ES2827048A1 - MANUFACTURER INDEPENDENT CAPTIVE PORTAL SYSTEM (Machine-translation by Google Translate, not legally binding) - Google Patents

MANUFACTURER INDEPENDENT CAPTIVE PORTAL SYSTEM (Machine-translation by Google Translate, not legally binding) Download PDF

Info

Publication number
ES2827048A1
ES2827048A1 ES201931004A ES201931004A ES2827048A1 ES 2827048 A1 ES2827048 A1 ES 2827048A1 ES 201931004 A ES201931004 A ES 201931004A ES 201931004 A ES201931004 A ES 201931004A ES 2827048 A1 ES2827048 A1 ES 2827048A1
Authority
ES
Spain
Prior art keywords
captive portal
manufacturer
user
translation
portal system
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
ES201931004A
Other languages
Spanish (es)
Inventor
Zaragoza Juan Carlos Crespo
Estepa Manuel Aranda
Antolin Ruben Gonzalez
Marin Manuel Fuertes
Martínez Eduardo Pascual
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Inetum Espana SA
Original Assignee
Inetum Espana SA
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Inetum Espana SA filed Critical Inetum Espana SA
Priority to ES201931004A priority Critical patent/ES2827048A1/en
Publication of ES2827048A1 publication Critical patent/ES2827048A1/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

Manufacturer independent captive portal system. Captive portals either work in proxy or gateway mode or are closely tied to a specific manufacturer, have their own user management, do not independently manage internet access from local access and/or are not capable of converging network sessions with the user's sessions in third-party applications. The invention consists in the creation of a captive portal that does not work in gateway mode and that is capable of working with different manufacturers of network controllers (even several in the same environment) and that can be integrated with the customer's systems and other external ones. (Machine-translation by Google Translate, not legally binding)

Description

DESCRIPCIÓNDESCRIPTION

Sistema de portal cautivo independiente del fabricanteManufacturer Independent Captive Portal System

SECTOR DE LA TÉCNICATECHNICAL SECTOR

La presente invención se refiere a un sistema de portal cautivo capaz de integrarse con diferentes fabricantes de equipamiento de red gracias a la implementación de los estándares CoA (RFC-5176) y UAM (Universal Access Method), sin suponer un elemento intermedio (modo gateway o proxy) entre el usuario y su salida a la red. De igual forma, para dar acceso a los usuarios, se integra con el CRM (Customer Relationship Management) del cliente o con una pasarela de pagos de un tercero.The present invention refers to a captive portal system capable of integrating with different manufacturers of network equipment thanks to the implementation of the CoA (RFC-5176) and UAM (Universal Access Method) standards, without assuming an intermediate element (gateway mode or proxy) between the user and his output to the network. Similarly, to give access to users, it integrates with the customer's CRM (Customer Relationship Management) or with a third-party payment gateway.

El acceso de los usuarios se hace agrupándolos en perfiles que otorgan diferentes calidades de servicio en la red. Éstos consiguen acceso tanto a Internet como a la red local, llevando contabilidades diferentes del uso.User access is done by grouping them into profiles that provide different qualities of service on the network. They get access to both the Internet and the local network, keeping different usage accounts.

El portal cautivo también funge como servidor de autorización ante aplicaciones terceras utilizando el protocolo OAuth2 y garantiza la consistencia entre las sesiones de usuario de estas aplicaciones y las sesiones de red. The captive portal also acts as an authorization server for third-party applications using the OAuth2 protocol and guarantees consistency between the user sessions of these applications and the network sessions.

ANTECEDENTES DE LA INVENCIÓNBACKGROUND OF THE INVENTION

En el ámbito de la aplicación práctica de la invención, el de los portales cautivos, estos tienen dos modos de funcionamiento, en modo “ proxy” como se muestra en la figura 1, o en modo “ Gateway” , tal como muestra la figura 2, configuración en la que están muy ligados a un fabricante determinado, con una gestión de usuarios propia, de manera que no gestionan independientemente el acceso a internet de un acceso local y/o no son capaces de converger las sesiones de red con las sesiones del usuario en aplicaciones terceras.In the field of practical application of the invention, that of captive portals, these have two modes of operation, in "proxy" mode as shown in figure 1, or in "Gateway" mode, as shown in figure 2 , configuration in which they are closely linked to a specific manufacturer, with their own user management, so that they do not independently manage internet access from a local access and / or are not able to converge network sessions with network sessions. user in third-party applications.

