user terminal 10 by reference to the service point 8, 10, serving that user terminal 10. This may be achieved by recording the MAC address of the service point 8, 10 serving that user terminal 10. If the geographical location of the service point 8, 10 is known to the service provider, for example if the service point is a registered service point 8, then the service provider server 2 may also record the geographical location of the logged-on user terminal 10. The location (logical and/or geographical) of a logged-on user terminal 10 may be stored after the user has logged off, or deleted. For example, the location of a user terminal 10 when it first logs on may be permanently stored. This may be advantageous for commercial reasons. Agents may sell user terminals 10 to new users so as to increase the number of users taking advantage of the services provided by the service provider. In order to encourage the agents to sell such user terminals 10, a record of the agent having sold a particular new user terminal 10 may be recorded, for example by allowing the new user terminal 10 to log on for the first time via a registered service point 8 operated by that agent. The MAC address of the agent's registered service point 8 can be captured as the new user terminal first logs on, and a financial reward can be paid to the agent for introducing that new user. That is, a permanent association may be made between the link-layer address of the registered service point 8 at which a new user terminal 10 is first logged on to receive services, and the link-layer address of the new user terminal 10. One commercial model may be to pay a proportion of any future revenues generated from that user to the agent that sold him the user terminal. Another commercial model may be to reward not only the agent that sold the new user terminal, but also to reward agents on a per-use basis, such that each time a user uses his user terminal 10 via a registered service point 8, a proportion of any revenue generated from that use is paid to the agent responsible for that registered service point 8. That is, a transitory association may be made between the link-layer address of a currently-used registered service point 8 at which a user terminal 10 is receiving services, and the link-layer address of that user terminal 10. Clearly, commercial models may be changed from time to time, however it is clear that knowledge of the MAC addresses of service points can enable a variety of commercial models to be employed. It may be possible through these models to share revenues with service point 8, 12 owners.
In the communication system 1 , the WiFi telephones (user terminals 10) each have a number of telephone numbers assigned thereto, and stored in the record for the telephone concerned in the database 6. The telephone may have more than one number assigned thereto so as to enable the user, for example, to have a business and a personal telephone number. The telephone may also have telephone numbers registered in different countries of the world. For example, the telephone may have a British, an American, and a Japanese telephone number. A particular logged-on telephone may make or receive telephone calls to or from other telephones. The provision of telephone numbers registered in different countries may enable the routing of telephone calls to or from the registered WiFi telephone to be routed by the most cost-effective route. For example, a user of a candidate device, based in the UK and having both a British and a Japanese telephone number assigned to his candidate device, may offer a Japanese friend his Japanese telephone number. Accordingly, if the Japanese friend was to telephone the user's WiFi telephone (candidate device) from Japan, the call may be routed (as a domestic call) to a telephone provider in Japan, and then over the Internet 4 to the WiFi telephone. This may be a lower-cost route than if the user had provided his Japanese friend only with his British telephone number, in which case the call may have been routed at high cost (as an international call) to a telephone provider in the UK before being routed over the Internet 4.
Figure 3 is a schematic diagram of an IP-based communication system 50 embodying the present invention. Figure 3 is useful for explaining examples of possible telephone calls made or received by users of logged-in user terminals 10. The communication system 50 is a part of the communication system 1 , and those common component devices already discussed with reference to Figure 1 have been numbered in the same way and duplicate description, and labelling of the computer devices in Figure 3, is omitted. The letters A to G have been provided in Figure 3 to identify the origin, route, and destination of example telephone calls.
It will be appreciated that a particular logged-on telephone (user terminal) may make or receive telephone calls to or from a conventional land-line telephone 16 or cellular telephone 18, telephone calls being transmitted using VoIP (Voice over Internet Protocol) techniques where possible, and over conventional telephone networks where necessary. That is, it is possible for a registered user terminal, if enabled for telephony services, to make and receive telephone calls to and from non-registered devices such as a conventional telephone (or any other device enabled for telephony such as a laptop having VoIP software). For example, with reference to Figure 3, a telephone call between a user terminal 10 and a conventional land-line phone 16 could be transmitted using VoIP techniques between the user terminal 10 and the land-line provider 14 (A to B, via F)1 and then using conventional land-line services (POTS) from the land line provider 14 to the land-line phone 16 (B to C). The term POTS (Plain Old Telephone Service) refers to conventional analogue telephony transmitted over copper wires.
A telephone call between two users of user terminals 10 may be routed entirely using VoIP services, via the service provider server 2 (A to G, via F). This may be advantageous to users of the user terminals 10, as no charges are incurred through use of conventional telephone networks.
