TW201611628A - System and method for authorizing network access and network device implemented with the method therein - Google Patents

Abstract

The disclosure relates a system, method, and network device for authorizing a mobile device to access a network. The method includes receiving a request for accessing the internet from the mobile device, sending a massage including downloading a computer program to the mobile device, receiving a request for downloading the computer program from the mobile device and sending the computer program to the mobile device, receiving an authorization request for accessing the internet and determining whether the mobile device meets at least one criterion for accessing the internet, and authorizing the mobile device to access the internet if the at least one criterion is met.

Description

System and method for authorizing network access and network device for performing the method

The present invention relates generally to network technologies, and more particularly to a network device that manages network access authorization for mobile devices within a local area network. The present invention provides a method and system for authorizing a mobile device to access a network only when the mobile device is running a computer program to perform a predefined action. In another aspect, the present invention also provides a method and system for providing the above computer program download.

Typically, a network device, such as a wireless access point and gateway in a closed network such as a local area network (LAN) or an intranet, provides access to the wide area network within the closed network after an authorization process. (wide area network) or the Internet. The authorization process allows the user to log in with a password, and sometimes may require a user account and a verification code to log in. By telling the terminal device, and in particular the user of the mobile device, the account and the login password, the owner of the network device can share the network access with the user. The owner of the network device can further manage the network access authorization by managing the distribution of login passwords. The above process can be implemented by inputting a password to the network device through a network software of the mobile device or a webpage provided by the network device.

Traditionally, the above process may only provide a simple authorization mechanism to manage the network access authorization of the network device. The network device may only restrict access to the network by terminal devices that do not have a password. If more complex conditions are required to manage network access, the owner of the network device may need to decide whether to provide a password based on the above conditions. These limitations increase the inconvenience of users of mobile devices accessing the network through network devices, particularly for users in public places such as restaurants, shopping malls, public transportation, and the like. Users may not go to the above areas often. However, each time the user goes to an area that the user has not visited, it may be necessary to ask for the password of the network device in the above area and complete the login process to access the network. In addition, the above restrictions also limit the way network device owners share and manage network access through the network device.

According to the foregoing, there is a need to provide a method and system for solving the problem of inconvenience of a mobile device accessing a network through a network device, and a limitation problem of network access to the mobile device sharing the network device. . Therefore, the owner of the network device can set the conditions for accessing the network through the network device and guide the user of the mobile device to satisfy the above conditions. The user may only have authorization to access the network through the network device when the user and/or the mobile device meets the conditions or follows the process that satisfies the condition. Therefore, through a simple authorization process, network access around the network device (or bandwidth used for network access) may be a practical computing resource utilized by mobile devices.

In addition, new business models involving such "network access" resources may be developed for the owners of network devices.

The present invention provides a method and system for managing network access authorization through a network device, and in particular, authorizing network access based on predefined conditions. Any device, especially a mobile device, can be required to download a computer program over the network device in exchange for a network access authorization. A verification mechanism can be done in the computer program. The verification mechanism is used to determine whether the device or device user satisfies the conditions for authorization to access the network through the network device. In an embodiment of the invention, downloading, installing, and/or launching the computer program can be a condition for accessing the network through the network device. In another embodiment of the invention, the condition can be defined within the computer program. Users of the device may be required to enter specific information or authorize specific operations performed by the computer program. Once the above conditions are met, the network device can receive a verification result and/or an authorization triggered by the verification mechanism provided by the computer program. The network device authorizes the device to access the network or utilize its bandwidth to access the network. Therefore, the network access authorization process is completed. Further, the condition can be updated by updating the computer program. Therefore, the network device owner can manage the network access authorization by maintaining and updating the computer program. In another embodiment of the invention, several network devices can manage their network access using the same computer program. The complexity of managing network access authorization is therefore reduced.

In another aspect, the present invention also provides a method or system for distributing a computer program to a mobile device through a network device by allowing the mobile device to access the network through the network device. When the user of the mobile terminal arrives at a place with a network device implementing the system or method of the present invention and seeks to access the network through the network device, facilitating activities, advertisements, and e-commerce may be through the method or system of the present invention. Provided to users of mobile devices.

It should be understood, however, that the present disclosure may not include all aspects of the embodiments of the present invention, and the present invention is not intended to be limited or limited in any manner. The invention will be apparently improved and improved over the prior art.

The drawings illustrate one or more embodiments of the invention in the written description Wherever possible, the same reference numerals are used to refer to the same or

1 through 4 are schematic diagrams of network architectures in accordance with some embodiments of the present invention.

5 through 7 are flow diagrams of methods for obtaining access network authorization as described in accordance with some embodiments of the present invention.

8 through 11 are flowcharts of a method of obtaining access network authorization as described in accordance with some embodiments of the present invention.

12 is a schematic diagram of a functional architecture of an authorization system operating on a network device, in accordance with some embodiments of the present invention.

13 through 14 are diagrams of functional architectures of an authorization manager to verify authorization by monitoring a computer program, in accordance with some embodiments of the present invention.

15 is a flow chart of a method of obtaining access network authorization in accordance with an embodiment of the present invention.

In accordance with common practice, the various features described are not drawn to scale, but rather the features of the invention are. The reference numerals in the figures and the text indicate related elements.

Some embodiments of the present invention will be described more fully hereinafter with reference to the accompanying drawings in which, The present invention may be embodied in many different forms and should not be construed as limited to the embodiments described herein. Rather, these embodiments are provided so that this disclosure will be thorough and complete. Throughout the text, the same reference numerals denote the same elements.

The terminology used in the description of the present invention is for the purpose of describing particular embodiments and is not intended to limit the invention. As used in the description of the invention and the claims It will also be understood that the term "and/or" used herein is meant to include any and all possible combinations of one or more of the associated listed items. It is also to be understood that the terms "comprises" and "comprising", "the" The presence or addition of the whole, steps, operations, elements, elements and/or groups thereof.

It should be understood that the term "and/or" includes any and all combinations of one or more of the listed related terms. It should also be understood that, although the terms, components, regions, layers, and/or portions may be described herein using the terms first, second, third, etc. Limited by these terms. These terms are only used to distinguish one element, component, region, layer, Thus, a first element, component, region, layer or portion may be described as a second element, component, region, layer or portion, without departing from the teachings of the invention.

All terms (including technical and scientific terms) used herein have the same meaning as commonly understood by one of ordinary skill in the art to which the invention belongs, unless otherwise defined. It is further understood that terms such as those defined in commonly used dictionaries should be interpreted as having meanings consistent with their meaning in the context of this specification and the related art, and should not be idealized or overly formalized. Explain in the sense of this unless explicitly defined as such in this document. Well-known functions or constructions may not be described in detail for the sake of brevity and/or clarity.

A more specific description of the embodiments of the present invention will be made below with reference to FIGS. 1 through 15. The present invention is described in detail with reference to the accompanying drawings, in which the same reference numerals are used to refer to the same or the like. In accordance with the purpose of the present invention, as the specific embodiments and the broad description herein, the invention includes the following description.

1 to 4 are network architectures according to an embodiment of the present invention.

Referring to FIG. 1, a network device 200 can connect a regional network and an Internet 300, and manage the connection between the rea network and devices in the Internet 300. In an embodiment of the invention, the area network may be a local area network (LAN) located in a public area such as a public building, a public station, or a public transportation vehicle. In another embodiment of the invention, the regional network may be an extension of a wireless communication network, such as a small cell that is extended to supplement cellular network coverage. The mobile device, such as the first mobile device 100, can enter the coverage of the regional network, connect the network device 200, and request the network device 200 to access the network.

