WO1999028805A2 - Method and device in a data network for supplying services - Google Patents

Method and device in a data network for supplying services Download PDF

Info

Publication number
WO1999028805A2
WO1999028805A2 PCT/SE1998/002181 SE9802181W WO9928805A2 WO 1999028805 A2 WO1999028805 A2 WO 1999028805A2 SE 9802181 W SE9802181 W SE 9802181W WO 9928805 A2 WO9928805 A2 WO 9928805A2
Authority
WO
WIPO (PCT)
Prior art keywords
service
client
node
service node
services
Prior art date
Application number
PCT/SE1998/002181
Other languages
French (fr)
Other versions
WO1999028805A3 (en
Inventor
Jan Bergkvist
Peter MAGNÉLI
Mats Bengtsson
Roland Carlsson
Leif Hornsved
Sonia Lundberg
Bertil Nilsson
Gunnar NYSTRÖM
Jan Skarvall
Leif Svanlund
Niclas STÅHL
Ulf Weiland
Martin Wennberg
Lars Lundgren
Therés WESTRIN
Susan Malmborg
Sören RUNDGREN
Peter Falk
Jon Martinsson
Original Assignee
Telefonaktiebolaget Lm Ericsson (Publ)
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from SE9704481A external-priority patent/SE9704481D0/en
Application filed by Telefonaktiebolaget Lm Ericsson (Publ) filed Critical Telefonaktiebolaget Lm Ericsson (Publ)
Priority to AU15807/99A priority Critical patent/AU1580799A/en
Publication of WO1999028805A2 publication Critical patent/WO1999028805A2/en
Publication of WO1999028805A3 publication Critical patent/WO1999028805A3/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0853Network architectures or network communication protocols for network security for authentication of entities using an additional device, e.g. smartcard, SIM or a different communication terminal
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q30/00Commerce
    • G06Q30/06Buying, selling or leasing transactions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/102Entity profiles