The telephone numbers associated with each user terminal 10 are preferably recognisable by conventional telephone networks as standard telephone numbers, such as PSTN (Public Switched Telephone Network) numbers. For example, with reference to Figure 3, a user of a conventional telephone, such as a cellular device 20 may call a user of a particular user terminal 10 using a particular associated PSTN number. In the present example, such a call could first be routed to a conventional telephone service operator of the country in which the particular PSTN number is registered (for example, from D to E to B). The call would then be routed to the service provider server 2 (B to F) because that number has been registered as being assigned to the service provider. At the service provider server 2, the particular PSTN number would be identified in the database 6 and the associated MAC address of the user terminal retrieved therefrom. Accordingly, the remaining part of the routing would be carried out on the basis of the retrieved MAC address. In this example, the user terminal 10 may be recorded as being currently logged-on at a particular registered service point 8 (G), and the call routed directly thereto (F to G).
Figure 4 is a schematic diagram of service provider apparatus 60 embodying the present invention. The service provider apparatus 60 comprises a communication link 62, identifier-obtaining means 64, determining means 66, information storage means 68, and access-granting means 70.
The information storage means 68 is operable to maintain a record of at least one registered device identifier such as a MAC (link-layer) address, and in the present case maintains a plurality of such records. The identifier-obtaining means 64 is operable to obtain a device identifier of a candidate device from signals transmitted thereto via the communication link 62. The candidate device may be, for example, attempting to access services which may be provided by the service provider apparatus 60 via a service point apparatus 8, 10. The determining means 66 is operable to determine whether the device identifier of the candidate device is such a registered device identifier, for example by accessing the information storage means 68. The access- granting means 70 is operable, if it is determined that said device identifier is such a registered address, to grant the candidate device access to services via a service point 8, 10. The service provider server 2 of Figure 1 may comprise the service provider apparatus 60 of Figure 4, or alternatively, the service provider apparatus may be distributed between the service provider server 2, the database 6, and a service point 8, 10.
Figure 5 is a schematic diagram of an IP-based communication system 70 embodying the present invention. The communication system 50 comprises a service provider server 2, a database 6, and two registered service points 8 distributed across the Internet 4. These elements have already been described with respect to the IP-based communication system 1 of Figure 1 , and duplicate description is omitted. The communication system 70 further comprises a user terminal 10, a door-activation unit 72, and a central heating system 74. It is to be understood that the door-activation unit 72 and the central heating system 74 may be considered to be user terminals of the communication system 70.
The door-activation unit 72 may, for example, be located in an airport, for example for controlling the entrance doors of a corporate lounge. Accordingly, a user having a user terminal 10 and entering the operational zone of the registered service point 8 adjacent to the corporate lounge may be automatically granted access to the airport lounge. That is, the service provided by the service provider may, in this case, be the controlling of the entrance doors to the corporate lounge using the door-activation unit 72.
The doors of the corporate lounge may be caused to open as follows. As the user of the user terminal 10 enters the operational zone of the registered service point 8 adjacent to the corporate lounge, the user terminal 10 concerned may automatically detect that it has come into the operational zone of a registered service point 8. This may be the case if the user terminal 10 is a WiFi telephone, and if the registered service point 8 is a wireless router. The user terminal 10 may then seek access to services provided by the service provider. Assuming that the MAC address of the user terminal 10 is registered in the database 6, and that further information is registered in relation to that MAC address indicating that the user should be permitted access to the corporate lounge, the user terminal 10 may be granted access to the door-opening service, and accordingly the doors of the corporate lounge may be opened. It is to be appreciated that the example of the door-activation unit 72 is only one example of a multitude of devices that may be controlled in a similar way. For example, when a user having the user terminal 10 enters the operational zone of the registered service point 8 in the airport, the central heating system 74 of the user may be triggered to heat the home of the user. This may be desirable, for example, if the user has just returned to the country after a holiday abroad, and would like his house to be heated by the time he returns home from the airport. It will therefore be appreciated that the device, in this case the central heating system 74, controlled as the service provided by the service provider may be anywhere in the world, as long as it may be controlled via a service point apparatus, or directly over the communication system.
Figure 6 is a schematic diagram of an IP-based communication system 80 embodying the present invention. The communication system 80 comprises a service provider server 2 and a database 6 distributed across the Internet 4. These elements have already been described with respect to the communication system 1 of Figure 1, and duplicate description has been omitted. The communication system 80 further comprises a set-top box 82, and a cash machine controller 89. The set-top box 82 and the cash machine controller 89 are equivalent to the registered service points 8 of Figure 1. The communication system 80 further comprises a plurality of user terminals 10 (as described with reference to Figure 1) and a payment device 92. The payment device 92 is equivalent to a user terminal 10.
The set-top box 82 is connected to a television 84, and accordingly controls those channels that may be viewed on the television. An adult user 86 and an infant user 88 are shown next to the television 84. In the present embodiment, the set-top box 82 (registered service point) has the functionality of a wireless router. Furthermore, the user terminals 10 are WiFi telephones.