The mobile device 100 can send a network access request and its Media Access Control (MAC) address to the network device 200. The network device 200 can establish a connection between the mobile device 100 and the Internet 300 after an authorization process. The network device 200 can determine whether to authorize the mobile device 100 to access the Internet 300 based on at least one predefined condition. This condition is defined in a computer program. Therefore, the network device 200 can provide the computer program to the mobile device 100. This condition can be the download, installation or startup of the computer program. In an embodiment of the invention, the condition may be the operation of a particular action defined by the computer program. In an embodiment of the invention, the predefined action may include initiating a computer program or receiving a specific input, such as clicking on an icon displayed by the mobile device 100, detected by the touch screen of the mobile device. A touch signal and a specific gesture comprising moving one or more fingers on the mobile device 100 in at least one direction. In an embodiment of the invention, the predefined action may include receiving information from the user or retrieving information from the mobile device 100, such as the user's name, gender, and age. The user may be required to enter specific information and/or authorize the mobile device 100 to perform the actions described above.

A verification mechanism that determines if the condition is met can also be defined in the computer program. Once the user of the mobile device 100 and/or the mobile device 100 meets the condition, a verification result can be generated by the computer program. The mobile device 100 can be triggered to request network access from the network device 200. The mobile device 100 can send a network access request including the verification result to the network device 200. Upon receiving a network access request triggered by the computer program from the mobile device 10, the network device 200 can connect the mobile device 100 to the Internet 300 or provide an authorization to the mobile device to utilize its bandwidth. Accelerate network access.

Accordingly, a preferred embodiment of the present invention provides a system for managing network access authorization through the network device 200. A mobile device that enters the coverage of the network device 200, such as the mobile device 100, can be authorized by a predefined computer program provided by the system through the network device 200, specifically through the computer program. Perform a predefined action. In other words, the present invention also provides a mobile device for allocating a predefined computer program to the coverage of the network device 200, and facilitating actions by the computer program to exchange the mobile device for accessing the Internet. 300 system.

In another embodiment of the present invention, the network device 200 can also provide an additional wireless bandwidth for accelerating the wireless access speed of the mobile device 100 instead of connecting the mobile device 100 to the Internet 300. The above acceleration can be accomplished by a dynamic (typically software defined) carrier aggregation mechanism performed within the mobile device 100. The above mechanism is sometimes named "smart radio" or "software-defined radio". By utilizing the above techniques, as long as the mobile device 100 downloads the computer program and/or performs a specific action defined in the computer program, the wireless bandwidth of the network device 200 can also be provided to improve the mobile device 100. The quality of existing network access.

The mobile device 100 of the present invention can be any computer with network connection function, especially network access function, such as a notebook computer, a tablet computer, a car computer system (such as a smart car), a portable wireless sharing point, and Portable wireless access points, portable hotspots, smart phones, e-book readers, smart TVs, set-top boxes, or wearable devices including smart watches, smart glasses, and smart bracelets.

The network device 200 connecting the regional network to the Internet 300 can be a gateway, a router, a wireless access point, or a communication system base station such as a pico base station, a femtocell, or a small cell. ).

Referring to FIG. 2, a network device 200 can be connected to a regional network, a server 400, and the Internet 300. The network device 200 can manage connections between devices within the local area network and the Internet 300 based on authorization of the server 400. In an embodiment of the invention, the area network may be a local area network (LAN) located in a public area such as a public building, a public station, or a public transportation vehicle. In another embodiment of the invention, the regional network may be an extension of a wireless communication network, such as a small cell that is extended to supplement cellular network coverage. The mobile device, such as the first mobile device 100, can enter the coverage of the regional network, connect the network device 200, and request the network device 200 to access the network.

The mobile device 100 can send a request for network access and a MAC address to the network device 200. The network device 200 can record the MAC address. In another embodiment of the present invention, the network device 200 can allocate an IP address corresponding to the MAC address of the mobile device 100, and forward the request and the IP address of the mobile device 100 to the server. 400. The server 400 can then send at least one message requesting the mobile device 100 to download a computer program to the mobile device 100, wherein at least one condition for accessing the network through the network device 200 has been defined. In another embodiment of the invention, the message can include downloading a network address of the computer program. The mobile device 100 can display a user interface for deciding whether to download the computer program, and can send a request to download the computer program to the server 400 upon receiving a corresponding input from the user. The server 400 can provide the computer program including the conditions for network access through the network device 200 to the mobile device 100, and receive a verification result from the mobile device 100 when the above conditions are met. The server 400 can send an authorization request to the network device 200. The network device 200 can establish a connection between the mobile device 100 and the Internet 300 upon receiving an authorization request from the server 400.

However, in another embodiment of the invention, the condition may be the completion of a service provided by the server 400. Therefore, the mobile device can request a specific service instead of receiving the verification result according to the startup of the computer program. This condition is satisfied by providing the requested service to the mobile device 100. The server 400 can send an authorization request to the network device 200. The network device 200 can establish a connection between the mobile device 100 and the Internet 300 upon receiving the authorization request from the server 400.

Referring to FIG. 3, a network device 200 can be connected to a regional network, a server 400, an application store 500, and the Internet 300. The network device 200 can manage the connection between the device based on the local area network authorized by the server 400 and the Internet 300. In an embodiment of the invention, the area network may be a local area network (LAN) located in a public area such as a public building, a public station, or a public transportation vehicle. In another embodiment of the invention, the regional network may be an extension of a wireless communication network, such as a small cell that is extended to supplement cellular network coverage. The mobile device, such as the first mobile device 100, can enter the coverage of the regional network, connect the network device 200, and request the network device 200 to access the network.

The mobile device 100 can send a request for network access and a MAC address to the network device 200. The network device 200 can record the MAC address. In another embodiment of the present invention, the network device 200 can allocate an IP address corresponding to the MAC address of the mobile device 100, and forward the request and the IP address of the mobile device 100 to the server. 400. The server 400 can then send at least one message requesting the mobile device 100 to download a computer program to the mobile device 100, wherein at least one condition for accessing the network through the network device 200 has been defined. Compared to FIG. 2, the computer program can be provided by the application store 500. The server 400 can instruct the mobile device 100 to a web page for downloading the computer program at the application store 500. If the above conditions are met, the server 400 receives a verification result from the mobile device 100. The server 400 can send an authorization request to the network device 200. The network device 200 can establish a connection between the mobile device 100 and the Internet 300 upon receiving the authorization request from the server 400.

In an embodiment of the present invention, in consideration of the security principle of the application store 500, the server 400 may not have a webpage from the application store 500 indicating that the mobile device 100 is to download the computer program at the application store 500. Authorization. Alternatively, the server 400 can give the mobile device 100 a limited network access authorization to download the computer program from the software application store 500, for example, a temporary access to the Internet 300 for only a short period of time. Authorization or authorization to access only the network address of the application store 500. The limited network access authorization can be accomplished by sending a corresponding authorization request to the network device 200. By receiving a notification of the temporary authorization of an access network from the network device 200 or the server 400, the user of the mobile device 100 can be notified to download the computer program from the application store 500. The server 400 can authorize the mobile device 100 to access the Internet 300 after the mobile device 100 downloads the computer program and even performs an action defined by the computer program to satisfy the condition.

In an embodiment of the present invention, downloading and installing a computer program from the application store 500 may be managed by the "mobile software application store" program of the mobile device 100 instead of indicating that the mobile device 100 to one is for downloading from the application store 500. Web page of a computer program. The message received from the server 400 can launch the "mobile software application store" to download the computer program.

In an embodiment of the invention, the condition may be the completion of a service provided by the server 400. Therefore, the mobile device can request a specific service instead of receiving the verification result according to the startup of the computer program. This condition can be satisfied by providing the requested service to the mobile device 100. The server 400 sends an authorization request to the network device 200. The network device 200 can establish a connection between the mobile device 100 and the Internet 300 after receiving an authorization request from the server 400.

Referring to FIG. 4, the network device 200 can include a processor 210, a memory 220, a storage module 230, a first communication module 240, and a second communication module 250. The first communication module 240 For communicating with at least one mobile device, such as the first mobile device 100, through a regional network, such as a wireless local area network, the second communication module 250 is used with the Internet 300, the server 400, or the application. The store 500 communicates over a wide area network, such as a public switched telephone network or a wireless communication network.