Definitions

  • the present invention relates to data networks and in particular to a method and a device for being able to make services and/or information accessible by many users with retained security.
  • the Internet has become an extremely common channel for spreading information and services, for example the distribution of programs.
  • Intranets to which, for example, only members or employers have access.
  • Intranets Such a solution is however relatively expensive, in particular for small companies, and, even if the access to the net is limited, it does not solve the problem with payment.
  • a further object of the invention is to be able to charge the users based upon their use of the services in the network.
  • a device in a data communication network in which services and/or information are supplied to the clients from service nodes in the network, which device is arranged to: - receive the request for a service from a client;
  • a client sends a request for a service to a mediating means; - the mediating means verifies that the client is authorized to use the service, acknowledges this and allotes the service node from which the service can be obtained;
  • the client starts the service locally on his computer and in the alloted service node.
  • the confirmation of the service reservation is sent to the client and/or to the alloted service node.
  • the mediating means can have several different types of service nodes with different types of services from several different suppliers connected. In this way even small service supplies can offer their services without having to construct their own networks.
  • the solution according to the invention is also scalable because it is easy to add new service nodes.
  • the device can also allocate the service node which is closest to the client, investigate if the selected service node has the capacity to supply the service to the client and in other cases select another service node and/or reserve capacity in the network for the transfer of data between the service node and the client.
  • the solution according to the invention gives a redundancy on the network level which reduces the requirement for redundancy in each node.
  • the device and method in accordance with the invention also permit the debiting of services through events connected with the costs for the use of a service being registered, for example when somebody begins and finishes the use of the service.
  • the invention results in the following advantages: according to the invention the development and distribution of commercial services by Internet Protocol (IP) as a transport system is permitted.
  • IP Internet Protocol
  • the solution according to the invention includes services for the provision of applications, for subscriptions, debiting, security, and resource management.
  • the supplier of services obtains a platform to build on and can reduce his operating and maintainance costs.
  • Fig. 1 shows the constituent units in the public intranet in accordance with the invention.
  • Fig. 2 is a flow diagram of how a user activates a service in the network according to the invention.
  • Fig. 3 shows the functional parts and interfaces in the public intranet according to the invention.
  • Fig. 4 shows the principle for access to the information which is stored in the host nodes.
  • Fig. 1 shows the nodes which are comprised in a public intranet according to the invention.
  • a number of local networks (Local Area Networks - LAN) 1, 3, 5 based on the Internet Protocol (IP) are connected to a large service network 7.
  • the service network 7 can be logically divided in three levels: a first level comprising a number of switches 9, for example Asynchronous Transfer Mode (ATM) switches, to which the local networks 1, 3, 5 are connected and through which the traffic in the network is contolled.
  • ATM Asynchronous Transfer Mode
  • the local networks 1, 3, 5 are connected to the service networks 7 in some known manner.
  • the third level comprises at least one procurement node ("broker") 13, a service managing node 15 and one or more service nodes 17.
  • the service managing node 15 comprises a user data base containing information on the users who are allowed to use certain or all of the services available on the service node 17.
  • the service managing node 15 comprises also the interface to the external system such as subscriber data bases and debiting nodes, and even debiting information based on the users' use of services.
  • the procurement node 13 comprises functions for being able to identify the user and his authorizations and for procuring services which lie on the service nodes 17 for the users in the local networks 1, 3, 5. In order that a service shall be able to be used by a user in the local net the service must therefore be registered in the procurement node 13.
  • Fig. 1 makes it possible for, for example, small companies to put out services on the Internet with limited accessability and retaining security without needing to construct their own internal network.
  • a network operator supplies procurement nodes 13, the data base 15 and the service nodes 17.
  • Those who wish to put out their services or other programs on the Internet without having to be available to everyone or who will ensure that they are paid for the use of the program can "rent" space on the service node for the program.
  • Information on who is authorized to use the program, what it shall cost, etc., is then stored in the data base in, or in connection to, the service managing node.
  • the design of the network with ATM switches and routers is only one example of several possible which are known for the skilled person.
  • the solution according to the invention is applicable in all types of IP network.
  • Fig. 2 shows, in the form of a flow diagram, the steps which are taken when a user in a local network 1, 3, 5 wants to use a service which is in a service node 17.
  • Step SI The user contacts the procurement node 13.
  • Step S2 The procurement node identifies the user and fetches information on the user's authorization from the service managing node.
  • Step S3 The user orders the desired service.
  • Step S4 The procurement node verifies that the user is authorized to order the service and sends a "ticket" to the user with a confirmation that the service is ordered and information on which service node the service can be fetched from.
  • Step S5 The user sends the ticket further to the stated service node.
  • Step S6 The service node supplies the service to the user.
  • Step S7 When the service is activated, the normal transmission of debiting information to a data base in, or in connection to, the service management node is begun.
  • the debiting information can be transmitted for events which take place while the service is being run and/or when the service is activated and deactivated.