La configuración en modo proxy no supone una alternativa real en escenarios donde se manejan grandes volúmenes de usuarios. En entornos más complejos, donde al usuario no se le está ofreciendo únicamente un acceso a internet sino también acceso a otros servicios se hace necesario disponer de las características antes mencionadas para un correcto funcionamiento.The proxy mode configuration is not a real alternative in scenarios where large volumes of users are handled. In more complex environments, where the user is not only being offered access to the internet but also access to other services, it is necessary to have the aforementioned characteristics for proper operation.

EXPLICACIÓN DE LA INVENCIÓNEXPLANATION OF THE INVENTION

El sistema de portal cautivo independiente del fabricante que se preconiza resuelve de forma plenamente satisfactoria la problemática anteriormente expuesta, en base a una solución sencilla pero eficaz.The advocated manufacturer-independent captive portal system solves in a fully satisfactory way the problem previously exposed, based on a simple but effective solution.

Para ello, la invención consiste en un sistema de portal cautivo capaz de integrarse con diferentes fabricantes de equipamiento de red gracias a la implementación de los estándares CoA (RFC-5176) y UAM (Universal Access Method), sin suponer un elemento intermedio (modo gateway o proxy) entre el usuario y su salida a la red.For this, the invention consists of a captive portal system capable of integrating with different manufacturers of network equipment thanks to the implementation of the CoA (RFC-5176) and UAM (Universal Access Method) standards, without assuming an intermediate element (mode gateway or proxy) between the user and his output to the network.

Así pues, el sistema de la invención prevé un único portal cautivo capaz de comunicarse con múltiples controladoras de fabricantes distintos en base a la tecnología anteriormente citada.Thus, the system of the invention provides for a single captive portal capable of communicating with multiple controllers from different manufacturers based on the aforementioned technology.

El portal tiene capacidad de integrarse con el CRM del cliente o con una pasarela de pagos de un tercero; y además, fungir como servidor de autenticación para otras plataformas.The portal has the ability to integrate with the client's CRM or with a third-party payment gateway; and also, act as an authentication server for other platforms.

Consecuentemente, se trata de un portal único, cuyo acceso se lleva a cabo mediante un login basado en usuario y password, redes sociales, otro login de cliente, o mediante una app para dispositivos móviles. Consequently, it is a single portal, whose access is carried out through a login based on user and password, social networks, another customer login, or through an app for mobile devices.

El portal proporcionará diversos métodos para la entrega de credenciales de usuario: email, SMS, impresión de tickets y permitirá configurar el tiempo de expiración de las cuentas de invitados.The portal will provide various methods for the delivery of user credentials: email, SMS, ticket printing and will allow to configure the expiration time of guest accounts.

El portal estará diseñado para tener compatibilidad con los dispositivos móviles, tablets y PCs de los viajeros de forma independiente de su sistema operativo, permitirá la gestión de la publicidad (push, cupones etc.), dispondrá de un panel de usuario donde el usuario podrá gestionar su perfil y contabilizar los impactos consecuencia de la visualización de la publicidad u otros mecanismos que se puedan determinar en la estrategia de monetización que los clientes determinen. El acceso al portal se realizará mediante conexión segura.The portal will be designed to be compatible with travelers' mobile devices, tablets and PCs independently of their operating system, it will allow the management of advertising (push, coupons, etc.), it will have a user panel where the user can manage your profile and account for the impacts resulting from the display of advertising or other mechanisms that may be determined in the monetization strategy that customers determine. Access to the portal will be done through a secure connection.