When the user terminals 10 are in the operational zone of the set-top box 82, they may be automatically logged on for receiving services provided by the service provider, as explained above. The database may store, in addition to the MAC addresses of the use terminals 10, details of those television channels that the relevant users are permitted to watch. This information may have been supplied to the service provider by the adult user 86. Accordingly, the set-top box may be controlled to only allow certain channels to be watched when the adult user 86, and, more particularly, his user terminal 10, is in the operational zone of the set-top box 82. The cash machine controller 89 may be located in a restaurant, and connected to a cash machine 90. The cash machine controller 89 in the present embodiment has the functionality of a wireless router, and the payment device 92 is capable of wireless communication (WiFi) with the cash machine controller 89. Accordingly, it can be seen that a user having the payment device 92 may pay for a meal 94 received in the restaurant without having to hand over any credit-card details or the like to an owner of the restaurant. It will be appreciated that the functionality of the payment device 92 may be built into a WiFi telephone, PDA, or other similar equipment.
Figure 7 is a schematic diagram of an IP-based communication system 90 embodying the present invention. The communication system 90 comprises a service provider server 2, a database 6, and a plurality of registered service points 8 distributed across the Internet 4. These elements have already been described with reference to the communication system 1 of Figure 1 and duplicate description has been omitted. The IP-based communication system 90 further comprises a plurality of user terminals 92, 94, and 96. In the present case the user terminals are examples of office equipment, for example a computer 92, a telephone 94, and a printer/scanner/fax machine 96.
In the present embodiment, the registered service points are wireless routers, and the user terminals 92, 94, 96 are capable of wireless communication with the wireless routers. In the communication system 90 the two registered service points 8 may be situated in different office buildings, perhaps located in different countries. It will be appreciated, that because the user terminals 92, 94, and 96 are identified by their MAC addresses, those devices may be moved from the operational zone of one registered service point 8 to the operational zone of another registered service point, regardless of where those registered service points 8 are located. Accordingly, following the move 98, the terminals 92, 94 and 96 may be used without needing to reconfigure them and without the need for new telephone numbers or the like.
Figure 8 is a schematic diagram of an IP-based communication system 100 embodying the present invention. The communication system 100 comprises a service provider server 2, a database 6, and a plurality of registered service points 8 distributed across the Internet 4. These elements have already been described with reference to the communication system 1 of Figure 1 and duplicate description has been omitted. The communication system 100 further comprises a plurality of user terminals 102, 104, 106, 108, 110, and 112. Those user terminals are equivalent to the user terminal 10 of Figure 1.
In the communication system 100, the three registered service points 8 are located in three separate locations 114, 116, and 118. For the benefit of further explanation, it will be assumed that the registered service points 8 in locations 114 and 118 are both operated by the same agent of the service provider, and that the registered service point 8 in location 116 is operated by a different agent of the service provider. Services may be provided to users of the user terminals on behalf of agents of the service provider. For example, the agent of the service provider operating the registered service points 8 of locations 114 and 118 may be an owner of a chain of retail shops, and locations 114 and 118 may be considered to be shops of that chain. Assuming that each of the user terminals 102, 104, 106, 108, 110, and 112 is currently logged on for receiving services from the service provider, it may be possible for the service provider to send a message or other communication to the user terminals 102, 104, 110, and 112, but not to the user terminals 106, and 108. This may be advantageous to an agent, for example for targeting marketing and advertising information to customers of that agent.
Another advantage provided by the present embodiment is that an agent may be informed by the service provider when a particular user terminal is logged on for receiving services from the service provider via a registered service point 8 operated by that agent. For example, the agent of location 116 may be particularly interested to know when the user of user terminal 106 is logged on for receiving services in his location 116, but not interested to know when the user of user terminal 108 is logged on. Accordingly, it will be appreciated that an agent may specify a particular user or group of users that he is interested in. Such a group of users may be specified in a number of different ways, for example by age, gender, occupation, marital status, or in any other way.
Embodiments of the present invention may be implemented in hardware, or as software modules running on one or more processors, or on a combination thereof. That is, those skilled in the art will appreciate that a microprocessor or digital signal processor (DSP) may be used in practice to implement some or all of the functionality of a server (or other communication equipment) embodying the present invention. The invention may also be embodied as one or more device or apparatus programs (e.g. computer programs and computer program products) for carrying out part or all of any of the methods described herein. Such programs embodying the present invention may be stored on computer-readable media, or could, for example, be in the form of one or more signals. Such signals may be data signals downloadable from an Internet website, or provided on a carrier signal, or in any other form.
The present invention is applicable to different types of distributed communication network and does not necessarily need to be implemented over the Internet 4. For example, the present invention may be implemented within a private network such as an intranet.
Reference may be made to IP communication standards, and to wireless communications standards (such as IEEE 802.11) to better understand embodiments of the present invention.