  • the procurement node in step S4, decides which service node which shall supply the service depending on the current load on the service nodes which have the service, or depending on which service node geographically lies closest to the user or a combination of these and/or other parameters.
  • the procurement node ensures that the selected service node has empty capacity before the ticket is sent to the user and possibly reserves the capacity which is required.
  • the reservation is in this case suitably valid for a limited period of time.
  • the procurement node also sends the ticket to the service node as a further confirmation that the order is approved.
  • the identity of a user can be verified in a number of known ways depending on which security level is required.
  • a smart card can be used in combination with a user identity and password.
  • a so-called soft card a file which can be saved for example on hard disk or on a diskette, can be used instead of the smart card.
  • Fig. 3 is a logical representation of a service platform 101 for an intranet in accordance with the invention.
  • a number of service programs 103, 105 are constructed on the platform.
  • the platform 101 supplies support for the choice of the service program and for contiolling the running of the program.
  • the platform 101 comprises functions for managing security 107, managing resources 109, procuring services 111, debiting 103 and service management 115.
  • the functions are made available for the service programs 103, 105 through an application interface (Application Program Interface - API) 117.
  • Existing service programs 103 can be added through adding a surrounding program (wrapper code) 110, which supplies the debiting, security and resource managing functions which are required.
  • a surrounding program wrapped in or around the surrounding program 119
  • Other service programs 105 can be developed especially for the API 117 and can themselves include the debiting, security and resource managing functions which are required for communication with the corresponding functions in the platform.
  • These functions comprise the regulating of who may run a certain program, information on what it costs to run the program and registering of information on when a user can begin to run the program, when the program finishes and, possibly, events while the program is running which have significance for the cost. For example, the management of certain information or the use of a certain function in the program can be registered separately. Events which lead to some form of discount can also be registered. If the program is for example a game a certain number of points can give the right to a free game. Debiting takes place according to the principle chent-server as the client supplies an API for the applications. The applications which are to be debited are run on a service node (server). A special application produces event-based entries with the help of the debiting API. Before the debiting information is sent to a debiting node it is coded by the debiting unit in the service node.
  • the debiting information can be sent individually when they are produced or stored in a file for later delivery.
  • the debiting unit in the service node monitors the connection to the debiting node and reestablishes the connection if it is broken. During disconnection the debiting information is written to a local data base.
  • the debiting node monitors the connection to an external debiting system in the same way.
  • Entries from several clients are stored in the debiting node. These are sent to the external debiting system for processing in accordance with the formats and protocols which the external system requires.
  • An application uses the ticket (see Fig. 2, step S4) from the procurement node in order to connect a unique user identity to the use of a service.
  • a service managing program 121 makes it possible for the network operator to manage the subscribers, the supply of programs, and others.
  • the hierarchical definition of the service managing function permits distributed management so that the individual subscriber can manage his own customers.
  • Fig. 4 shows the principle for communications between the user and a service node in accordance with the invention.
  • a terminal at a final user is connected to a service node 203 via the IP network 205.
  • the terminal 201 are certain procurement functions 207 for managing the interface to the user identification which is used, for example the smart card, and in order to display available applications.
  • the service node there are functions 209 for verifying the user identity and controlling the access to the different services.
  • the service node also contains certain parts of the platform shown in Fig. 3 and supplies the API to the applications.
  • the services are stored on one or more host nodes 211 which can contain film sequences or whole films, HTLM pages, other types of files, electronic post, news services or others.
  • the communication takes place through a so-called secure tunnel, that is to say some form of secure information transfer according to known techniques, for example Secure Socket Layer (SSL).
  • SSL Secure Socket Layer
  • the number of service nodes can be adapted to the requirement in the network in the form of the number of services, the number of users, etc.
  • the procurement node ensures that a selected service node has vacant resources and possible reserves resources when an order is made.
  • the service node is monitored with respect to its load, the number of users and the bandwidth used. This information is used in order to determine if the node can take more users. In this way the service node is protected against overloading so that the users can be guaranteed a certain quality.
  • the number of simultaneous users from one and the same user group is monitored and compared with the maximum number of users from this group. If the limit is reached further users are refused access. This ensures that the active users are guaranteed the quality which the network can offer on the user's side.
  • the procurement node can also contain functions for ensuring that a connection with a necessary bandwidth and quality can be established between the terminal of the user and the service node and also, in accordance with one embodiment, reserve the resources in the network which are necessary for the connection. Suitably the resources are reserved for a distinct period of time.
  • the monitoring and the reservation of resources in the network depend on how the IP network and the underlying transport network are realized.
  • the functionality in routers and the ATM network influence the realization of resource management.
  • the security in the network is based upon known solutions and can be applied at different levels depending on for example the type of services, the amounts etc.