The processor 210 of the present invention can be a processor or controller for executing program instructions in the memory 220. The memory 220 can be SRAM, DRAM, EPROM, EEPROM, flash memory or other types of computer memory. The processor 210 can further include an embedded system or an application specific integrated circuit (ASIC) having embedded program instructions.

The storage module 230 of the present invention can be a non-volatile computer readable recording medium embedded in the network device 200, including ROM, RAM, EPROM, EEPROM, hard disk, solid state hard disk, floppy disk, CD - ROM, DVD-ROM or other form of electronic, electromagnetic or optical recording medium.

In an embodiment of the present invention, the network device 200 illustrated in FIG. 1 to FIG. 4 may store a set of instructions in the storage module 230 for determining after receiving a network access request from the mobile device 100. Whether a connection is established between the mobile device 100 and the Internet 300. In addition, the processor 210 can execute the instruction to send a computer program, wherein at least one condition for the mobile device 100 to access the Internet 300 through the network device is defined in the computer program and stored in the storage module. 230. Receive a verification result from the mobile device 100, and authorize the mobile device 100 to access the Internet 300 when the condition is met. In an embodiment of the invention, the processor 210 can execute the instruction to forward the network access request from the mobile device 100 to a server 400, and receive a verification result or authorization request from the server 400, and The mobile device 100 is notified to allow access to the network.

In an embodiment of the invention, the computer program can be stored in an external memory connected to the network device 200. The processor 210 can retrieve the computer program and send it to the mobile device 100.

When the mobile device sends a request to access the Internet 300, the storage module 230 can store the MAC address of the mobile device in the local area network. The storage module 230 can record whether the MAC address of different mobile devices has been authorized to access the Internet 300. The processor 210 can change the permission settings based on the verification result sent by the mobile device 100. In an embodiment of the invention, the permission setting may be changed based on an authorization request received from the server 400.

The first communication module 240 and the second communication module 250 can be used as a hardware, a firmware or a custom protocol or follow existing conditions (or factual conditions) such as Ethernet, IEEE 802.11 or IEEE 802.11. Series, Bluetooth, Near Field Communication (NFC) or telecommunications standards such as GSM, CDMAone, CDMA2000, TD-SCDMA, WiMAX, FDD-LTE, TD-LTE or the 5GPPP standard implementation under development. In addition, the first communication module 240 and the second communication module 250 may include separate integrated circuits for communication in different protocols. The first communication module 240 and the second communication module 250 can be defined as a communication module.

In an embodiment of the invention, the first communication module 240 can be a Wi-Fi (IEEE 802.11) transceiver for communicating with devices in the wireless local area network. The second communication module 250 can be an Ethernet controller connected to a modular connector (RJ45) or a universal serial bus (USB). The network device 200 having the first communication module 240 and the second communication module 250 can be used as a wireless access point located indoors.

In another embodiment of the present invention, the first communication module 240 can be a cellular communication transceiver for communicating with devices in the unit (or small base station). The second communication module 250 can be an Ethernet controller connected to a fiber optic connector (RJ45) or a transceiver using a microwave access technology backhaul. The network device 200 having the first communication device 2040 and the second communication device 2050 can serve as a small cell base station to supplement the coverage of the base station in the cellular network. In an embodiment of the invention, the first communication module 2040 can include a multiple input multiple output (MIMO) antenna system having beamforming functions for allocating and providing a specific bandwidth to the mobile device 100. And having a carrier aggregation function to accelerate the access network speed of the mobile device 100 when the above conditions are met.

When the mobile device sends a request to access the Internet 300, the storage module 230 can store the MAC address of the mobile device 100 in the local area network. The storage module 230 can record the MAC addresses of different mobile devices that are authorized to access the Internet 300. The processor 210 can change the permission settings based on a verification result sent by the mobile device 100 through a computer program. In an embodiment of the invention, the authorization setting may be changed based on an authorization request received from the server 400. In an embodiment of the invention, an IP mapping table and a routing table may be stored in the storage module 230. The processor 210 can generate and assign an IP address to the mobile device 100 based on the MAC address received from the mobile device 100 and the table. The server 400 can identify the mobile device 100 by the IP address, send an authorization request or a verification result including the IP address used to authorize the mobile device 100 to access the Internet 300. The processor 210 of the network device 200 can identify the mobile device 100 according to the IP address and the above table, and change the permission setting stored in the storage module 230.

5 through 7 are flow diagrams of methods for obtaining access network authorization as described in accordance with some embodiments of the present invention.

5 is a flow diagram of a method of obtaining an access network grant from a network device 200 to a mobile device 100, in accordance with an embodiment of the present invention. The method of the present invention performs the following steps. In step S102, the mobile device 100 sends a first request for network access. In step S104, the network device 200 sends at least one message to the mobile device 100 to respond to the first request. In an embodiment of the invention, the message causes the mobile device 100 to prompt a user interface to request the user of the mobile device 100 to launch a particular computer program. In the computer program, a condition for accessing the network through the network device 200 is defined. In another embodiment of the invention, the message can include a download link of the computer program within the network device 200. The mobile device 100 is launched according to the message to download and install the computer program. In another embodiment of the present invention, in step S102, the mobile device 100 may send a service request (the first request) for accessing a service of the Internet 300 through the network device 200. In step S104, the network device 200 can determine whether the mobile device 100 is authorized to access the Internet 300 and send a message to the mobile device 100 in response to the mobile device 100 not being authorized to access the Internet 300. .

If the mobile device 100 does not include the computer program, the mobile device 100 sends a second request to download the computer program in step S106. In an embodiment of the invention, prior to performing step S106, the mobile device 100 prompts a user interface to request the user to download and install the computer program. If the request is denied, the process of obtaining authorization to access the network may end because the mobile device 100 may not have the opportunity to satisfy the conditions defined in the computer program without downloading the computer program. In step S108, the network device 200 transmits the computer program to the mobile device 100. In an embodiment of the invention, the network device 200 first sends a message including a prompt for a condition of the network. The condition can include performing a predefined action on the mobile device 100 by the computer program. However, in another embodiment of the present invention, if the computer program already exists in the mobile device 100, the mobile device 100 can launch the computer program instead of performing steps S106 and S108 to download the computer program.

In step S110, in order to satisfy the condition defined in the computer program, the mobile device 100 performs a predefined action. In an embodiment of the invention, the action may include starting a computer program or receiving a specific input, such as clicking on a icon displayed by the mobile device 100, and detecting a touch signal detected by the touch screen of the mobile device. And a particular gesture comprising moving one or more fingers on the mobile device 100 in at least one direction. In an embodiment of the invention, the predefined actions may include receiving information from the user or retrieving information from the mobile device 100, such as the user's name, gender, age. The user may be required to enter specific information and/or authorize the mobile device 100 to perform the above actions.

In an embodiment of the invention, the mobile device 100 receives a request from a user or a permission for an action from the network device 200. The mobile device 100 further includes notifying the user of the request. If the request is denied, the authorization process may end or be interrupted until the user enters or licenses the network device 200. In an embodiment of the invention, the request or notification may be generated by the computer program instead of being received from the network device 200.

In step S112, the mobile device 100 sends a third request for requesting network access and a verification result to the network device 200. If the condition is met, the verification result can be generated by the computer program. In other words, the computer program can monitor whether the predefined action is performed and trigger the mobile device 100 to perform step S112 upon receiving a detection that the action is performed. In step S114, after the network device 200 receives the third request and the verification result, the network device 200 updates the permission setting stored in the network device 200 to authorize the mobile device 100 to access the Internet. 300. Thus, the mobile device 100 can have an authorization to access the Internet through the network device 200. In other words, the network device 200 can connect to the mobile device and the Internet in response to a network access request from the mobile device 100.