Claims

CLAIMS:
1. A method of granting a candidate device access to a service provided by a service provider in an IP-based communication system, the system comprising service provider apparatus of the service provider and a plurality of service point apparatuses interconnected by the Internet, the service point apparatuses being separate from one another and from the service provider apparatus, and the candidate device having stored therein a predetermined device identifier unique to that device and not defined by a user of the device, the method comprising: maintaining at the service provider apparatus a record of at least one registered device identifier; obtaining the device identifier of the candidate device from the candidate device via a particular one of the service point apparatuses without the user of the candidate device having to supply that identifier; determining whether the obtained device identifier is a registered device identifier; and if it is determined that the obtained device identifier is such a registered device identifier, granting the candidate device access to said service via said particular one of the service point apparatuses.
2. A method according to claim 1 , wherein in said determining step it is determined whether the obtained device identifier is registered at said service provider apparatus.
3. A method according to claim 1 , further comprising: maintaining at each of one or more of said service point apparatuses a record of at least one registered device identifier; when determining whether the obtained device identifier is a registered device identifier, determining first whether the obtained device identifier is registered at the service point apparatus via which that device identifier was obtained; and if the obtained device identifier is not registered at the service point apparatus via which that device identifier was obtained, determining whether the obtained device identifier is registered at said service provider apparatus.
4. A method according to any preceding claim, wherein the service can be provided from any one of two or more service point apparatuses at which the device identifier is obtained from the candidate device.
5. A method according to any preceding claim, further comprising: maintaining at the service provider apparatus, for the or each registered device identifier, a record of at least one item of user information corresponding thereto; and granting the candidate device said access in dependence upon the obtained device identifier and at least one such corresponding item of user information.
6. A method according to claim 5, wherein, for the or each registered device identifier, at least one such corresponding item of user information is payment information relating to a user of a device having the registered device identifier concerned.
7. A method according to any preceding claim, wherein the or each device identifier is a link-layer address.
8. A method according to any preceding claim, wherein the or each device identifier is a MAC address.
9. A method according to any preceding claim, wherein the candidate device is an IP-capable telephone, PDA, or computer.
10. A method according to any preceding claim, wherein at least one said service point apparatus comprises wireless service point apparatus, and wherein the candidate device is a wireless communication terminal.
11. A method according to any preceding claim, wherein at least one said service point apparatus is a wireless router.
12. A method according to any preceding claim, comprising automatically carrying out said obtaining, determining and granting steps when the candidate device begins a communication with one of the service point apparatuses.
13. A method according to claim 12 when read as appended to claim 10, wherein said wireless service point apparatus has an associated operational zone within which a compatible wireless communication terminal may communicate with the wireless service point apparatus, and said obtaining, determining and granting steps are carried out automatically when the wireless communication terminal comes into said associated zone.
14. A method according to any preceding claim, wherein the provision of the service involves a transfer of data over a communication path between first and second devices, the method further comprising taking into account path cost when determining a route for said path between said first and second devices.
15. An IP-based communication system for granting a candidate device access to a service provided by a service provider, the candidate device having stored therein a predetermined device identifier unique to that device and not defined by a user of the device, the system comprising: service provider apparatus of the service provider operable to maintain a record of at least one registered device identifier; a plurality of service point apparatuses operable to provide at least part of a communication link between the candidate device and the service provider apparatus, the plurality of service point apparatuses being separate from one another and from the server provider apparatus, and the plurality of service point apparatuses and the server provider apparatus being interconnected by the Internet; means operable to obtain the device identifier of the candidate device from the candidate device via a particular one of the service point apparatuses without the user of the candidate device having to supply that identifier; determining means operable to determine whether the obtained device identifier is a registered device identifier; and access-granting means operable, if it is determined that the obtained device identifier is such a registered device identifier, to grant the candidate device access to said service via said particular one of the service point apparatuses.