Abstract

Services and/or information are supplied to clients in a data network from service nodes in the network with the help of a device which: receives the request for a service from a client; determines if the client is authorized to receive the service; allots a service node which can supply the service; transmits a confirmation that the client is authorized to receive the service from the allotted service node. The confirmation of the service reservation is sent to the client and/or to the allotted service node. Procurement means can have several different types of service nodes with different types of services from several different suppliers connected. In this way even small service suppliers can offer their services without having to construct their own network. The device can also if several service nodes can supply the same service allot the most suitable service node connected for example by distance or capacity.

Description

DATA COMMUNICATION NETWORK IN WHICH SERVICES ARE SUPPLIED TO CLIENTS
FROM SERVICE NODES IN THE NETWORK
Technical field
The present invention relates to data networks and in particular to a method and a device for being able to make services and/or information accessible by many users with retained security.
Prior art
The Internet has become an extremely common channel for spreading information and services, for example the distribution of programs.
The bulk of all information which is on the Internet is accessible by everyone. There is however a large desire to be able to control who shall have access to certain information and/or services on the net, for example to be able to charge for use. Many services which would be able to be distributed via the Internet are not available today because such networks are not secure and neither can they guarantee a certain quality level for transmissions or services.
Organisations and companies can establish internal networks, so-called Intranets, to which, for example, only members or employers have access. Such a solution is however relatively expensive, in particular for small companies, and, even if the access to the net is limited, it does not solve the problem with payment.
It is often desirable that people who are not connected to one's own Intranet shall be able to use the information for a fee.
There are solutions, for example for ordering products, where the payment takes place on delivery or through the costomer declaring his credit card number. In general, however, products are not transmitted via the Internet. There is no system for using programs and/or services in the network itself.
Summary of the inventive concept
It is an object of the present invention to provide a solution in order to control the access to programs in an Internet-based network without needing to construct a complete Intranet.
It is a further object of the present invention to provide such a solution which functions even for small-scale suppliers of information and/or services.
It is further an object with the invention to provide a flexible solution for such networks both with respect to the user and the size.
A further object of the invention is to be able to charge the users based upon their use of the services in the network.
It is also an object with the invention to be able to distribute information and/or services to a selected group of users irrespective of how and where these users are connected to the network.
The above objects are achieved by the invention through a device in a data communication network in which services and/or information are supplied to the clients from service nodes in the network, which device is arranged to: - receive the request for a service from a client;
- determine if the client is authorized to receive the service;
- allote a service node which can supply the service;
- transmit an acknowledgement that the client is authorized to receive the service from the alloted service node. The above objects are also obtained through a method in a data communication network in which services and/or information is supplied from service nodes to the clients, comprising the following steps:
- a client sends a request for a service to a mediating means; - the mediating means verifies that the client is authorized to use the service, acknowledges this and allotes the service node from which the service can be obtained;
- the client starts the service locally on his computer and in the alloted service node.
The confirmation of the service reservation is sent to the client and/or to the alloted service node.
The mediating means can have several different types of service nodes with different types of services from several different suppliers connected. In this way even small service supplies can offer their services without having to construct their own networks. The solution according to the invention is also scalable because it is easy to add new service nodes.
If several service nodes can supply the same service then the device can also allocate the service node which is closest to the client, investigate if the selected service node has the capacity to supply the service to the client and in other cases select another service node and/or reserve capacity in the network for the transfer of data between the service node and the client.
In this way the capacity of the units in the network can be used more effectively than if no such investigation took place. The solution according to the invention gives a redundancy on the network level which reduces the requirement for redundancy in each node. The device and method in accordance with the invention also permit the debiting of services through events connected with the costs for the use of a service being registered, for example when somebody begins and finishes the use of the service.
The invention results in the following advantages: according to the invention the development and distribution of commercial services by Internet Protocol (IP) as a transport system is permitted. The solution according to the invention includes services for the provision of applications, for subscriptions, debiting, security, and resource management. The supplier of services obtains a platform to build on and can reduce his operating and maintainance costs.
Short description of the figures
Fig. 1 shows the constituent units in the public intranet in accordance with the invention. Fig. 2 is a flow diagram of how a user activates a service in the network according to the invention.
Fig. 3 shows the functional parts and interfaces in the public intranet according to the invention.
Fig. 4 shows the principle for access to the information which is stored in the host nodes.
Description of the embodiments
Fig. 1 shows the nodes which are comprised in a public intranet according to the invention. A number of local networks (Local Area Networks - LAN) 1, 3, 5 based on the Internet Protocol (IP) are connected to a large service network 7. The service network 7 can be logically divided in three levels: a first level comprising a number of switches 9, for example Asynchronous Transfer Mode (ATM) switches, to which the local networks 1, 3, 5 are connected and through which the traffic in the network is contolled. On the next level are a number of routers 11 which supply contacts to the third level where the services in themselves are supplied according to the invention. The local networks 1, 3, 5 are connected to the service networks 7 in some known manner. Normally fire walls 12 are used in order to ensure that no unauthorized persons enter the local network. The third level comprises at least one procurement node ("broker") 13, a service managing node 15 and one or more service nodes 17. The service managing node 15 comprises a user data base containing information on the users who are allowed to use certain or all of the services available on the service node 17. The service managing node 15 comprises also the interface to the external system such as subscriber data bases and debiting nodes, and even debiting information based on the users' use of services.
The procurement node 13 comprises functions for being able to identify the user and his authorizations and for procuring services which lie on the service nodes 17 for the users in the local networks 1, 3, 5. In order that a service shall be able to be used by a user in the local net the service must therefore be registered in the procurement node 13.