In step S116, the network device 200 notifies the mobile device 100 of the authorization. Moreover, in an embodiment of the invention, the notification may be generated by the computer program when the condition is satisfied instead of being received from the network device 200 in step S116.

The previously described method may comprise a plurality of steps, which may occur in a particular order, it being understood that the methods may include more or less than the above steps, the order between the steps may also be varied, different The steps can be combined. For example, it can be omitted in step S116.

6 is a flow diagram of a method of requesting access to a network by a network device 200, in accordance with an embodiment of the present invention. The method can be performed as a set of instructions stored on the mobile device 100. The method can include the following steps. In step S302, the mobile device 100 sends a first request to access the Internet 300. In step S304, the mobile device 100 receives at least one message from the network device 200. In an embodiment of the invention, the message may cause the mobile device 100 to prompt a user interface to request the user of the mobile device 100 to launch a specific computer program, wherein the network device 200 is accessed by the network device 200. The conditions of the network are defined in the computer program. In another embodiment of the invention, the message can include a download link of the computer program at the network device 200. The mobile device 100 can be launched according to the message to download and install the computer program. In another embodiment of the present invention, in step S302, the mobile device 100 sends a service request (the first request) to access a service of the Internet 300 through the network device 200. The network device 200 determines whether the mobile device 100 is authorized to access the Internet 300 and sends a message to the mobile device 100 in response to a determination that the mobile device 100 is not authorized to access the Internet 300.

In step S306, the mobile device 100 determines whether the computer program including the condition for accessing the network through the network device 200 has been downloaded and installed on the mobile device 100. If the computer program has not been downloaded and installed, in step S308, the mobile device 200 sends a second request to download the computer program to the network device 200, and downloads the computer program in step S310. In another embodiment of the present invention, the mobile device 100 requests the computer program from the server 400 and downloads the computer program from the server 400. In another embodiment of the invention, the computer program can be provided by a website within the application store 500 or other Internet 300 in place of the server 400 and the network device 200. Returning to step S306, if the computer program has been downloaded and installed on the mobile device, steps S308 and S310 may be omitted.

In an embodiment of the present invention, downloading and installing a computer program from the application store 500 may be managed by the "mobile software application store" program of the mobile device 100 instead of indicating that the mobile device 100 to one is for downloading from the application store 500. Web page of a computer program. The message received from the server 400 can launch the "Mobile Software App Store" program to download the computer program.

In step S312, the mobile device 100 determines whether the condition for accessing the Internet 300 defined by the computer program has been met. The mobile device 100 continuously performs step S312 to monitor the state of the condition until the condition is satisfied. In an embodiment of the invention, the mobile device can further generate and display a prompt for a condition to the user. Once the condition is met, in step S314, the mobile device 100 sends a third request and a verification result to the network device 200 to access the Internet 300, and receives a notification of authorization to access the Internet 300 in step S316. The authorization process can be completed by the network device 200 or the server 400. That is, the mobile device 100 can send the third request to the network device 200 or the server 400 and receive the authorization notification from the network device 200 or the server 400. After step S316, the mobile device 100 can further access the Internet 300 by requesting the network device 200.

In an embodiment of the invention, the above condition in step S312 may include performing at least one action defined in the computer program. The action may include launching a computer program or receiving a specific input such as clicking on a icon displayed by the mobile device 100, a touch signal detected by the touch screen of the mobile device, and including in at least one direction A particular gesture of moving one or more fingers on the mobile device 100. In an embodiment of the invention, the predefined actions may include receiving information from the user or retrieving information from the mobile device 100, such as the user's name, gender, age. The user may be required to enter specific information and/or authorize the mobile device 100 to perform the above actions.

In an embodiment of the invention, the condition may be the completion of a service provided by the server 400. Therefore, the mobile device can request and send the verification result to the network device 200 in step S314 instead of requesting a specific service according to the startup of the computer program. By requesting the service, the condition is met and the server 400 sends an authorization request to the network device 200 to authorize the mobile device 100 to access the Internet 300.

In an embodiment of the invention, the mobile device 100 can be implemented with carrier aggregation functionality to speed up network access. Therefore, after step S316, the mobile device 100 can request an additional radio frequency bandwidth from the network device 200 instead of merely accessing the network.

The previously described method may comprise a plurality of steps, which may occur in a particular order, it being understood that the methods may include more or less than the above steps, the order between the steps may also be varied, different The steps can be combined. For example, it can be omitted in step S316.

FIG. 7 is a flowchart of a method for determining whether to establish a connection between a mobile device 100 and an Internet 200 through a network device 200, according to an embodiment of the present invention. In an embodiment of the invention, the method can be executed within the network device 200 as a set of instructions. The method can include the following steps. In step S402, the network device 200 receives a first request from the mobile device 100 to access the network. In step S404, the network device 200 can send at least one message to the mobile device 100. In another embodiment of the present invention, in step S402, the network device 200 can receive a service request (first request) from the mobile device 100 for accessing a service of the Internet 300. In step S404, the network device 200 can determine whether the mobile device 100 is authorized to access the Internet 300 and send a message to the mobile device 100 in response to the determination that the mobile device 100 is not authorized to access the Internet 300.

In an embodiment of the invention, the message may cause the mobile device 100 to prompt a user interface to request the user of the mobile device 100 to launch a specific computer program, wherein the network device 200 is accessed by the network device 200. The conditions of the network are defined in the computer program. In another embodiment of the present invention, the message may include a download link of the computer program at the network device 200 to activate the mobile device 100 to download and install the computer program.

In step S406, the network device 200 determines whether a second request for accessing the network and a verification result of the above condition defined in the computer program are received from the mobile device 100. If the network device 200 does not receive the second request from the mobile device 100 for a period of time, this means that the mobile device 100 may not have the computer program. In step S408, the network device 200 can further determine whether a third request for downloading the computer program is received from the mobile device 100. The network device 200 may repeat steps S406 and S408 until the second request or the third request is received. When the third request is received in step S408, the network device 200 transmits the computer program to the mobile device 100 in step S410.

Returning to step S406, when the second request and the verification result are received from the mobile device 100, this means that the condition that the mobile device 100 accesses the Internet 300 has been satisfied. Therefore, in step S412, the network device 200 authorizes the mobile device 100 to access the network. In step S414, the network device 200 further notifies the mobile device 100 of the authorization. The mobile device 100 requests the network device 200 to access the network upon receiving the notification. The network device 200 connects the mobile device 100 and the Internet 300 because the mobile device 100 has been authorized to access the network. In an embodiment of the present invention, the network device 200 can allocate and provide a specific bandwidth to the mobile device 100 to speed up network access of the mobile device. If the above conditions are met, instead of connecting the mobile device 100 to the Internet 300.

In another embodiment of the present invention, in step S406, the network device 200 can receive a service request (the second request) for accessing a service of the Internet 300 from the mobile device 100 instead. Receiving the second request and the verification result from the mobile device 100, the execution of the service may be a condition for accessing the network through the network device 200. The network device 200 can thus connect the mobile device 100 with the Internet 300 in step S412 and forward the service request and the requested service profile.

The previously described method may comprise a plurality of steps, which may occur in a particular order, it being understood that the methods may include more or less than the above steps, the order between the steps may also be varied, different The steps can be combined. For example, it can be omitted in step S414.

8 through 11 are flow diagrams of methods for obtaining access network authorization as described in accordance with some embodiments of the present invention.

8 is a flow diagram of a method of obtaining an access network grant from a network device 200 to a mobile device 100, in accordance with an embodiment of the present invention, the method of the present invention performing the following steps.

