| JP60005649 | CHARGE INFORMATION TRANSFERRING SYSTEM |
| WO/2002/075339 | COMMUNICATIONS SYSTEM WITH FRAUD MONITORING |
| JP09018489 | VIRTUAL PASS BAND CHANGE CONTROLLING SYSTEM |
EE, Thomas Chong Gay (511 Woodlands Drive 14, #05-61, Singapore 1, 73051, SG)
| CLAIMS
1. A network access method comprising the steps of:
detecting the hardware identifier of the connecting network device;
comparing said hardware identifier to previously stored hardware identifiers; and
identifying a class to which a known previously stored hardware identifier belongs, said classes comprising:
a. a first class where said hardware identifier has been previously stored and the user of said connecting device has provided user details including payment details; or b. a second class where said hardware identifier has been previously stored but the user of said device has not provided details;
permitting access to said first class of hardware identifiers to a first class of network services;
permitting access to said second class of hardware identifiers to a second class of network services, said second class of service being a sub-set of said first class of services; and
storing unknown hardware identifiers and permitting access to said second class of services.
2. A network access method as claimed in claim 1 wherein said hardware identifier is a hardware address of a network device.
3. A network access method as claimed in claim 1 wherein said hardware identifier is a hardware address of a wired network card.
4. A network access method as claimed in claim 1 wherein said hardware identifier is a hardware address of a wireless network card.
5. A network access method as claimed in any one of claims 1 to 4 wherein each said class of network services includes network services selected a plurality of web pages, access to Internet site and/or access to other network resources, including network file and print services.
6. A network access method as claimed in any one of claims 1 to 5 including the step of prompting users outside of class one to enter user and or payment details when said user attempts to access web sites outside of said users class of service.
7. A network access method as claimed in any one of claims 1 to 6 wherein said user of said connecting device has provided details including payment details, said method including recording network usage by said user.
8. A network access method as claimed in any one of claims 1 to 7 wherein
said step of storing unknown hardware identifiers includes the step of recording the time of first access;
said classes further including:
c. a third class where said hardware identifier has been previously stored but the user of said device has not provided details and a defined period of time since said first access has expired;
said step of identifying said class to which an identifier belongs includes the step of identifying hardware identifiers in said second class where the defined period of time since said first access has expired, and moving said hardware identifiers into a third class;
and said steps include permitting access to said third class of hardware identifiers to a third class of network services and web sites, said third class of service being a sub-set of said second class of services.
9. A network access method as claimed in claim 8 wherein said user of said connecting device has provided details including payment details, said method including recording network usage by said user, accounting for said network usage by said user, and wherein when said users balance exceeds a limit set by said network provider moving said user into said third class.
10. A network access method as claimed in claim 9 including the step of prompting said user for a payment before said users balance exceeds said limit.
11. A network access method as claimed in claim 10 or claim 11 including the step of prompting said user for a payment when said users balance exceeds said limit.
12. A network access method as claimed in any one of claims 9 to 11 wherein said limit is zero and said payment is a prepayment.
13. A network access method as claimed in claim 9 including the step of attempting deducting an amount from an account provided by said user before moving said user into said third class.
14. A network access method as claimed in any one of claims 1 to 13 wherein
said classes further including:
d. an access denied class where said hardware identifier has been denied network access by the network service provider;
and said steps include prohibiting network access to said access denied class of hardware identifiers.
15. A network access method as claimed in any one of claims 1 to 14 wherein network access to said second class of network services is granted until said hardware identifier is detected.
16. A network access method as claimed in any one of claims 1 to 15 wherein network access is charged by network resource consumed.
17. A network access method as claimed in any one of claims 1 to 15 network access is charged by data volume.
18. A network access method as claimed in any one of claims 1 to 15 network access is charged by data volume for accessing class one network services.
19. A network access method as claimed in. any one of claims 1 to 15 wherein network access is charged by one or a combination of data volume, duration of access or access speed.
20. A method of providing prepaid access to network services comprising the steps of:
allowing access to a sub-set of all network services while the hardware address of a connecting network device is detected;
comparing the detected hardware identifier to previously detected and stored hardware identifiers; storing unknown hardware identifiers and associating said hardware identifiers with an account;
requesting a payment if the balance of said account is below a set amount;
incrementing said account balance when a payment is received;
decrementing said account balance as network services are consumed; and
allowing a network device access to a set of network resources, said account balance determining the set of network services a detected hardware identifier is allowed access to.
21. A method of providing prepaid access to network services as claimed in claim 20 wherein said hardware identifier is a hardware address of a network device.
22. A method of providing prepaid access to network services as claimed in claim 20 wherein said hardware identifier is a hardware address of a wired network card.
23. A method of providing prepaid access to network services as claimed in claim 20 wherein said hardware identifier is a hardware address of a wireless network card.
