TECHNICAL AREA

The present invention is regarding a new way of authenticating Wi-Fi enabled devices to Wi-Fi networks with minimal user intervention.

BACKGROUND OF THE INVENTION

More and more electronic devices are getting capabilities to connect to the Internet wirelessly. The main means of connecting wirelessly is through Wi-Fi or a built-in mobile broadband chip that allows the device to use a SIM-card or similar to connect to a mobile network.

These different technologies have different advantages and disadvantages. Wi-Fi transmits and receives data on cheap unlicensed spectrum at high data rates

(typically around 55 Mbit/s). On the negative side it has a limited range. A single Wi- Fi router typically covers one apartment or one floor in a house. Connecting to a Wi- Fi router also requires manual configuration of every device connecting to the router. Although the industry has proposed standards for this such as EAP-SIM and WPS the process is still difficult for consumers.

Mobile broadband on the other hand uses licensed spectrum and advanced technology, which makes the devices as well as the access to such networks expensive. On the other hand, mobile broadband requires minimal configuration from the consumer and is more or less ubiquitous in populated areas.

Another factor to take into consideration with mobile broadband is that since the networks are so expensive to build, mobile operators want to minimize the number of base stations. This means that even though a mobile network in theory can support a high data rate, many users will share that capacity whereas with Wi-Fi the coverage area is limited but users connected to the network only share the capacity with other people on the same Wi-Fi network. Technology Advantages Disadvantages

Wi-Fi Cheap Limited range (<50m)

High data rates Requires authentication with a Wi-Fi hotspot

Mobile data Good data rates Expensive

Ubiquitous Limited spectrum available

Simple user experience

Consumer use of mobile data is increasing rapidly. Handling of this traffic is becoming more and more expensive for mobile operators. They are therefore pushing consumers into using Wi-Fi to lower the load on the mobile networks. The industry term for combining mobile broadband networks with Wi-Fi is "Wi-Fi offloading".

Using more Wi-Fi would not only be good for operators, it would be good for consumers too. Wi-Fi typically means faster browsing speeds and lower mobile broadband costs. But Wi-Fi is hard to use and consumers end up not using Wi-Fi since it is so complex.

Most mobile data is consumed in offices and homes, which means that the biggest gains in Wi-Fi offloading can be gained there. Also, many mobile operators sell both fixed and mobile broadband but they view the businesses as separate entities today although the mobile broadband division would have much to gain from users increasing the use of products from the fixed broadband division. A simple way to automatically know which home routers a user should be allowed to use would therefore minimize mobile data usage.

BRIEF DESCRIPTION OF INVENTION

The aim of the present invention is to remedy the drawbacks of the state of the art technology. This aim is obtained by the features of the independent patent claims. Preferable embodiments of the invention form the subject of the dependent claims. A major aim of the invention is to provide a method of providing access to a wireless connection. Essentially the method comprises a step of obtaining and storing data from a wireless connection made accessible by a wireless connection owner. The data from the wireless connection may preferably be the credentials of that wireless connection that enables devices to be connected.

In order to select persons that are allowed to connect to the wireless connection, another step is obtaining and storing data from the social graph of the wireless connection owner. The use of the social graph provides an advantage in that the social graph already contains persons that the owner of the wireless connection knows and hopefully trusts.

The next step is then to provide stored data regarding said wireless connection to persons in said social graph.

An obvious advantage with the method is that the data regarding the wireless connection may be provided and thereby provided to selected persons in a very easy and straightforward way. Thereby, the social graph provides a good selection of persons that the owner of the wireless connection knows well and can trust, whereby the data required to access the wireless connection is safely distributed.

Further, the data regarding the wireless connection may be distributed in a very convenient way, thereby lowering the complexity of using Wi-Fi. For example, the end user is not required to know the network name and password of the Wi-Fi network he/she wishes to use.

