WO1996039769A1 - Apparatus and method for providing unique identifiers to remote dial-in network clients - Google Patents

Apparatus and method for providing unique identifiers to remote dial-in network clients Download PDF

Info

Publication number
WO1996039769A1
WO1996039769A1 PCT/US1996/004603 US9604603W WO9639769A1 WO 1996039769 A1 WO1996039769 A1 WO 1996039769A1 US 9604603 W US9604603 W US 9604603W WO 9639769 A1 WO9639769 A1 WO 9639769A1
Authority
WO
WIPO (PCT)
Prior art keywords
remote
access device
computer
client identifier
remote computer
Prior art date
Application number
PCT/US1996/004603
Other languages
French (fr)
Inventor
Andrew S. Rodwin
Jonathan H. Wenocur
Michael G. Feinstein
Original Assignee
Shiva Corporation
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shiva Corporation filed Critical Shiva Corporation
Priority to AU54416/96A priority Critical patent/AU5441696A/en
Priority to EP96911564A priority patent/EP0830772A1/en
Publication of WO1996039769A1 publication Critical patent/WO1996039769A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/40Network security protocols

Definitions

  • This invention relates to providing remote users at remote computers with access to a local computer network, and more particularly, to providing each remote dial-in client dynamically and automatically with an identifier that uniquely identifies the client on the network.
  • the client-server computer networking model allows organizations of all sizes to utilize group productivity products such as e-mail. Many business organizations have grown to rely heavily on network services. Employees who travel typically need to access the same network services and resources provided to them at work. Field offices also frequently need to access the headquarters ' network services.
  • the term "telecommuter” has been used to describe an employee who stays at home and conducts business by accessing the network services provided at the traditional worksite. These types of users are sometimes referred to as “remote” or “remote clients” because they typically are located in a physically remote place from the networks and because they do not connect to the networks locally or directly. Remote users typically connect to the networks via telephone lines.
  • the terms “remote access” and “remote networking” are frequently used to identify the situation in which a remote user accesses a computer network over analog or digital telephone lines.
  • a remote user generally can utilize any type of computer to access the network.
  • the client computer can be, for example, a personal computer, a workstation, or a portable computer such as a laptop computer, a notebook computer, or a palmtop computer.
  • the computer can be, for example, an IBM PC or compatible, an Apple Macintosh, or a Unix-based computer.
  • the user typically connects a modem (or other communications adapter such as a digital adapter if the telephones lines are wholly digital) to a serial port of the computer.
  • the modem (or other communications adapter) connected to the user's remote computer communicates over the telephone lines with another modem (or other communications adapter) which is coupled to a device coupled to the network.
  • the other modem (or other communications adapter) and the device are located at the network which the remote client is attempting to access.
  • the device can be coupled directly to the network, or it can be coupled to the network which the remote client is attempting to access via a communications link (e.g., a WAN link) to that network. It is this device which provides the remote computer with controlled access to the network and the services and resources thereon.
  • the device typically is referred to as a "remote access server" or a "remote access device,” and it generally includes at least one serial port for connecting to the other modem, at least one port for connecting to the network, and electronics which include at least a microprocessor and memory.
  • a typical remote access device provides a point of network access for one or more remote clients.
  • each participant communicating on or attempting to access the network, including remote clients dialed or dialing into the network via one or more remote access devices, to be uniquely identifiable on the network.
  • a dynamic internet protocol (LP) address assignment/management server e.g., a DHCP or Dynamic Host Configuration Protocol server
  • a communications link such as a WAN link
  • each remote client can be dynamically assigned the same IP address even if the user disconnects from the network and then later reconnects, via the same or a different remote access device, before the dynamically- assigned, server-supplied IP address lease expires.
  • any network participant including a remote client which dials into the network, requires an IP address to communicate on the network and utilize the various network services.
  • IP address To communicate on the network and utilize the various network services.
  • it can be useful and desirable to identify uniquely each network participant it generally is not known how to accomplish this result dynamically for remote clients dialed into the network via remote access devices without individually serializing each remote client ahead of time such that each already has a unique identifier.
  • the unique identifier For nodes coupled to the network, it is known to use as the unique identifier a hardware- level address associated with each such node (e.g., the MAC address on the network interface card of each network node).
  • this hardware-level address is not useful as a unique identifier for remote computers because each remote access device coupled to the network (directly or indirectly via a communications link such as a WAN link) typically has more than one remote computer dialed thereinto. That is, the single hardware-level address of a remote access device is insufficient to identify uniquely each of the remote clients accessing the network via that one remote access device.
  • the unique identifier is provided to the remote dial-in client even though the client initially does not, and/or is not able to, provide unique information about the remote computer and/or the remote user thereat to the remote access device or the network.