In step S202, the mobile device 100 sends a first request to access the Internet 300 to the network device 200. In step S204, the network device 200 sends a second request to the server 400. In an embodiment of the invention, the second request (please use a unified term) may be generated by the first request. The second request may further include information about the network device 200 such as device identification information, network address, and the like. In another embodiment of the invention, the network device 200 may only forward the request to the server 400 instead of generating and transmitting the second request. In step S206, the server 400 can transmit at least one message to the mobile device 100 through the network device 200. In an embodiment of the invention, the message may cause the mobile device 100 to prompt a user interface to request the user of the mobile device 100 to launch a specific computer program, wherein the network device 200 is accessed by the network device 200. The conditions of the network are defined in the computer program. In another embodiment of the invention, the message can include a download link of the computer program at the network device 200. The mobile device 100 is launched according to the message to download and install the computer program. In another embodiment of the present invention, the computer program can be provided through the website of the application store 500 or the Internet 300 instead of the server 400.

In another embodiment of the present invention, in step S102, the mobile device 100 sends a service request (the first request) to access a service of the Internet 300 through the network device 200. In step S204, upon receiving the first request, the network device 200 determines whether the mobile device 100 is authorized to access the Internet 300, and indicates access from the mobile device 100 to the server 400. The mobile device 100 is not authorized to access the Internet 300. In step S206, the server 400 sends a message to the mobile device 100 via the network device 200.

If the mobile device 100 does not have the computer program installed, in step S208, the mobile device 100 sends a third request to the server 400 to download the computer program. In step S210, the server 400 transmits the computer program to the mobile device 100 through the network device 200. However, in an embodiment of the present invention, if a computer program already exists in the mobile device 100, the mobile device 100 can start the computer program instead of performing the steps S208 and S210 to download the computer program.

In step S212, the mobile device 100 performs a predefined action to satisfy the conditions defined in the computer program. In an embodiment of the invention, the actions may include initiating a computer program or receiving a specific input, such as clicking on a icon displayed by the mobile device 100, a touch signal detected by the touch screen of the mobile device, and One includes a particular gesture of moving one or more fingers on the mobile device 100 in at least one direction. In an embodiment of the invention, the predefined actions may include receiving information from the user or retrieving information from the mobile device 100, such as the user's name, gender, age. The user may be required to enter specific information and/or authorize the mobile device 100 to perform the actions described above. In an embodiment of the invention, the mobile device 100 receives a user input request or an action permission from the network device 200. The mobile device 100 can further include notifying the user of the request. If the request is rejected, the authorization process may end or be interrupted until the user enters or licenses the network device 200. In an embodiment of the invention, the request or notification may be generated by the computer program instead of being received from the network device 200. In an embodiment of the invention, a prompt for the action can be provided to the user of the mobile device 100 by the computer program. More specifically, the prompt can also be defined by the computer program to be displayed to the user after the computer program is launched.

In an embodiment of the invention, the condition may provide completion of a service for the server 400. The mobile device 100 requests a specific service based on the startup of the computer program. For example, the server 400 can provide an advertisement, such as a web page advertisement or a video advertisement, to the mobile device 100, and the mobile device 100 can satisfy the condition after playing an advertisement for a period of time. As another example, the server 400 can provide a download coupon to the mobile device 100. The mobile device 100 can satisfy the condition after downloading the coupon. In an embodiment of the invention, when the computer program 600 is launched, the mobile device 100 can be instructed to a server provided by a social networking service. The mobile device 100 satisfies the condition after the user clicks on the "like" or "recommendation" icon of the web page of the social networking service. In addition, the user may need to log in to the social networking service before clicking on the "like" or "recommended" icon on the web page of the social networking service. In another embodiment of the invention, a billing system can be implemented at the server 400. When the computer program 600 is launched, the mobile device 100 can be instructed to the billing system. The billing system provides payment services to users of the mobile device 100 to pay for network access. For example, a user interface that requires credit card information may be generated based on a payment service. Upon receipt of the credit card information, the billing system can generate a bill to the corresponding banking system to charge for access to the network via the network device 200. The credit card payment mechanism described above can also be replaced by a pre-payment mechanism implemented by the billing system in the server 400. In an embodiment of the invention, a prompt for the above action may be provided from the server 400 to a user of the mobile device 100. More specifically, the prompts can also be received by the mobile device 100 via a computer program.

In step 214, the mobile device 100 sends a fourth request to request access to the network and a verification result to the server 400. If the condition is met, the verification result can be generated by the computer. In other words, the computer program can monitor whether the predefined action is performed and trigger the mobile device 100 to perform step S214 upon receiving the detection that the action is performed. In step S216, the server 400 sends an authorization request to the network device 200. In step S218, after the network device 200 receives the authorization request from the server 400, the network device 200 updates the permission setting stored in the network device 200 to authorize the mobile device 100 to access the Internet. 300. Thus, the mobile device 100 can have an authorization to access the Internet through the network device 200. In other words, the network device 200 can connect the mobile device 100 and the Internet in response to a network access request from the mobile device 100. In step S220, the network device 200 notifies the mobile device 100 of the authorization. Further, in an embodiment of the present invention, the notification may be generated by the computer program when the condition is satisfied instead of being received from the network device 200 in step S216.

In an embodiment of the present invention, in step S214, the mobile device 100 sends a service request (fourth request) for accessing a service in the server 400 through the server 200, and the service may be The conditions of the access network defined within the network device 200. The network device 200 verifies whether the condition is satisfied in step S216 instead of receiving the authorization request from the server 400. In response to the verification in step S216, the network device 200 can update the permission setting and connect the mobile device 100 with the Internet 300 in step S218.

The previously described method may comprise a plurality of steps, which may occur in a particular order, it being understood that the methods may include more or less than the above steps, the order between the steps may also be varied, different The steps can be combined. For example, step S220 can be omitted.

9 is a flow diagram of a method for a mobile device 100 to obtain an access network authorization from a server 400 via a network device 200, in accordance with an embodiment of the present invention, the method of the present invention performs the following steps .

In step S202, the mobile device 100 sends a first request to access the Internet 300 to the network device 200. In step S204, the network device 200 sends a second request to the server 400. In an embodiment of the invention, the second request may be generated by the first request. The second request may further include information about the network device 200 such as device identification information, network address, and the like. In another embodiment of the invention, the network device 200 may only forward the first request to the server 400 instead of generating and transmitting the second request. In step S206, the server 400 can transmit at least one message to the mobile device 100 through the network device 200. In an embodiment of the invention, the message may cause the mobile device 100 to prompt a user interface to request the user of the mobile device 100 to launch a specific computer program, wherein the network device 200 is accessed by the network device 200. The conditions of the network are defined in the computer program. In another embodiment of the invention, the message can include a download link of the computer program at the network device 200. The mobile device 100 is launched according to the message to download and install the computer program. In another embodiment of the present invention, the computer program can be provided through the website of the application store 500 or the Internet 300 instead of the server 400.

If the mobile device 100 does not have the computer program installed, in step S208, the mobile device 100 sends a third request to download the computer program to the server 400. In step S210, the server 400 transmits the computer program to the mobile device 100 through the network device 200. However, in an embodiment of the present invention, if a computer program already exists in the mobile device 100, the mobile device 100 can start a computer program instead of executing the steps S208 and S210 to download the computer program.

In step S222, the mobile device 100 starts the computer program and sends a fourth request to access the Internet 300 to the server 400. In step S224, the server 400 sends a message including a message for requesting the user to input a prompt to satisfy the condition that the mobile device 100 accesses the network through the network device 200. In step S226, the mobile device 100 transmits the input request to the server 400.

In an embodiment of the invention, the condition may be the completion of a service provided by the server 400. The mobile device 100 can request a specific service according to the startup of the computer program. For example, the server 400 can provide an advertisement, such as a web page advertisement or a video advertisement, to the mobile device 100, the mobile device 100 can satisfy the condition after playing an advertisement for a period of time. As another example, the server 400 can provide a download coupon to the mobile device 100. The mobile device 100 may satisfy the condition after downloading the coupon. In an embodiment of the invention, when the computer program 600 is launched, the mobile device 100 can be instructed to a server provided by a social networking service. The mobile device 100 satisfies the condition after the user clicks on the "like" or "recommendation" icon of the web page of the social networking service. In addition, the user may need to log in to the social networking service before clicking on the "like" or "recommended" icon on the web page of the social networking service. In another embodiment of the invention, a billing system can be implemented at the server 400. When the computer program 600 is launched, the mobile device 100 can be instructed to the billing system. The billing system provides payment services to users of the mobile device 100 to pay for network access. For example, a user interface that requires credit card information may be generated based on a payment service. Upon receipt of the credit card information, the billing system may generate a bill to the corresponding banking system to cover the cost of accessing the network through the network device 200. The credit card payment mechanism described above can also be replaced by a pre-payment mechanism implemented by the billing system in the server 400.