16. A communication device adapted for use at a service provider apparatus in an IP-based communication system to grant a candidate device access to a service provided by a service provider, the candidate having stored therein a predetermined device identifier unique to that device and not defined by a user of the device, the system also comprising a plurality of service point apparatuses separate from one another and from the server provider apparatus, and the service provider apparatus and the plurality of service point apparatuses being interconnected by the Internet, the communication device comprising: address-obtaining means operable to obtain the device identifier of the candidate device from the candidate device via a particular one of the service point apparatuses without the user of the candidate device having to supply that identifier; determining means operable to determine whether the obtained device identifier is registered in information storage means of the service provider separate from the plurality of service point apparatuses; and access-granting means operable, if it is determined that the obtained device identifier is so registered, to grant the candidate device access to said service via said particular one of the service point apparatuses.
17. A communication device according to claim 16, further comprising said information storage means operable to maintain a record of at least one registered device identifier.
18. A communication device according to claim 16 or 17, being a server.
19. In a communication device adapted for use at a service provider apparatus in an IP-based communication system, a method of granting a candidate device access to a service provided by a service provider, the candidate device having stored therein a predetermined device identifier unique to that device and not defined by a user of the device, and the system also comprising a plurality of service point apparatuses separate from one another and from the server provider apparatus, and the service provider apparatus and the plurality of service point apparatuses being interconnected by the Internet, the method comprising: obtaining the device identifier of the candidate device from the candidate device via a particular one of the service point apparatuses without the user of the candidate device having to supply that identifier; determining .whether the obtained device identifier is registered in information storage means of the service provider separate from the plurality of service point apparatuses; and if it is determined that the obtained device identifier is so registered, granting the candidate device access to said service via said particular one of the service point apparatuses.
20. A computer program which, when executed on a communication device, causes the communication device to carry out the steps of claim 19.
21. A method of granting a candidate device access to a service provided by a service provider in an IP-based communication system as hereinbefore described with reference to the accompanying drawings.
22. An IP-based communication system as hereinbefore described with reference to the accompanying drawings.
23. A communication device adapted for use at a service provider apparatus in an IP-based communication system as hereinbefore described with reference to the accompanying drawings.
24. In a communication device adapted for use at a service provider apparatus in an IP-based communication system, a method of granting a candidate device access to a service provided by a service provider as hereinbefore described with reference to the accompanying drawings.
25. A computer program as hereinbefore described with reference to the accompanying drawings.
PCT/GB2007/000486 2006-02-10 2007-02-12 Ip-based communication WO2007091098A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
GB0602755.1 2006-02-10
GB0602755A GB2435117A (en) 2006-02-10 2006-02-10 Automatic roaming authentication in IP-based communication

Publications (1)

Publication Number Publication Date
WO2007091098A1 true WO2007091098A1 (en) 2007-08-16

Family

ID=36119895

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/GB2007/000486 WO2007091098A1 (en) 2006-02-10 2007-02-12 Ip-based communication

Country Status (2)

Country Link
GB (1) GB2435117A (en)
WO (1) WO2007091098A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105577611B (en) * 2014-10-10 2019-05-24 广州联奕信息科技有限公司 A kind of computer security implementation method and device based on hardware and server authentication

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020196764A1 (en) * 2001-06-25 2002-12-26 Nec Corporation Method and system for authentication in wireless LAN system
US20050177723A1 (en) * 2004-02-10 2005-08-11 Industrial Technology Research Institute SIM-based authentication method capable of supporting inter-AP fast handover
US20050286489A1 (en) * 2002-04-23 2005-12-29 Sk Telecom Co., Ltd. Authentication system and method having mobility in public wireless local area network