La oferta del portal y de los contenidos se podrá configurar en función de parámetros como el perfil del usuario, su localización o el destino e incluirá la posibilidad de realizar encuestas a los viajeros.The offer of the portal and the contents can be configured according to parameters such as the user's profile, their location or the destination and will include the possibility of conducting surveys of travelers.

Desde un punto de vista conceptual, la plataforma que se integra en el portal cautivo está basada en dos grandes Dominios Funcionales sobre los que se construyen todos los servicios: From a conceptual point of view, the platform that is integrated into the captive portal is based on two large Functional Domains on which all services are built:

• Clientes• Customers

• Productos• Products

Se considerarán productos cualquier servicio, contenido, ventas directas, ventas indirectas, publicidad, cupones, etc. Un producto es cualquier servicio, contenido o venta que se pueda consumir potencialmente por un cliente o usuario.Any service, content, direct sales, indirect sales, advertising, coupons, etc. will be considered products. A product is any service, content or sale that can potentially be consumed by a customer or user.

Consideraremos como clientes cualquier usuario que pueda conectarse a la plataforma a través del driver que proporciona el acceso a Internet. Gracias a las características de este proyecto se dispondrá de datos del usuario que permitirá conocer con bastante precisión las características y segmentación de los diferentes perfiles posibilitando mediante las analíticas de comportamiento mejorar la oferta de productos que se ofrece.We will consider as clients any user who can connect to the platform through the driver that provides Internet access. Thanks to the characteristics of this project, user data will be available that will allow to know with enough precision the characteristics and segmentation of the different profiles, making it possible through behavioral analytics to improve the offer of products that are offered.

Estos dos pilares se nutren de la información resultante de agregar diferentes funcionalidades.These two pillars are nourished by the information resulting from adding different functionalities.

El sistema resultante de la plataforma propuesta será el resultado del cruce de ambas plataformas, de clientes y de productos aplicadas a diferentes canales de comunicación.The resulting system of the proposed platform will be the result of the crossing of both customer and product platforms applied to different communication channels.

El sistema permite la interconexión con otros bloques funcionales proporcionados por terceros. Esta flexibilidad se traduce en una mayor capacidad de adaptación a las necesidades del negocio, tanto presentes como futuras, y desacopla los servicios del propio portal al hacerlos independientes del mismo.The system allows interconnection with other functional blocks provided by third parties. This flexibility translates into a greater ability to adapt to business needs, both present and future, and decouples the services from the portal itself by making them independent from it.

DESCRIPCIÓN DE LOS DIBUJOSDESCRIPTION OF THE DRAWINGS

Para complementar la descripción que seguidamente se va a realizar y con objeto de ayudar a una mejor comprensión de las características del invento, de acuerdo con un ejemplo preferente de realización práctica del mismo, se acompaña como parte integrante de dicha descripción, un juego de planos en donde con carácter ilustrativo y no limitativo, se ha representado lo siguiente:To complement the description that is going to be made below and with the aim of helping a better understanding of the characteristics of the invention, according to a preferred example of a practical embodiment thereof, a set of drawings is attached as an integral part of said description. where, with an illustrative and non-limiting nature, the following has been represented:

La figura 1.- Muestra un diagrama esquemático de la configuración convencional de un sistema de portal cautivo tipo proxy. Figure 1.- Shows a schematic diagram of the conventional configuration of a proxy-type captive portal system.

La figura 2.- Muestra un diagrama esquemático de la configuración convencional de un sistema de portal cautivo tipo Gateway, ligado al fabricante.Figure 2.- Shows a schematic diagram of the conventional configuration of a Gateway-type captive portal system, linked to the manufacturer.

La figura 3.- Muestra un diagrama esquemático de la configuración de un sistema de portal cautivo independiente del fabricante realizado de acuerdo con el objeto de la presente invención.Figure 3.- Shows a schematic diagram of the configuration of a manufacturer-independent captive portal system made in accordance with the object of the present invention.