The solution shown in Fig. 1 makes it possible for, for example, small companies to put out services on the Internet with limited accessability and retaining security without needing to construct their own internal network. Typically a network operator supplies procurement nodes 13, the data base 15 and the service nodes 17. Those who wish to put out their services or other programs on the Internet without having to be available to everyone or who will ensure that they are paid for the use of the program can "rent" space on the service node for the program. Information on who is authorized to use the program, what it shall cost, etc., is then stored in the data base in, or in connection to, the service managing node.
The design of the network with ATM switches and routers is only one example of several possible which are known for the skilled person. The solution according to the invention is applicable in all types of IP network.
Fig. 2 shows, in the form of a flow diagram, the steps which are taken when a user in a local network 1, 3, 5 wants to use a service which is in a service node 17. Step SI: The user contacts the procurement node 13. Step S2: The procurement node identifies the user and fetches information on the user's authorization from the service managing node.
Step S3: The user orders the desired service. Step S4: The procurement node verifies that the user is authorized to order the service and sends a "ticket" to the user with a confirmation that the service is ordered and information on which service node the service can be fetched from.
Step S5 The user sends the ticket further to the stated service node. Step S6 The service node supplies the service to the user. Step S7 When the service is activated, the normal transmission of debiting information to a data base in, or in connection to, the service management node is begun. The debiting information can be transmitted for events which take place while the service is being run and/or when the service is activated and deactivated.
According to one embodiment of the invention the procurement node, in step S4, decides which service node which shall supply the service depending on the current load on the service nodes which have the service, or depending on which service node geographically lies closest to the user or a combination of these and/or other parameters.
According to one embodiment the procurement node ensures that the selected service node has empty capacity before the ticket is sent to the user and possibly reserves the capacity which is required. The reservation is in this case suitably valid for a limited period of time.
According to one embodiment of the invention the procurement node also sends the ticket to the service node as a further confirmation that the order is approved. The identity of a user can be verified in a number of known ways depending on which security level is required. For example a smart card can be used in combination with a user identity and password. A so-called soft card, a file which can be saved for example on hard disk or on a diskette, can be used instead of the smart card.
Fig. 3 is a logical representation of a service platform 101 for an intranet in accordance with the invention. A number of service programs 103, 105 are constructed on the platform. The platform 101 supplies support for the choice of the service program and for contiolling the running of the program. The platform 101 comprises functions for managing security 107, managing resources 109, procuring services 111, debiting 103 and service management 115. The functions are made available for the service programs 103, 105 through an application interface (Application Program Interface - API) 117.
Existing service programs 103, for example from other manufacturers, can be added through adding a surrounding program (wrapper code) 110, which supplies the debiting, security and resource managing functions which are required. In order to add the surrounding program 119 the service program's 105 own API is used. Other service programs 105 can be developed especially for the API 117 and can themselves include the debiting, security and resource managing functions which are required for communication with the corresponding functions in the platform.
These functions comprise the regulating of who may run a certain program, information on what it costs to run the program and registering of information on when a user can begin to run the program, when the program finishes and, possibly, events while the program is running which have significance for the cost. For example, the management of certain information or the use of a certain function in the program can be registered separately. Events which lead to some form of discount can also be registered. If the program is for example a game a certain number of points can give the right to a free game. Debiting takes place according to the principle chent-server as the client supplies an API for the applications. The applications which are to be debited are run on a service node (server). A special application produces event-based entries with the help of the debiting API. Before the debiting information is sent to a debiting node it is coded by the debiting unit in the service node.
The debiting information can be sent individually when they are produced or stored in a file for later delivery. The debiting unit in the service node monitors the connection to the debiting node and reestablishes the connection if it is broken. During disconnection the debiting information is written to a local data base. The debiting node monitors the connection to an external debiting system in the same way.
Entries from several clients are stored in the debiting node. These are sent to the external debiting system for processing in accordance with the formats and protocols which the external system requires.
An application uses the ticket (see Fig. 2, step S4) from the procurement node in order to connect a unique user identity to the use of a service.
A service managing program 121 makes it possible for the network operator to manage the subscribers, the supply of programs, and others. The hierarchical definition of the service managing function permits distributed management so that the individual subscriber can manage his own customers.
Fig. 4 shows the principle for communications between the user and a service node in accordance with the invention. A terminal at a final user is connected to a service node 203 via the IP network 205. In, or in connection to, the terminal 201 are certain procurement functions 207 for managing the interface to the user identification which is used, for example the smart card, and in order to display available applications. In the service node there are functions 209 for verifying the user identity and controlling the access to the different services. The service node also contains certain parts of the platform shown in Fig. 3 and supplies the API to the applications. The services are stored on one or more host nodes 211 which can contain film sequences or whole films, HTLM pages, other types of files, electronic post, news services or others.
The communication takes place through a so-called secure tunnel, that is to say some form of secure information transfer according to known techniques, for example Secure Socket Layer (SSL).
The number of service nodes can be adapted to the requirement in the network in the form of the number of services, the number of users, etc.
As mentioned above the procurement node ensures that a selected service node has vacant resources and possible reserves resources when an order is made. The service node is monitored with respect to its load, the number of users and the bandwidth used. This information is used in order to determine if the node can take more users. In this way the service node is protected against overloading so that the users can be guaranteed a certain quality.
The number of simultaneous users from one and the same user group is monitored and compared with the maximum number of users from this group. If the limit is reached further users are refused access. This ensures that the active users are guaranteed the quality which the network can offer on the user's side.
The procurement node can also contain functions for ensuring that a connection with a necessary bandwidth and quality can be established between the terminal of the user and the service node and also, in accordance with one embodiment, reserve the resources in the network which are necessary for the connection. Suitably the resources are reserved for a distinct period of time. The monitoring and the reservation of resources in the network depend on how the IP network and the underlying transport network are realized. The functionality in routers and the ATM network influence the realization of resource management.
The security in the network is based upon known solutions and can be applied at different levels depending on for example the type of services, the amounts etc.