In step 228, when the condition is met, the server 400 sends an authorization request to the network device. In an embodiment of the invention, the authorization request may include identification information about the mobile device 100. In an embodiment of the invention, the MAC address from the mobile device 100 can be stored in the network device 200 in step S202. The network device 200 can have an IP mapping table or routing table for generating and assigning an IP address to the mobile device 100 based on the MAC address. The server 400 can identify the mobile device 100 by the IP address and send an authorization request including the IP address of the mobile device 100 for accessing the Internet 300. The network device 200 can identify the mobile device 100 and change the permission settings based on the IP address and the above table. In step S230, the network device 200 updates the permission settings based on the authorization request from the server 400. In step S232, the network device 200 can notify the mobile device 100 of the authorization.

The previously described method may comprise a plurality of steps, which may occur in a particular order, it being understood that the methods may include more or less than the above steps, the order between the steps may also be varied, different The steps can be combined. For example, step S232 can be omitted.

In an embodiment of the present invention, if the mobile device 100 terminates the network access, for example, the mobile device 100 is turned off or the mobile device 100 is not in an area covered by the local area network of the network device 200, the authorization may be cancel. In other words, the mobile device 100 may need to perform all the steps again to obtain access network authorization.

10 is a flow diagram of a method for determining whether to establish a connection to a mobile device 100 to an Internet 300 based on an authorization request sent from a server 400, in accordance with an embodiment of the present invention. The method can be executed within the network device 200 as a set of instructions. The method can include the following steps. In step S502, the network device 200 receives a first request from the mobile device 100 for network access. In step S504, the network device 200 can send a second request to the server 400. In an embodiment of the invention, the second request may be generated by the first request. The second request may further include information about the network device 200 such as device identification information, network address, and the like. In another embodiment of the invention, the network device 200 may only forward the first request to the server 400 instead of generating and transmitting the second request.

In step S508, the network device 100 determines whether a third request for accessing the network and a verification result are received from the mobile device 100. If the network device 200 does not receive the third request, in step S510, the network device 200 determines whether a fourth request for downloading a predefined computer program is received from the mobile device 100, the computer The program defines at least one condition for the mobile device 100 to access the Internet 300. Upon receiving the fourth request, the network device 200 forwards the fourth request to the server 400 in step S512. In step S514, the network device 200 receives the computer program from the server 400 and forwards it to the mobile device 100.

Returning to step S508 and step S510, if the network device 200 does not receive the third request and the fourth request, the mobile device 100 may have downloaded or installed the computer program. Thus, the network device 200 can continue to monitor until the third request and verification result triggered by the computer program is received from the mobile device 100. When the third request and the verification result are received from the mobile device 100, this means that the condition defined in the computer program is satisfied, and in step S516, the network device 200 forwards the third request and the verification result to the servo. 400. In step S518, the network device 200 receives an authorization request from the server 400 to allow the mobile device to access the Internet 300. In step S520, the network device 200 updates the permission settings to respond to the authorization request. Further, in step S522, the network device 200 notifies the mobile device 100 of the authorization.

In an embodiment of the present invention, in step S508, the mobile device 100 sends a service request for accessing a service in a server 400 through the network device 200, and the service may be in the network device 200. Defined conditions for accessing the network. The network device 200 can receive a third request without authentication. If the condition is met, the network device 200 can then further perform steps S516 and S518 by receiving the service request from the mobile device 100 to the server 400 for verification. In step S520, the network device 200 may update the permission setting and connect the mobile device 100 to the Internet 300 in response to the verification that the condition for the mobile device 100 to access the Internet 300 is satisfied.

The previously described method may comprise a plurality of steps, which may occur in a particular order, it being understood that the methods may include more or less than the above steps, the order between the steps may also be varied, different The steps can be combined. For example, it can be omitted in step S522.

11 is a flow diagram of a method for allowing mobile device 100 to access Internet 300 via network device 200, in accordance with an embodiment of the present invention. The method can operate within the server 400 as a set of instructions. The method can include the following steps. In step S602, the server 400 receives a first request from the mobile device 100 to access the Internet 300 through the network device 200. In step S604, the server 400 transmits at least one message to the mobile device 100 via the network device 200. In an embodiment of the present invention, the message may be used by the mobile device 100 to prompt a user of the mobile device 100 to initiate a user interface of a specific computer program, the computer program instructing the mobile device 100 to pass The network device 200 is connected to the Internet 300. In another embodiment of the invention, the message can include a download link of the computer program within the server 400. The mobile device 100 is launched according to the message to download and install the computer program. In another embodiment of the invention, the computer program can be provided by a website within the application store 500 or the Internet 300 in place of the server 400.

In step S606, the server 400 determines whether a service request or a network access request and a verification result are received from the mobile device 100. In an embodiment of the invention, the computer program can include conditions for the mobile device 100 to access the Internet 300. If the condition defined in the computer program is satisfied, the server 400 receives the network access request and a verification result. However, in another embodiment of the present invention, the computer program may instruct the mobile device 100 to request a particular service to switch network access authorization instead of having the condition. The server 400 receives the service request from the mobile device 100. In step S612, the server 400 transmits an authorization request to allow the mobile device 100 to access the Internet 300 through the network device 200 to the network device 200.

Returning to step S606, if the server 400 does not receive the request, in step S608, the server 400 determines whether a second request for acquiring the computer program is received. When receiving the second request, the server 400 can provide the computer program to the mobile device 100 through the network device 200 in step S610.

The previously described method may comprise a plurality of steps, which may occur in a particular order, it being understood that the methods may include more or less than the above steps, the order between the steps may also be varied, different The steps can be combined. For example, step S606 can be omitted.

12 is a schematic diagram of a functional architecture of an authorization system operating on network device 200, in accordance with some embodiments of the present invention.

Referring to FIG. 12, a system 700 running on the network device 200 includes a verification module 710 for determining whether a predefined condition of a mobile device accessing the network is satisfied, and a method for retrieving the mobile device. Providing a computer program downloader 720 that responds to a computer program request received from the mobile device by a computer program defining a specific action to satisfy the condition, and for authorizing the mobile after satisfying the network access condition A network access controller 730 for the device to access the network, and a list of conditions for defining conditions for accessing the network by the network device 200 including the above conditions. The system 700 can be implemented in software, firmware, or even as long as the hardware having the above functions is formed.

In an embodiment of the invention, the verification module 710 determines whether the mobile device satisfies the condition based on the verification result received from the mobile device, which can be triggered by a computer program execution action. If a condition in the condition list 740 is satisfied, the verification module 710 can further change the permission settings and notify the network access module 730 to connect the mobile device to the Internet. In another embodiment of the present invention, the verification module 710 can determine whether the mobile device satisfies a condition based on an authorization request received from the server, which can be requested by the mobile device to be triggered by performing an action by the computer program. Service. Upon receiving the verification result from the mobile device or an authorization request from the server, the verification module 710 can confirm that the mobile device (or the user of the mobile device) satisfies the conditions of Internet access. The verification module 710 can further compare the request and the at least one condition in the condition list 740 for determining whether the mobile device (or the user of the mobile device) has met the access network, and notify the network when the above conditions are met. The road access module 730 connects the mobile device to the Internet. In another embodiment of the present invention, the verification module 710 can intercept a service request sent from the mobile device to the server, wherein a condition for the mobile device to access the network is sent to the server by sending the service request. Satisfy. The verification module 710 can compare the intercepted service request with the conditions in the condition list 740 to verify whether the above conditions are met, and notify the network access module 730 to connect the mobile device to the Internet when the above conditions are met.