24. A method of providing prepaid access to network services as claimed in any one of claims 20 to 23 wherein a network device with an account balance above said set amount is allowed access to the full set of network services.
25. A method of providing prepaid access to network services as claimed in any claim 24 wherein said set amount is zero.
26. A method of providing prepaid access to network services as claimed in claim 24 or claim 25 including the step of requesting a payment before said balance is at or below said limit.
27. A method of providing prepaid access to network services as claimed in any one of claims 20 to 26 wherein the set of network services includes a plurality of web pages, access to Internet sites and or access to other network resources including network file and print services.
28. A method of providing prepaid access to network services as claimed in any one of claims 20 to 27 including the step of requesting a payment when a network device requests network services outside of the set which the device is allowed access to.
29. A method of providing prepaid access to network services as claimed in any one of claims 20 to 28 wherein the step of storing unknown hardware identifiers and associating said hardware identifiers with an account includes setting a grace period for free access, and wherein said grace period status and said account balance determine the set of network services a detected hardware identifier is allowed access to.
30. A method of providing prepaid access to network services as claimed in any one of claims 20 to 29 wherein said account balance is decremented based on a charge for data volume.
31. A method of providing prepaid access to network services as claimed in any one of claims 20 to 29 wherein said account balance is decremented based on a charge for access to a sub-set of network services.
32. A method of providing prepaid access to network services as claimed in any one of claims 20 to 29 wherein said account balance is decremented based on a charge for a combination of data volume, duration of access or access speed.
33. A method of providing prepaid access to network services as claimed in any one of claims 20 to 32 including the step of denying network access to hardware identifiers tagged as prohibited. |
NETWORKACCESS METHOD
TECHNICAL FIELD
The present invention relates to a method of providing network access to unknown users. In particular the present invention relates to a network access method allowing network access to unknown users using a system hardware identifier to distinguish users.
BACKGROUND ART
Network providers such as internet service providers ("ISP"), hotels or cafes in order to operate the network need to collect usage charges. In order to do so, the network providers must be able to identify each user connecting to the network. User identification is commonly achieved via a process of user registration. An example of user registration is the use of a web page in which a new user enters their details and a unique user account is created for the user. The user account will allow the user to log onto the network to gain access. Another example of the registration of a user is in an internet cafe or hotel where pass codes are given out allowing temporary connect to the network.
The use of the identifier allows the network provider to monitor resources consumed by the individual user and to charge for those resources either on a time basis or on a volume basis.
Such a system makes it difficult for users in a new network environment, either wireless or wired, to connect to a previously unknown system. It also makes it difficult and expensive for network service providers to collect the necessary information in order to be able to bill the user.
SUMMARY OF THE INVENTION
Accordingly, it is an object of the present invention to overcome the above disadvantages or to provide the public or industry with a useful choice.
In a first embodiment the present invention consists in a network access method comprising the steps of:
detecting the hardware identifier of the connecting network device;
comparing said hardware identifier to previously stored hardware identifiers; and
identifying a class to which a known previously stored hardware identifier belongs, said classes comprising:
a. a first class where said hardware identifier has been previously stored and the user of said connecting device has provided details including payment details; or b. a second class where said hardware identifier has been previously stored but the user of said device has not provided details;
permitting access to said first class of hardware identifiers to a first class of network services;
permitting access to said second class of hardware identifiers to a second class of network services, said second class of service being a sub-set of said first class of services; and
storing unknown hardware identifiers and permitting access to said second class of services.
Preferably said hardware identifier is a hardware address of a network device.
Alternatively said hardware identifier is a hardware address of a wired network card.
Alternatively said hardware identifier is a hardware address of a wireless network card.
Preferably wherein each said class of network services includes network services selected from a plurality of web pages, access to Internet sites and/ or access to other network resources, including network file and print services.
Preferably including the step of prompting users outside of class one to enter user and or payment details when said user attempts to access web sites outside of said user's class of service.
Preferably said user of said connecting device has provided details including payment details, said method including recording network usage by said user.
Preferably said step of storing unknown hardware identifiers includes the step of recording the time of first access;
said classes further including:
c. a third class where said hardware identifier has been previously stored but the user of said device has not provided details and a defined period of time since said first access has expired;
said step of identifying said class to which an identifier belongs includes the step of identifying hardware identifiers in said second class where the defined period of time since said first access has expired, and moving said hardware identifiers into a third class;
and said steps include permitting access to said third class of hardware identifiers to a third class of network services, said third class of service being a sub-set of said second class of services.
Preferably said user of said connecting device has provided details including payment details, said method including recording network usage by said user, accounting for said network usage by said user, and wherein when said users balance exceeds a limit set by said network provider moving said user into said third class.