La figura 4.- Muestra, un diagrama de bloques del sistema de la invención aplicado a una única controladora de red, con sus correspondientes dispositivos clientes, y en la que se han añadido los medios de autentificación y autorización, así como los sistemas externos asociados al portal cautivo.Figure 4.- Shows a block diagram of the system of the invention applied to a single network controller, with its corresponding client devices, and in which the means of authentication and authorization have been added, as well as the associated external systems. to the captive portal.

REALIZACIÓN PREFERENTE DE LA INVENCIÓNPREFERRED EMBODIMENT OF THE INVENTION

En la figura 1, como se comentaba en el apartado de antecedentes de la invención, aparece representado un diagrama esquemático de la configuración convencional de un sistema de portal cautivo tipo proxy, en el que los dispositivos cliente (1) acceden a una red WiFi (2) asociada directamente a un portal cautivo (3) que gestiona en modo proxy la conexión a internet (4). In Figure 1, as discussed in the background section of the invention, a schematic diagram of the conventional configuration of a proxy-type captive portal system is represented, in which client devices (1) access a WiFi network ( 2) directly associated with a captive portal (3) that manages the internet connection (4) in proxy mode.

De acuerdo con la figura 2, cuando se trata de ciertos volúmenes de información, en los que participan diferentes clientes con sus correspondientes dispositivos cliente (1,1’ ,1’ ’ ), y sus redes WiFi (2,2’ ,2’ ’ ), y de acuerdo con la estructuración convencional en modo Gateway, cada red WiFi (2,2’ ,2’ ’ ) tiene asociado un controlador de red (5,5’ ,5’ ’ )que pueden ser de diferentes fabricantes, lo que obliga a disponer de varios portales cautivos (3’ ,3’ ’ ,3’ ’ ’ ), vinculados a cada fabricante, para gestionar el acceso a internet (4).According to figure 2, when it comes to certain volumes of information, in which different clients participate with their corresponding client devices (1,1 ', 1' '), and their WiFi networks (2,2', 2 ' '), and according to the conventional structuring in Gateway mode, each WiFi network (2,2', 2 '') has associated a network controller (5,5 ', 5' ') that can be from different manufacturers, This makes it necessary to have several captive portals (3 ', 3' ', 3' ''), linked to each manufacturer, to manage internet access (4).

Esta configuración supone cuellos de botella en la gestión de la información, así como la necesidad de portales cautivos ligados a cada fabricante.This configuration implies bottlenecks in information management, as well as the need for captive portals linked to each manufacturer.

Pues bien, de acuerdo ya con la invención, y según se muestra en la figura 3, el nuevo sistema que se propone resulta óptimo en entornos de alto volumen de datos que además son heterogéneos en cuanto a la infraestructura de red.Well, in accordance with the invention, and as shown in Figure 3, the proposed new system is optimal in high-volume data environments that are also heterogeneous in terms of network infrastructure.

Para ello, los dispositivos clientes (1,1’ ,1’ ’ ) se conectan a su correspondiente red WiFi (2,2’ ,2’ ’ ), que en el entorno descrito pueda estar controlada por una controladora de red (5,5’ ,5’ ’ ) de un fabricante diferente a la que está conectado otro dispositivo cliente. De forma más concreta, todas las controladoras (5,5’ ,5’ ’ ) que participan en el sistema están conectadas a un único portal cautivo independiente del fabricante (6), a través del que se gestiona el acceso a internet (4).To do this, the client devices (1,1 ', 1'') connect to their corresponding WiFi network (2,2', 2 ''), which in the described environment can be controlled by a network controller (5, 5 ', 5'') from a different manufacturer than the one you are connected to another client device. More specifically, all the controllers (5.5 ', 5'') that participate in the system are connected to a single captive portal independent of the manufacturer (6), through which internet access is managed (4) .