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7260638B2 (en) * 2000-07-24 2007-08-21 Bluesocket, Inc. Method and system for enabling seamless roaming in a wireless network
FI113322B (en) * 2002-06-20 2004-03-31 Teliasonera Finland Oyj Method of transmitting a user identification password pair and a wireless network
NZ538119A (en) * 2002-08-16 2006-09-29 Togewa Holding Ag Method and system for GSM authentication during WLAN roaming
KR100501323B1 (en) * 2002-12-16 2005-07-18 삼성전자주식회사 Method and Apparatus for the realization of mobility by using WLAN Voice terminal at the ISDN switching system
US20050059396A1 (en) * 2003-09-09 2005-03-17 Chuah Mooi Choo Communications protocol between a gateway and an access point

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020196764A1 (en) * 2001-06-25 2002-12-26 Nec Corporation Method and system for authentication in wireless LAN system
US20050286489A1 (en) * 2002-04-23 2005-12-29 Sk Telecom Co., Ltd. Authentication system and method having mobility in public wireless local area network
US20050177723A1 (en) * 2004-02-10 2005-08-11 Industrial Technology Research Institute SIM-based authentication method capable of supporting inter-AP fast handover

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
OTT J ET AL: "Towards automated authentication for mobile users in WLAN hot-spots", VEHICULAR TECHNOLOGY CONFERENCE, 2005. VTC-2005-FALL. 2005 IEEE 62ND DALLAS, TX, USA 25-28 SEPT., 2005, PISCATAWAY, NJ, USA,IEEE, 25 September 2005 (2005-09-25), pages 1232 - 1241, XP010878752, ISBN: 0-7803-9152-7, Retrieved from the Internet <URL:http://ieeexplore.ieee.org/iel5/10422/33097/01558124.pdf?tp=&arnumber=1558124&isnumber=33097> [retrieved on 20070620] *

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105577611B (en) * 2014-10-10 2019-05-24 广州联奕信息科技有限公司 A kind of computer security implementation method and device based on hardware and server authentication

Also Published As

Publication number Publication date
GB2435117A (en) 2007-08-15
GB0602755D0 (en) 2006-03-22

Similar Documents

Publication Publication Date Title
TWI289010B (en) A system for software maintenance of a wireless Internet access device, a method of maintaining software on a wireless network access device and a system providing internet access
US20030112942A1 (en) Providing account usage fraud protection
US20110159861A1 (en) Mobile phone number anonymizer
US11706351B2 (en) Mobile computing device having dynamically reconfigurable session initiation protocol (SIP) phone services
WO2002011391A2 (en) System for distributed network authentication and access control
JP2008511231A (en) Method and system for connecting to a network via a wireless local area network
US10554645B2 (en) Method for authenticating internet users
US20120243444A1 (en) Communication system to localize devices and methods thereof
CN101374279A (en) System and method for mobile terminal to use IPTV business
CN109937608A (en) Sensing data is acquired from sensor device
WO2007010541A2 (en) Method and system for secure redirection of incoming and outgoing multimedia sessions over a data network
US8504829B2 (en) Certification system in network and method thereof
WO2007091098A1 (en) Ip-based communication
KR101916342B1 (en) System and Method for Location based Marketing Information Service Using the AP
US10142277B2 (en) Posting and consultation of messages by users of social networks
CN102027777A (en) Base station device, information processing device, filtering system, filtering method, and program
KR20070021045A (en) Systm for providing network service and method thereof
KR100830705B1 (en) Auto Calling Portal System by Using Open-end Service Technology and Calling Method thereof
KR20120043864A (en) System and method for providing internet services using connecting device information
FI108904B (en) A method for establishing data network connections
JP2001352411A (en) Dial-up connection system
CN113572906A (en) Equipment access terminal in communication system for call center
KR101258508B1 (en) Common path accessing system based on terminal identification and method thereof
KR100863209B1 (en) Common path accessing system based on terminal identification and method thereof
Dennis Mobility as an ICT enabler

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application
NENP Non-entry into the national phase

Ref country code: DE

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC OF 301208

122 Ep: pct application non-entry in european phase

Ref document number: 07712716

Country of ref document: EP

Kind code of ref document: A1