Preferably including the step of prompting said user for a payment before said users balance exceeds said limit.
Preferably including the step of prompting said user for a payment when said users balance exceeds said limit.
Preferably said limit is zero and said payment is a prepayment.
Preferably including the step of attempting deducting an amount from an account provided by said user before moving said user into said third class.
Preferably said classes further including:
d. a fourth class where said hardware identifier has been denied network access by the network service provider;
and said steps include prohibiting network access to said fourth class of hardware identifiers.
Preferably network access to said second class of network services is granted until said hardware identifier is detected.
Preferably network access is charged by network resource consumed.
Preferably network access is charged by data volume.
Alternatively network access is charged by data volume for accessing class one network services.
Alternatively network access is charged by one or a combination of data volume, duration of access or access speed.
In a second embodiment the present invention consists in a method of providing prepaid access to network services comprising the steps of:
allowing access to a sub-set of all network services while the hardware identifier of a connecting network device is detected;
comparing the detected hardware identifier to previously detected and stored hardware identifiers;
storing unknown hardware identifiers and associating said hardware identifiers with an account;
requesting a payment if the balance of said account is below a set amount;
incrementing said account balance when a payment is received;
decrementing said account balance as network services are consumed; and
allowing a network device access to a set of network resources, said account balance determining the set of network services a detected hardware identifier is allowed access to.
Preferably said hardware identifier is a hardware address of a network device.
Alternatively said hardware identifier is a hardware address of a wired network card.
Alternatively said hardware identifier is a hardware address of a wireless network card.
Preferably a network device with an account balance above said set amount is allowed access to the full set of network services.
Preferably said set amount is zero.
— D —
Preferably including the step of requesting a payment before said balance is at or below said limit.
Preferably the set of network services includes a plurality of web pages, access to Internet sites and or access to other network resources including network file and print services.
Preferably including the step of requesting a payment when a network device requests network services outside of the set which the device is allowed access to.
Preferably the step of storing unknown hardware identifiers and associating said hardware identifiers with an account includes setting a grace period for free access, and wherein said grace period status and said account balance determine the set of network services a detected hardware identifier is allowed access to.
Preferably said account balance is decremented based on a charge for data volume.
Alternatively said account balance is decremented based on a charge for access to a sub-set of network services.
Alternatively said account balance is decremented based on a charge for a combination of data volume, duration of access or access speed.
Preferably including the step of denying network access to hardware identifiers tagged as prohibited.
BRIEF DESCRIPTION OF THE DRAWINGS
The present invention will now be described with reference to the accompanying drawings in which:
Figure 1 is a block diagram of the present invention;
Figure 2 is an example illustrating the unique hardware identifier of some network devices;
Figure 3 is a flow diagram of the system of the present invention; and
Figure 4 is an example payment interface of the present invention.
DETAILED DESCRIPTION
,
- 6 -
Referring to Figure 1 when a new user using a computer 101 or computer like device seeks to establish a connection with a network operator 103 in order to enjoy free network services 104, the underlying network allows the network operator to detect the hardware identifier (hardwarelD) of the network device 102 the user is using to connect to the network.
This detection, a process of discovery and collection, of network device hardwarelD 102 is part of the functionality within the access engine 105. The hardware identifier is a globally unique hardware address of the network device 102, commonly known as the medium access control (MAC) address. The network device can be a modem (examples, cable modem with a MAC address) or an Ethernet network interface card (NIC) commonly found in personal computers. An example of the Ethernet card with its MAC address identifier 201 can be seen in Figure 2.
The access engine 105 of the present invention is a non-intrusive system that is transparent to the user as it sniffs and process the network information in the background, while the user enjoys the free services 104. When the access engine 105 has identified the hardware identifier 102, it will check in its database 106 to determine whether this hardware identifier 102 has been previously detected.
The hardware identifiers 102 within the database 106 are sorted into four classes. The first class contains those identifiers that have been detected and the user has provided their details including payment details and the users account balance does not exceed a limit set by the network provider. In one embodiment the limit set is zero and the user has to prepay for the network access. The second class contains those identifiers that have been detected but the user has not yet provided their details. The third class contains those identifiers that have been detected; the user has not provided their details and a time period fixed by the network provider for providing details from when access first granted has expired. The third class may also contain hardware identifiers of users who have provided details but where the users account debt balance exceeds the limit set by the network provider. A fourth class of hardware identifiers that are banned from connection to the system may also be kept. Users may be banned from access for various reasons.
Each class of user has a class or sub-set of network services that they can access. In the preferred embodiment the first class 107 contains more services than the second class 104 and the second class contains more services than the third class 108. A user in the first class is allowed access to all the services in the first 107, second 104 and third class 108 of services. A user in the second class is allowed access to the second 104 and third class 108 of services and a user in the third class is allowed access only to the third class 108 of services. Each class of services may
contain a plurality of web pages, Internet access and other network services. Network services include file and print services.