Claims

Claims
1. Device in a data communication network in which services and/or information are supplied to clients from service nodes in the network, which device is arranged to:
- receive the request for a service from a client;
- determine if the client is authorized to receive the service;
- allote a service node which can supply the service;
- transmit a confirmation that the client is authorized to receive the service from the allotted service node.
2. Device according to claim 1, characterized in that the confirmation of the service reservation is sent to the client.
3. Device according to claims 1 or 2, characterized in that the confirmation of the service reservation is sent to the allotted service node.
4. Device according to any of the previous claims, characterized in that if several service nodes can supply the same service it allots the service node which is the best starting from selected parameters.
5. Device according to any of the previous claims, characterized in that it is arranged to investigate if the chosen service node has the capacity to supply the service to the client and in other cases to select another service node.
6. Device according to any of the previous claims, characterized in that it is arranged to reserve capacity in the network for transmission of data between the service node and the client.
7. Method in a data communication network in which services and/or information are supplied from the service node to the client, characterized by the following steps:
- a client sends a request for a service to a procurement means; - the procurement means verifies that the client is authorized to use the service, confirms this and allots a service node from which the service can be supplied;
- the client starts the service locally on his computer and in the allotted service node.
8. Method according to claim 7, characterized in that:
- the procurement means confirms that the client is authorized through sending a ticket to the client comprising information on the allotted service node;
- the client sends the ticket further to the allotted service node.
9. Method according to claim 7 or 8, characterized in that the procurement means confirms that the client is authorized by sending the information to the allotted service node.
10. Method according to claim 7, 8 or 9, characterized in that the procurement means allots the service means which is best starting from selected parameters.
11. Method according to any of claims 7-10, characterized in that the procurement means allots a service node which has the capacity to supply the service to the client.
12. Method according to any of claims 7-11, characterized in that the procurement means also reserves resources in the network for transmission of data between the service node and the client.
13. Method for debiting in a data communication network in which services are supplied to clients from service nodes where service programs comprise information on who may run the program and the costs for running the program, characterized in that: - events which have a significance for how the service is to be debited are registered in a data base;
- the cost for the client's use of the service is calculated.
14. Method according to claim 13, characterized in that: - it is registered when a client begins to use a certain service;
- it is registered when the client finishes using the service.
15. Method according to claim 13 or 14, characterized in that:
- while the client uses the service other parameters which concern the costs are registered.
16. Method according to claim 15, characterized in that:
- parameters concerning the earning of discounts are registered.
PCT/SE1998/002181 1997-12-02 1998-11-30 Method and device in a data network for supplying services WO1999028805A2 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
AU15807/99A AU1580799A (en) 1997-12-02 1998-11-30 Data communication network in which services are supplied to clients from service nodes in the network