In one embodiment of the invention, the computer program downloader 720 generates a download link and provides the mobile device with a download program instead of providing the computer program to the mobile device. In addition, the download link can also be replaced by a user prompt of a downloaded computer program. The computer program downloader 720 can further notify the network access controller 730 to give a limited network access permission to the mobile device if the computer program is stored on the Internet. The access network permissions may be limited to a limited access time or a dedicated network address provided to the mobile device.

13 and 14 are diagrams showing the functional architecture of an authorization manager 610 for authenticating an access to a network by the network device 200 by monitoring a computer program, in accordance with some embodiments of the present invention. The authorization manager 610 can be integrated into the computer program 600 or independent of the computer program 600. In one embodiment of the invention, the authorization manager 610 can be further a downloadable extension of the computer program 600.

Referring to FIG. 13, the computer program 600 can include an action module 630 that defines a set of actions that can be performed for the mobile device and a software update module 620 for updating the actions. In an embodiment of the invention, the authorization manager 610 is independent of the computer program 600, and in another embodiment of the invention, the authorization manager 610 can be a downloadable extension of the computer program 600. The mobile device 100 performing the requesting network access may be required to download not only the computer program 600 but also the authorization manager 610. The authorization manager 610 includes a condition list 650 defining at least one condition for accessing the network through the network device 200, a verification module 640 for verifying whether the condition is satisfied, and a transmission network connection. The authorization module 660 of the authorization request is entered.

In one embodiment of the invention, the conditions in the condition list 650 can be mapped to the actions defined by the action module 630 of the computer program. When a corresponding action in action module 630 is run or executed, the conditions in condition list 650 are satisfied. In an embodiment of the invention, the conditions in the condition list 650 may be updated under the management of the server 400 described above.

In an embodiment of the invention, the actions may include initiating the computer program 600 or receiving a specific input from the user, such as clicking an icon, a touch signal detected by the touch screen, and a touch-sensitive type. A particular gesture of moving one or more fingers in at least one direction on the screen. In an embodiment of the invention, the predefined action may include receiving information from the user or retrieving information from the mobile device 100, such as the user's name, gender, age. The user may be required to enter specific information and/or authorize the mobile device 100 running the computer program 600 and the authorization manager 610 to perform the actions described above. In an embodiment of the invention, the mobile device can receive a request from the network device 200 for the user to input or permit the action. The mobile device can further notify the user of the request. If the request is denied, the authorization process can be terminated or interrupted until the user enters or licenses the network device 200. In an embodiment of the invention, the above requirements or notifications may be generated by the computer program 600 or the authorization manager 610. The verification module 640 can monitor the action module 630 to detect whether a pair of conditional actions are performed. If the action is performed, which means that the corresponding condition is met, the verification module 640 notifies the authorization module 660. And a verification result.

In another embodiment of the invention, the condition may provide completion of a service for the server 400. The mobile device 100 running the computer program can request a specific service according to the startup of the computer program. The above service may be an advertisement such as a web advertisement or a video advertisement, a coupon for downloading, a social network service having a "like" or "recommended" icon, or used to pay for access to the network through the network device 200. Payment service. The status of this condition can be determined by the server 400. Therefore, the authorization manager 610 can activate the conditions in the condition list 650 corresponding to at least one action in the action module 630 instead of the monitoring action module 630 and request access to the network. In addition, since the verification of the condition and the authorization of the network access can be performed by the server 400 instead of the verification module 640 and the authorization module 660, the verification module 640 and the authorization module 660 can be omitted.

Referring to FIG. 14, the verification module 640, the condition list 650, and the authorization module 660 can be integrated into the computer program 600 instead of being part of the authorization manager 610.

15 is a flow diagram of a method for a mobile device 100 to request authorization to access a network through the network device 200 via a predefined service within the server 400, in accordance with an embodiment of the present invention. The method of the present invention performs the following steps.

In step S702, the mobile device 100 sends a first request for accessing the Internet 300 through the network device 200. In step S704, the network device 200 can intercept the first request and send at least one message to the mobile device 100. In an embodiment of the present invention, the message may be used by the mobile device 100 to prompt a user of the mobile device 100 to initiate a user interface of a specific computer program, the computer program instructing the mobile device 100 to pass The network device 200 is connected to the Internet 300. In another embodiment of the invention, the message can include a download link of the computer program within the server 400. The mobile device 100 is launched according to the message to download and install the computer program. In another embodiment of the invention, the computer program can be provided by a website within the application store 500 or the Internet 300 in place of the server 400.

If the mobile device 100 does not have the computer program, in step S706, the mobile device 100 transmits a second request for downloading the computer program through the network device 200 according to the message. In step S708, the network device 200 sends (or retrieves) the computer program and transmits the computer program to the mobile device 100. However, in an embodiment of the present invention, if the computer program already exists in the mobile device 100, the mobile device 100 can start the computer program instead of performing steps S706 and S708 to download the computer program.

In step S710, the mobile device 100 starts the computer program and sends a third request to the server 400 for a service defined in the server in the computer program. In step S712, the network device 200 forwards the third request to the server 400. In step S714, the server 400 sends the service data to the mobile device 100 to respond to the third request. The network device 200 forwards the service data to the mobile device 100 in step 716. In step S718, the network device 200 can further verify whether at least one condition for the mobile device 100 to access the Internet 300 is satisfied. If the above conditions are met, the network device 200 can update the permission settings and further connect the mobile device 100 with the Internet 300. In step S720, the network device 200 can further notify the mobile device 100 of the authorization.

In an embodiment of the invention, the above condition may be the completion of a service provided by the server 400. The mobile device 100 can request a specific service according to the startup of the computer program. For example, the server 400 can provide an advertisement, such as a web page advertisement or a video advertisement, to the mobile device 100 that the mobile device 100 may satisfy the condition after playing an advertisement for a period of time. As another example, the server 400 can provide a download coupon to the mobile device 100. The mobile device 100 may satisfy the condition after downloading the coupon. In an embodiment of the invention, when the computer program 600 is launched, the mobile device 100 can indicate to a server provided by a social networking service. The mobile device 100 satisfies the condition after the user clicks on the "like" or "recommendation" icon of the web page of the social networking service. In addition, the user may need to log in to the social networking service before clicking on the "like" or "recommended" icon on the web page of the social networking service. In another embodiment of the invention, a billing system can be implemented at the server 400. When the computer program 600 is launched, the mobile device 100 can be instructed to the billing system. The billing system provides payment services to users of the mobile device 100 to pay for network access. For example, a user interface that requires credit card information may be generated based on a payment service. After receiving the credit card information, the billing system may generate a bill to the corresponding banking system to pay for access to the network via the network device 200. The credit card payment mechanism described above can also be replaced by a pre-payment mechanism implemented by the billing system in the server 400.

The previously described method may comprise a plurality of steps, which may occur in a particular order, it being understood that the methods may include more or less than the above steps, the order between the steps may also be varied, different The steps can be combined. For example, step S522 can be omitted.

It should be noted that the above embodiments are only intended to illustrate the technical solutions of the present invention and are not intended to be limiting, and the present invention will be described in detail with reference to the preferred embodiments thereof The technical solutions are modified or equivalently substituted without departing from the spirit and scope of the technical solutions of the present invention. Moreover, individual embodiments and claims do not necessarily achieve all of the technical effects of the invention. In addition, the Abstract and the headings are merely for facilitating the retrieval of patent documents and do not limit the invention in any way.