Referring to Figure 3, free network access 301 to the second class of services is granted until the access system 105 detects the hardware identifier 302. If the hardware identifier 201 has not been previously detected 302 the access engine 105 initialises the user/ device 304 by adding the network identifier to the database 106 and the access engine 105 may set a grace period for extended access.
During the grace period a user /network device is allowed to connect to the network 103 and access network services as allowed by the network service provider. Typically the user is provided with access to network access class two services, being a sub-set of the network services/resources available. After the grace period has expired the user is allowed access to only a limited number of network services, typically only to class three 108 services.
During the grace period the user may be allowed to access all or the vast majority of network services. After the grace period ends a user may only have access to a limited number of network services. These accessible network services can be any form of network resources in general, examples such as network file storage, network printing, email or access to Internet websites as selected by the network provider. The network provider my select services depending upon the services from which the network provider receives revenue.
If a user tries to access a network service or site that is part of the payable services 107, the user will be requested to provide user details to the network provider. The user may also be requested for their details after the initial grace period has expired if the user tries to access a network service (and/or web sites) that are allowed during the grace period but charged for after the grace period has expired. The user details may be requested via an online form, via a software application that is provided by the network provider that the user downloads (or is prompted to download to their system), or via a webpage.
In another embodiment the user may only need to make a payment and need not provide user details.
Referring to Figure 4 an example payment interface is shown. The payment interface may include the hardware identifier 401, the current limited associated with the hardware identifier account 402 and the current balance 403. The account status /balance may be shown on a separate
form from the payment interface, as seen in Figure 4 both the current balance and the payment interface are shown on the same form.
To make a payment a user enters the payment amount 404, the payment method 405, then enters details associated with the payment method 406. In the example illustrated credit card details are entered. The user can then choose to proceed 407 with the transaction or may alternatively cancel the transaction 408. The illustrated payment method is not to be understood as limiting the invention as many known online payment methods can be utilised without departing from the spirit of the invention.
Various network protocols for example, voice over IP, virtual private networks or instant messaging may be outside the pool of free services 104 and a user/ device attempting to connect to any of these protocols would be prevented from doing so. During the grace period the user may be allowed access to some of these services.
Once the network operator has collected information from the user and stored against the user's hardware identifier within database 106, the user will have unlimited access provided that they have either prepaid for the access or provided that their account is within the limit set by the network provider.
Referring again to Figure 3 if the hardware identifier is known 303 the system checks for user and or payment details and an account balance 306. If the balance is acceptable to the network provider the system 105 grants open access 307 to the class one network services 107. The access system 103 records the user's access to or usage of at least chargeable network services and record the usage against the hardware identifier.
If the balance is unacceptable to the network provider the system 103 then checks whether the grace period has expired 308 if the period has not expired the user is provided with access to class two services and is prompted to provide details or make a payment 310.
If the grace period has expired the user is restricted to the third class of services and is prompted to provide details and or make a payment 311. This class of services is usually more limited.
In one embodiment a user who has previously made a payment is granted a grace period when their payment has been used. The system 103 may set a new grace period when the user's funds are used up.
The user may also provide bank account or credit card details and request that the access engine 105 automatically top the payment up once the user has used their prepaid amount.
In the preferred embodiment the users is charged by the network resources that the user accesses and not by the time the user is accessing services. The user may however be charged for any or a combination of access speed, access time or network resources consumed. The most preferred option is to charge for network resources consumed given that the user need not take a positive action to connect to the network.
Payments made by a user increment the users account balance and usage charges decrement the users balance. If the system is operated as a prepayment system balances below a defined negative limit prevent a user accessing the full array of network resources. In most cases the limit will be zero.
When access is from behind a router or any other device that substitutes its own hardware address then the system will identify only the last substituted hardware address. Accordingly that hardware address will be associated with the first user to provide details. Subsequent users will be able to access the same services as the first user is allocated and will be able to consume the first user's resources.
The foregoing description of the preferred embodiment of the invention has been presented for purposes of illustration and description. It is not intended to be exhaustive or to limit the invention to the precise forms disclosed, since many modifications or variations thereof are possible in the light of the above teaching. All such modifications and variations are within the scope of the invention. The embodiments described herein were chosen and described in order best to explain the principles of the invention and its practical application, thereby to enable others skilled in the art to utilise the invention in various embodiments and with various modifications as are suited to the particular use contemplated thereof. It is intended that the scope of the invention be defined by the claims appended hereto, when interpreted in accordance with the full breadth to which they are legally and equitably suited.
Next Patent: A BULK CARGO TRANSPORTATION SYSTEM