Either the data of said wireless connection is provided from said wireless connection owner, or the data of said wireless connection is provided from a wireless network operator and approved by said wireless connection owner. Preferably data from the social graph of the owner comprises contact data related to said persons. These contact data may come from a number of sources available, such as Facebook, Twitter, Linkedln, Gmail or the like, just to mention a few. As a preferable development of the method according to the invention, a further step may comprise obtaining rules regarding accessibility of said wireless connection to persons in said social graph, where these rules may be set by the connection owner. This enables the connection owner to limit the access. For example, some of the persons in the social graph should not be able to use the wireless connection, for example friends of friends. Other types of restrictions may include time limits, i.e. that certain persons may only access the wireless connection during certain time periods.

In order to facilitate the present invention, it may further comprise a method of obtaining a connection with a wireless connection for a device capable of wireless communication. The device may be any suitable device having communication means that are capable of transmitting and receiving data via a wireless connection. The device may be a computer, a smartphone, a gaming console and the like.

The method may comprise communicating user data related to said device, comparing said user data with stored data from the social graph for identification, and if identified, providing said device with data of said wireless connection for obtaining a connection.

According to one alternative, said user data is provided manually by a user of said device. As an option the user data may be provided automatically during initial communication between said device and said wireless connection. Preferably, in this respect, the user data comprises the social graph of said user.

Furthermore, the method according to the present invention, may store the

authentication information in such a way that when the user starts consuming data with a new device or replaces an old device, the authentication information is automatically provisioned. These and other aspects of, and advantages with, the present invention will become apparent from the following detailed description of the invention and from the accompanying drawings. BRIEF DESCRIPTION OF DRAWINGS

In the following detailed description of the invention, reference will be made to the accompanying drawings, of which

Fig. 1 schematically shows communication paths for a system according to the present invention,

Fig. 2 shows a flow chart regarding the handling of information of the system according to the present invention,

Fig. 3 shows a flow chart for connecting to a Wi-Fi router of an owner in connection with the social graph of that owner, and

Fig. 4 shows an example of a social graph.

DETAILED DESCRIPTION OF THE INVENTION

The present invention comprises a system with at least one database 10 in communication with a server 12 capable of communicating with other devices 14, 16 via suitable communication media such as the Internet 18, Fig. 1. The server is capable of managing and storing credentials of Wi-Fi routers 20 in a dedicated database. The system is managed by a service provider.

The credentials for a Wi-Fi router 20 can be gathered through several different ways, step 100 of Fig. 2. The primary means for gathering credentials is that an owner connects to the server and manually inputs those credentials via a communications device, such as a computer 14, a smartphone 16 or the like device capable of communicating via communication media. As an alternative, for easy handling, the present invention may provide an application that the user can run on his communications device that streamlines the process. As a further alternative, the credentials may also be provided by a manufacturer of the router and imported into the database.

As a yet further alternative, the credentials may be provided by a network operator or reseller 22 of the router such as a fixed line operator.

With the two last scenarios the owner does not provide the credentials himself, he/she only needs to verify that he owns the router. The credentials of a certain Wi-Fi router are stored in the database together with a unique identifier of the owner of the Wi-Fi router and his or her social graph, steps 1 10 and 120, Fig. 2.

The data regarding the owner, step 1 10, may be inputted by the owner and managed by the system to obtain a unique identifier connected to the credentials of the router. Also, the data regarding the owner may be provided by the network operator, for example when the owner orders a fixed broadband subscription, thereby providing data of himself/herself, which data then is communicated to the system of the invention.

Figure 4 shows an example of a social graph. Here the owner of the router is (1 ) and (2)-(6) members of his social graph. As can be seen, members of the social graph can be both direct friends as well as friends of friends and even further back. The social graph can either be a direct representation of the social graph that is stored in the database, or a reference that allows the invention to contact a remote entity that contains the user's social graph.

The direct representation may be done by retrieving and storing the owner's social graph in the database. The lists may come from many sources of social graph providers such as e.g. Facebook, Linkedln, Twitter and Gmail, as well as address books of electronic devices, just to mention a few social graph providers available in communication networks. As an alternative, the owner of the Wi-Fi router may manually input persons into the database that he/she wishes to have access to the router. In any of these

alternatives, any verification of persons that wish to access the Wi-Fi router is not dependent on accessibility of the social graph providers.

It is of course to be understood that an address book in a device of the owner of the router also is to be regarded within the scope of the social graph as defined in the present application. Thus, persons named in the owners address book may also be provided access. The content of the address book with its contacts, in part or in whole, is transmitted to the database and stored together with previously mentioned contact information.