100‧‧‧first mobile device, second mobile device

200‧‧‧Network equipment

300‧‧‧Internet

400‧‧‧Server

500‧‧‧App Store

210‧‧‧ processor

220‧‧‧ memory

230‧‧‧ Storage Module

240‧‧‧First Communication Module

250‧‧‧Second communication module

430‧‧‧Network Access Controller

620‧‧‧Software update module

630‧‧‧Action Module

650‧‧‧ condition list

660‧‧‧Authorization module

640, 710‧‧‧ verification module

720‧‧‧Computer Program Downloader

740‧‧‧condition list

no

100‧‧‧Mobile devices

200‧‧‧Network equipment

Claims (31)

A system for authorizing network access by monitoring a computer for verifying and authorizing the mobile device to access a network through a network device, wherein the mobile device has a communication module for transmitting data to The network device and receiving data from the network device are improved in that the mobile device receives and installs the system authorized by the network access from the network device, and the authorized network access The system includes:
a verification module, configured to monitor whether the mobile device meets an authorization condition for accessing the network through the network device, and an authorization module, configured to send, according to the verification result of the verification module, a a network access authorization request to the network device;
The network device accesses the mobile device to the network based on the authorization request. The system for authorizing network access according to claim 1, wherein the authorization condition is that a system for authorizing network access by the system for installing the authorized network access is in the computer. The system for authorizing network access according to claim 1, wherein the mobile device stores at least one calculator program, the calculator program including an action module for defining at least one action and Causing the computer to perform the action, and the system for authorizing network access further includes a condition list for defining the authorization condition, wherein the authorization condition includes the action. The system for authorizing network access, as described in claim 1, wherein the system for authorizing network access further includes:
An action module for defining at least one action and causing the mobile device to perform the action; and a condition list for defining the authorization condition, wherein the authorization condition includes the action. A system for authorizing network access as described in claim 3 or 4, wherein the action comprises the system in which the mobile device initiates the authorized network access. A system for authorizing network access as described in claim 3, wherein the action comprises receiving, by the mobile device, a particular input from a user. A system for authorizing network access as described in claim 3, wherein the action comprises receiving and displaying a web page or video advertisement from a server. A system for authorizing network access as described in claim 3 or 4, wherein the action comprises completion of a service provided by a server. A system for authorizing a mobile device to access an authorized network access of a network is built in a network device, wherein the mobile device and the network device respectively have a communication module for transmitting data to each other And receiving the data from the other party, the improvement is that the system for authorizing network access includes:
a condition list for defining at least one authorization condition for accessing the network through the network device;
a computer program downloading module for transmitting a computer program to the mobile device, the computer program enabling the mobile device to send a data to the network device;
a verification module, configured to determine, according to the data received by the network device, whether the mobile device meets the authorization condition; and a network access module, configured to verify a result based on the verification module, The mobile device is access to the network when the mobile device satisfies the authorization condition. The system for authorizing network access according to claim 9, wherein the computer program download module obtains the calculation program and sends the calculation program to the mobile device. The system for authorizing network access according to claim 9, wherein the computer program download module provides a server address to the mobile device, and the computer program is sent by the server to The mobile device. The system for authorizing network access according to claim 11, wherein the computer program download module further notifies the network access module to access the mobile device within a specific time period. The network to enable the mobile device to request the computer program from the server through the network. The system for authorizing network access according to claim 9, wherein the data is a service request for a network address. The system for authorizing network access according to claim 9, wherein the computer program causes the mobile device to display an advertisement information, and then send the data to the network device. A network device for verifying and authorizing a mobile device to access a network is improved in that the network device includes:
a first communication module for communicating with the mobile device;
a second communication module for connecting to the network;
a storage module, storing a condition list, wherein the condition list defines at least one authorization condition that can access the network through the network device;
a memory electrically connected to the storage module;
a processor, connected to the memory, the storage module, and the first and second communication modules are electrically connected;
The first communication module receives a network access request from the mobile device;
The processor controls the first communication module to send a message to the mobile device, where the message includes downloading the computer program;
The first communication module receives a computer program download request from the mobile device;
The processor controls the network device to obtain the computer program, and controls the first communication module to send the computer program to the mobile device;
The first communication module or the second communication module further receives an authorization request for the mobile device to access the network; and wherein the processor further compares the authorization request with the condition list Authorization condition, when the authorization request matches the authorization condition:
Controlling the first communication module and the second communication module to access the mobile device to the network. The network device of claim 15, wherein the storage module further stores the mobile device program. The network device of claim 15, wherein
The network device is connected to a server located in the network;
The processor further controls the second communication module to send an IP address of the mobile device and the mobile device program request to the server to receive the mobile device program from the server; The processor further controls the first communication module to send the mobile device program to the mobile device. The network device of claim 15, wherein the authorization request is received by the first communication module from the mobile device, and includes notification information that the mobile device installs the mobile device program . The network device of claim 15, wherein the authorization request is received by the first communication module from the mobile device, and the mobile device includes at least one of the mobile device programs Notification information for actions. The network device of claim 15, wherein the authorization request is received by the first communication module from the mobile device, and includes the mobile device to a server located in a network Access request. The network device of claim 15, wherein the authorization request is received by the second communication module from the network, and includes notification information that the mobile device initiates a service. The network device of claim 19, wherein the mobile device program causes the mobile device to display an advertisement information, and send the authorization request to the network device; and the authorization request includes The mobile device displays notification information of the advertisement information. The network device of claim 15, wherein the network device is a wireless area network access device, and the first communication module is a wireless area network communication module, The two communication modules are connected to the network by a mobile communication module or a wired communication module, and the network is the Internet. The network device of claim 15, wherein the network device is a base station, the first communication module is a first mobile communication module, and the second communication module is a second A mobile communication module or a wired communication module is connected to the network, and the network is a mobile communication network. The network device of claim 15 or claim 24, wherein when the authorization request matches the authorization condition:
The processor further configures an additional bandwidth and controls the first communication module and the second communication module to access the mobile device to the network with the additional bandwidth. A method for verifying and authorizing a mobile device to access a network is built in a network device, wherein the mobile device and the network device respectively have a communication module for transmitting data to and receiving data from the other party. , characterized in that the method comprises:
Receiving a network access request from the mobile device;
Sending a message to the mobile device, wherein the message includes downloading a computer program;
Receiving a computer program download request from the mobile device;
Obtaining the computer program and transmitting to the mobile device;
Receiving an authorization request for the mobile device to access the network; and determining whether the mobile device satisfies at least one authorization condition stored in the network device, when the authorization condition is met:
Controlling the first communication module and the second communication module to access the mobile device to the network. A method for verifying and authorizing a mobile device to access a network is built into a server, wherein the server is connected to the network device, and the mobile device has a communication with the network device The module is configured to transmit data to and receive data from the other party, and the method includes:
Receiving a network access request from the network device, wherein the network access request is sent by the mobile device to the network device;
Sending a message to the mobile device, wherein the information includes downloading information of a computer program;
Receiving a computer program download request from the mobile device;
Obtaining the computer program and transmitting to the mobile device;
Receiving an authorization request for accessing the network by the mobile device;
Determining whether the mobile device satisfies at least one authorization condition stored in the server, and when the authorization condition is met, sending an authorization request to the network device; and wherein the network device is set The mobile device is accessed to the network in accordance with the authorization request. The method of claim 27, wherein the authorization condition is that the mobile device requests a specified service from the server through the computer program, and the server further completes the service, Sending the authorization request to the network device. The method of claim 27, wherein the authorization condition is that the mobile device downloads a specified coupon or advertisement to the server through the computer program, and the server further transmits the After the coupon or advertisement, the authorization request is sent to the network device. The method of claim 27, wherein the authorization condition is that the mobile device displays the specified advertisement content through the computer program, and the computer program further causes the movement after displaying the advertisement content The device sends the authorization request to the server, wherein the authorization request includes notification information that the mobile device displays the advertisement content. The method of claim 27, wherein the authorization condition is that the mobile device requests a specified service from a second server by using the computer program, and the second server further completes the After the service, the mobile device is sent to complete the notification information of the service to the server.