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
SE9704481A SE9704481D0 (en) 1997-12-02 1997-12-02 System Architecture
SE9704481-2 1997-12-02
SE9801364A SE513538C2 (en) 1997-12-02 1998-04-20 Method and apparatus of a data communication network in which services are provided
SE9801364-2 1998-04-20

Publications (2)

Publication Number Publication Date
WO1999028805A2 true WO1999028805A2 (en) 1999-06-10
WO1999028805A3 WO1999028805A3 (en) 1999-10-21

Family

ID=26663143

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/SE1998/002181 WO1999028805A2 (en) 1997-12-02 1998-11-30 Method and device in a data network for supplying services

Country Status (3)

Country Link
AU (1) AU1580799A (en)
SE (1) SE513538C2 (en)
WO (1) WO1999028805A2 (en)

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6324522B2 (en) * 1997-09-15 2001-11-27 Mro Software, Inc. Electronic information network for inventory control and transfer
WO2002051076A1 (en) * 2000-12-21 2002-06-27 E. Bengtsson Ingenjörsfirma Service management server
WO2002054674A1 (en) * 2000-12-21 2002-07-11 Blokks Ab Network service management system
WO2002067131A1 (en) * 2001-02-19 2002-08-29 Telia Ab (Publ) Network interface for access to or control of objects
WO2003026245A2 (en) * 2001-09-18 2003-03-27 Qualcomm Incorporated Method and apparatus for service authorization in a communication system
WO2006092513A1 (en) * 2005-03-04 2006-09-08 France Telecom Method for controlling access to a service, system and devices adapted therefor
EP1755313A1 (en) * 2005-08-17 2007-02-21 Alcatel Control device for enabling functions of a service equipment within an internet communication network

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0456386A2 (en) * 1990-05-11 1991-11-13 International Computers Limited Access control in a distributed computer system
EP0561509A1 (en) * 1992-03-17 1993-09-22 International Computers Limited Computer system security
US5815574A (en) * 1994-12-15 1998-09-29 International Business Machines Corporation Provision of secure access to external resources from a distributed computing environment

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0456386A2 (en) * 1990-05-11 1991-11-13 International Computers Limited Access control in a distributed computer system
EP0561509A1 (en) * 1992-03-17 1993-09-22 International Computers Limited Computer system security
US5815574A (en) * 1994-12-15 1998-09-29 International Business Machines Corporation Provision of secure access to external resources from a distributed computing environment