It is further to be understood that the social graph as defined in the present

application is wider than friends or friends of friends. It may well be business contacts, regular customers, just to mention a few, that can be included in the social graph and thereby be granted access. In this respect, it is to be understood that the owner of the router may be a business enterprise, for example a cafe or restaurant, that has set up a local area network within their premises. The owner of the router has beforehand registered information that uniquely identifies the router. Persons in the vicinity of the router, and having the computing device running a special software, as will be described below, may be alerted of the actions necessary to obtain the credentials of the router. The indirect representation may be performed by contacting the owner's social graph provider for checking and verifying persons that wish to acquire access to the router of the owner. With this scenario, no data need to be stored in the system of the service provider. Also, the list of persons is always up-to-date. In any case, the social graph is linked to the unique identifier by the system, 130, so that the credentials of the router of the owner may be provided to the social graph associated with that owner according to the stored data of the system. However, the owner may set certain limitations, step 140, as to which persons in the social graph that may gain access to the router. As seen in Fig. 4, the social graph may include friends of friends in a number of steps back and may include persons the owner may not know very well or does not want to grant access to. Relevant criteria may include for example limitation of how far away they are in the social graph (e.g. not allowing a friend's friends to connect) or blacklisting of specific members of the graph or only a whitelisting of certain members.

The limitations may be set, or altered, by the owner by connecting to the system of the service provider. In this respect, the owner may have his own start page accessible by the service provider via a login procedure. Further, restrictions or certain criteria demands may also be raised by the operator of the network and/or provider of the router. When the router is up and running and is communicating with the Internet, the owner may provide access to his/her router among the persons of the social graph, step 150.

A potential user that wishes to authenticate a device with a Wi-Fi router 300, Fig. 3, and has not previously been connected to the system of the invention and has not used the services, he/she starts by configuring the device, 310, that is to be connected to the router. This may be done by for example entering a certain website, downloading an application or using a built-in service in the device. The device is then configured to communicate with the system of the service provider.

The potential user then authenticates the service provider and provides a direct representation of his/her social graph or a reference to such a graph.

The service provider then compares the social graph of the owner of the router, 320, and checks if the user that is trying to connect is a member of that graph, 330. If not, then the potential user is denied any credentials or asked to authenticate in a different manner, 340. If included in the social graph, the system checks if there are any limitations set on that particular person, 350. If so, then the potential user is denied credentials or asked to use a different form of authentication, 340. The limitations may in this case be that the person is not a close friend of the owner, and that the owner does not approve all persons in the social graph to have access. The requester may then be allowed to ask the owner for access to the Wi-Fi router by appropriate message means such as text messages, mail or via a dedicated software running on the device. The owner may then decide to allow access or deny access. If there are no limitations, then the user may obtain the credentials, 360, in that the service provider can configure the device with the credentials to connect to the Wi-Fi router in question, 370. In one variant, the device is configured by an application or program or via a website where the user of the device interacts with the system of the service provider.

As another alternative, the service provider may configure the device without any interaction or participation by a user, so called push technology or push services, which may be advantageous in some instances. Further, it is also possible for the service provider to update the device at a later time with new credentials. For example, if a Wi-Fi router owner changes the credentials, for example by changing to a new router, then the new credentials may be pushed automatically to the accepted persons in the social graph without any interaction by these persons.

In Fig. 3, there is also shown how a potential user may act if he/she has previously used the services, i.e. has configured his/her device to communicate with the system, 380. Then the device connects to the system after which the steps 320 to 370 are used. Further, if the user has been given the credentials according to 360 previously, then the device can directly use the credentials according to 370 when in range of the router.

However, the owner may have set further limitations, 390, for persons in the social graph that may affect the accessibility of the router. For example, the limitations may be that certain users may only be given access during certain hours of the day, certain days of the week, or the like. There might also be limitations that have been set after the initial approval of a person in the social graph, for example the owner has changed his/her mind regarding certain persons. It is to be understood that the embodiment described above and shown in the drawings is to be regarded only as a non-limiting example of the invention and that it may be modified in many ways within the scope of the patent claims.