De acuerdo ya con la figura 4, y analizando un cliente en particular, la controladora de red (5) asociada a la red WiFi de dicho cliente comprueba en Radius (7) (Remote Authentication Dial-In User Service) si el dispositivo está autorizado para hacer uso de la red (MAC caché) y con que perfil o calidad del servicio (QoS). El portal cautivo independiente del fabricante (6) es el encargado de mostrar a los usuarios una web donde podrán modificar sus permisos en la red: acceso (mediante login típicamente) o cambio de perfil (upselling típicamente). El portal cautivo se puede apoyar en servicios externos (8) como puede ser el sistema de gestión de clientes para validar un acceso o una pasarela de pago para realizar un upselling.In accordance with figure 4, and analyzing a particular client, the network controller (5) associated with the WiFi network of said client checks in Radius (7) (Remote Authentication Dial-In User Service) if the device is authorized to make use of the network (MAC cache) and with what profile or quality of service (QoS). The captive portal independent of the manufacturer (6) is in charge of showing users a website where they can modify their permissions on the network: access (typically via login) or profile change (typically upselling). The captive portal can be supported by external services (8) such as the customer management system to validate an access or a payment gateway to perform an upselling.

Dentro de los sistemas externos (8) también se consideran otras plataformas que pueden utilizar el portal cautivo como servidor de autenticación, como puede ser un portal de contenidos ofrecidos a través de la wifi o un portal de venta. De esta forma las credenciales de acceso son pasadas junto con el perfil correspondiente sin que el usuario tenga que volver a registrarse en el sistema.Within the external systems (8), other platforms that can use the captive portal as an authentication server are also considered, such as a content portal offered through Wi-Fi or a sales portal. In this way the access credentials are passed along with the corresponding profile without the user has to re-register in the system.

En cuanto a los dispositivos cliente (1), estos pueden ser dispositivos móviles como smartphones o portátiles, aunque pueden ser de otros tipos como impresoras de red o cualquier otro con una interfaz inalámbrica WiFi.As for the client devices (1), these can be mobile devices such as smartphones or laptops, although they can be of other types such as network printers or any other with a WiFi wireless interface.

Por su parte, los sistemas externos (8) pueden ser muy variados. Típicamente los sistemas de gestión de clientes para la validación de usuarios, pasarelas de pago para el cobro por servicios, plataformas externas que consumen el servicio de autenticación del portal cautivo, etc. On the other hand, the external systems (8) can be very varied. Typically, customer management systems for user validation, payment gateways to charge for services, external platforms that consume the authentication service of the captive portal, etc.

Claims (1)

REIVINDICACIONES 1a.- Sistema de portal cautivo independiente del fabricante, caracterizado porque está constituido a partir de un único portal cautivo independiente del fabricante (6), que se comunica con diferentes controladoras (5,5’ ,5’ ’ ) de red asociadas a respectivas redes WiFi (2,2’ ,2’ ’ ) de acceso para dispositivos clientes (1,1’ ,1’ ’ ) a internet (4), habiéndose previsto que el portal cautivo independiente del fabricante (6) incluya medios de implementación de los estándares CoA (RFC-5176) y UAM (Universal Access Method), así como de integración con el CRM (Customer Relationship Management) del cliente o con una pasarela de pagos de un tercero; incluyendo funciones como servidor de autenticación para otras plataformas. 1a.- Captive portal system independent of the manufacturer, characterized in that it is constituted from a single captive portal independent of the manufacturer (6), which communicates with different network controllers (5.5 ', 5' ') associated with respective WiFi networks (2,2 ', 2' ') for accessing client devices (1,1', 1 '') to the internet (4), it being envisaged that the captive portal independent of the manufacturer (6) includes means of implementation of the CoA (RFC-5176) and UAM (Universal Access Method) standards, as well as integration with the customer's CRM (Customer Relationship Management) or with a third-party payment gateway; including functions as an authentication server for other platforms.
ES201931004A 2019-11-19 2019-11-19 MANUFACTURER INDEPENDENT CAPTIVE PORTAL SYSTEM (Machine-translation by Google Translate, not legally binding) Pending ES2827048A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
ES201931004A ES2827048A1 (en) 2019-11-19 2019-11-19 MANUFACTURER INDEPENDENT CAPTIVE PORTAL SYSTEM (Machine-translation by Google Translate, not legally binding)

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
ES201931004A ES2827048A1 (en) 2019-11-19 2019-11-19 MANUFACTURER INDEPENDENT CAPTIVE PORTAL SYSTEM (Machine-translation by Google Translate, not legally binding)