Cited By (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6324522B2 (en) * 1997-09-15 2001-11-27 Mro Software, Inc. Electronic information network for inventory control and transfer
WO2002051076A1 (en) * 2000-12-21 2002-06-27 E. Bengtsson Ingenjörsfirma Service management server
WO2002054674A1 (en) * 2000-12-21 2002-07-11 Blokks Ab Network service management system
WO2002067131A1 (en) * 2001-02-19 2002-08-29 Telia Ab (Publ) Network interface for access to or control of objects
WO2003026245A2 (en) * 2001-09-18 2003-03-27 Qualcomm Incorporated Method and apparatus for service authorization in a communication system
WO2003026245A3 (en) * 2001-09-18 2004-03-04 Qualcomm Inc Method and apparatus for service authorization in a communication system
US6850983B2 (en) 2001-09-18 2005-02-01 Qualcomm Incorporated Method and apparatus for service authorization in a communication system
WO2006092513A1 (en) * 2005-03-04 2006-09-08 France Telecom Method for controlling access to a service, system and devices adapted therefor
EP1755313A1 (en) * 2005-08-17 2007-02-21 Alcatel Control device for enabling functions of a service equipment within an internet communication network
WO2007020360A1 (en) * 2005-08-17 2007-02-22 Alcatel Lucent Device for controlling the implementation of functions in a service device belonging to an internet communication network core
FR2889899A1 (en) * 2005-08-17 2007-02-23 Alcatel Sa DEVICE FOR CONTROLLING THE IMPLEMENTATION OF FUNCTION (S) IN A SERVICE EQUIPMENT OF A HEART OF INTERNET COMMUNICATION NETWORK
US9503553B2 (en) 2005-08-17 2016-11-22 Alcatel Lucent Device for controlling the implementation of functions in a service device belonging to an internet communication network core

Also Published As

Publication number Publication date
WO1999028805A3 (en) 1999-10-21
SE513538C2 (en) 2000-09-25
AU1580799A (en) 1999-06-16
SE9801364L (en) 1999-06-03
SE9801364D0 (en) 1998-04-20

Similar Documents

Publication Publication Date Title
RU2313185C2 (en) Method, system and device for controlling and managing transmission of data in communication networks
US7640246B2 (en) Method and system for providing content
US7136996B2 (en) One-time logon method for distributed computing systems
US8737954B2 (en) Managing recurring payments from mobile terminals
US6189101B1 (en) Secure network architecture method and apparatus
US8051491B1 (en) Controlling use of computing-related resources by multiple independent parties
US8738741B2 (en) Brokering network resources
US7024697B2 (en) Access right managing system, portable terminal, gateway and contents server
US7721339B2 (en) Method for controlling access to digital content and streaming media
US5696902A (en) System for management of the usage of data consultations in a telecommunication network
US20020161676A1 (en) Prepaid fixed quantity access to web services
US20020116338A1 (en) Prepaid access to internet protocol (IP) networks
US20020049675A1 (en) System and user interface for managing users and services over a wireless communications network
CN102904870B (en) Server unit and information processing method
CN1826766A (en) Method and apparatus for controlling credit based access (prepaid) to a wireless network
US8737958B2 (en) Managing recurring payments from mobile terminals
US6772191B1 (en) System and method for limiting services at a plurality of levels and controlling image orientation via a network
KR20010068478A (en) Method for Providing the Internet Service Based upon Decentralized Individual Content Providers
WO1999028805A2 (en) Method and device in a data network for supplying services
JP2002304667A (en) System and method for managing electronic locker, information processor, electronic locker device and program
EA005838B1 (en) System and method for distributing data
KR100391952B1 (en) Using server-side application direct file execution method on AIP system
US20040014455A1 (en) Method and device for co-ordinating telecommunications services
US20020087675A1 (en) Media-distribution-resource management apparatus and storage medium
JP3860021B2 (en) RESOURCE MANAGEMENT SYSTEM, METHOD, AND APPARATUS HAVING MECHANISM FOR THE SAME

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A2

Designated state(s): AL AM AT AU AZ BA BB BG BR BY CA CH CN CU CZ DE DK EE ES FI GB GD GE GH GM HR HU ID IL IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MD MG MK MN MW MX NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT UA UG UZ VN YU ZW

AL Designated countries for regional patents

Kind code of ref document: A2

Designated state(s): GH GM KE LS MW SD SZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
AK Designated states

Kind code of ref document: A3

Designated state(s): AL AM AT AU AZ BA BB BG BR BY CA CH CN CU CZ DE DK EE ES FI GB GD GE GH GM HR HU ID IL IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MD MG MK MN MW MX NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT UA UG UZ VN YU ZW

AL Designated countries for regional patents

Kind code of ref document: A3

Designated state(s): GH GM KE LS MW SD SZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG

REG Reference to national code

Ref country code: DE

Ref legal event code: 8642

NENP Non-entry into the national phase in:

Ref country code: KR

122 Ep: pct application non-entry in european phase
NENP Non-entry into the national phase in:

Ref country code: CA