Publications (1)

Publication Number Publication Date
ES2827048A1 true ES2827048A1 (en) 2021-05-19

Family

ID=75900617

Family Applications (1)

Application Number Title Priority Date Filing Date
ES201931004A Pending ES2827048A1 (en) 2019-11-19 2019-11-19 MANUFACTURER INDEPENDENT CAPTIVE PORTAL SYSTEM (Machine-translation by Google Translate, not legally binding)

Country Status (1)

Country Link
ES (1) ES2827048A1 (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20120167185A1 (en) * 2010-12-23 2012-06-28 Microsoft Corporation Registration and network access control
GB2494891A (en) * 2011-09-21 2013-03-27 Cloud Networks Ltd A race condition during MAC authentication is avoided by confirming authentication to DHCP server prior to address allocation.
US20150089592A1 (en) * 2013-09-21 2015-03-26 Avaya Inc. Captive portal systems, methods, and devices
US20180070231A1 (en) * 2016-09-02 2018-03-08 Blackberry Limited Method and device for facilitating authentication over a wireless network
GB2554953A (en) * 2016-10-17 2018-04-18 Global Reach Tech Limited Improvements in and relating to network communications

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20120167185A1 (en) * 2010-12-23 2012-06-28 Microsoft Corporation Registration and network access control
GB2494891A (en) * 2011-09-21 2013-03-27 Cloud Networks Ltd A race condition during MAC authentication is avoided by confirming authentication to DHCP server prior to address allocation.
US20150089592A1 (en) * 2013-09-21 2015-03-26 Avaya Inc. Captive portal systems, methods, and devices
US20180070231A1 (en) * 2016-09-02 2018-03-08 Blackberry Limited Method and device for facilitating authentication over a wireless network
GB2554953A (en) * 2016-10-17 2018-04-18 Global Reach Tech Limited Improvements in and relating to network communications

Similar Documents

Publication Publication Date Title
JP7406512B2 (en) Data anonymization for service subscriber privacy
US20210314447A1 (en) System and method for programmatic device connectivity
ES2657435T3 (en) Push messaging with secure agent IDS
EP3780548B1 (en) Method and apparatus for remote access
US10595205B2 (en) Mobile device traffic splitter
US20140127994A1 (en) Policy-based resource access via nfc
CN105474677B (en) The position of safety management and follow-up service access
US9741187B2 (en) Distributed access control
US9526984B2 (en) Gamification provider abstraction layer
US20130198274A1 (en) Social Hotspot
ES2565081T3 (en) Telecommunications network
CN105766011A (en) Configuring captive portals with a cloud service
EP3127002B1 (en) Mobile device management broker
GB2507960A (en) Wireless access point login dependent upon supply of stored (key/personal) information and/or viewing a message (advertisement)
US10880084B2 (en) Utilization of SIM-mobile equipment communication channel for handset applications state monitoring
Asokan et al. Crowdshare: Secure mobile resource sharing
KR101403045B1 (en) Method for providing terminal access control service interlocking access control
KR101017072B1 (en) Walled garden service system and method and public wireless lan service network system by using the same
KR101381364B1 (en) Apparatus and method for controlling access right for secure contents using near field communication of mobile device
ES2827048A1 (en) MANUFACTURER INDEPENDENT CAPTIVE PORTAL SYSTEM (Machine-translation by Google Translate, not legally binding)
KR20190066887A (en) Server, device and method for providing virtual task environment
KR102504930B1 (en) Data sharing apparatus and method
KR102040367B1 (en) Server independent chat system
CA3087480A1 (en) Methods for access point systems and payment systems therefor
US11263302B2 (en) Transaction system

Legal Events

Date Code Title Description
PC2A Transfer of patent

Owner name: INETUM ESPANA, S.A.

Effective date: 20210408

BA2A Patent application published

Ref document number: 2827048

Country of ref document: ES

Kind code of ref document: A1

Effective date: 20210519

FC2A Grant refused

Effective date: 20220530