  • the client can then use the unique identifier to access various network services available on the network. For example, the client can then obtain an internet protocol (IP) address dynamically from a Dynamic Host Configuration Protocol (DHCP) server coupled to the network.
  • IP internet protocol
  • DHCP Dynamic Host Configuration Protocol
  • the invention does not rely on usernames to identify uniquely the remote clients or to generate the unique identifiers, and therefore remote users are allowed to share usernames.
  • the invention involves a remote user at a remote computer (i.e., a remote client) dialing into a computer network via a remote access device coupled to the network.
  • the remote computer includes software which aids the remote user in dialing into the remote access device (and thus the network) over, for example, the public telephone lines. If an identifier is already stored in the remote computer, that identifier is automatically sent to the remote access device. If an identifier is however not yet stored at the remote computer (because, for example, this is the first time the remote client has tried to access the network), the remote computer automatically requests an identifier from the remote access device.
  • the remote access device receives the request and then provides to the remote client an identifier guaranteed to be universally unique on the network. This unique identifier is stored by the remote computer.
  • the remote client can use the identifier to obtain network services. For example, the identifier can be used by the remote access device to identify uniquely the remote client to a DHCP server to obtain an IP address for the client.
  • the remote client After the remote client eventually disconnects from the remote access device (and thus disconnects from the network), that client can later reconnect to the same or a different remote access device to again access the network.
  • the remote computer Upon reconnection, the remote computer automatically retrieves the stored unique identifier and passes it to the remote access device. Because the unique identifier is stored by the remote computer, access to the network can be accomplished via the same pre-disconnection remote access device or a different remote access device coupled to the network.
  • the remote access device can then use the unique identifier to obtain network services. For example, the remote access device can use the identifier to obtain from the same DHCP server the same LP address for the client as was obtained during the previous dial-in connection.
  • the remote access device after receiving the request for an identifier from a remote computer dialed thereinto, the remote access device generates a unique identifier by concatenating two items: (1) a hardware-level address associated with the remote access device, preferably the MAC address on a network interface card that the remote access device uses to couple to the network; and (2) the current date and time which preferably is derived from an on-board Real Time Clock chip in the remote access device.
  • the MAC address of a node coupled to the network is by definition globally unique on the network and in the world, and because the date and time is guaranteed to be unique at any particular instant, the concatenation of these two items is guaranteed to yield a globally unique identifier even if more than one client is dialed into the same remote access device.
  • the remote access device avoids any such conflict by storing the last identifier generated and provided to a remote computer and making sure that the current identifier contains a date/time value different (e.g., greater) than the last identifier before providing the current identifier to a remote computer.
  • the invention provides remote dial-in clients with unique identifiers even if the clients initially do not, and/or are not able to, provide uniquely identifying information about themselves to either the remote access device or the network.
  • IAP Internet Access Provider
  • the invention is useful for generating and utilizing unique identifiers for each potential customer who loads the software on the disk into his or her computer and attempts to take advantage of the free trial Internet access.
  • the disks typically are identical and they contain no unique information. That is, the software on each of the disks contains no information that distinguishes it from any of the other disks.
  • each of the disks is coded with some unique identifying information such as a unique serial number. Since the disks are completely identical, the remote clients have no way of identifying themselves uniquely to the remote access device to which they dial into to access the network.
  • unique identifiers can be generated dynamically and automatically by the remote access device and then provided to the clients dialed thereinto.
  • FIG. 1 A is a simplified diagram of a remote access system in which a remote access device according to the invention provides a remote user at a remote computer with access to a local computer network.
  • FIG. IB is a diagram of a remote access system having a plurality of remote access devices and a plurality of remote users at a plurality of remote computers.
  • FIG. 2 is a diagram of a remote access system shown in more detail than the system shown in FIG. 1A.
  • FIG. 3 A is a flowchart for providing a unique client identifier to a remote dial-in network client according to the invention.
  • FIGS. 3B and 3C are flowcharts showing some details of the operations of FIG. 3 A.
  • FIG. 4 is a block diagram showing major components of a remote access device according to the invention.
  • a remote computer 12 is allowed access to a local computer network 14 by a remote access device 16.
  • the remote access device 16 is itself a powerful programmable computer which provides a point of network access for one or more remote users/computers 18, 12.
  • a remote user at a remote computer generally is referred to herein as a remote client. Only one remote user 18 and one remote computer 12 is shown in FIG. 1A for simplicity.
  • the remote access device 16 is a LanRover which is available from Shiva Corporation of Burlington, MA.
  • the device 16 can be a NetModem/E or other platforms available from Shiva Corporation.
  • the remote user 18 at the remote computer 12 initiates an attempt to gain access to the network 14 (and the network services and resources available thereon such as a dynamic Internet Protocol (IP) address assignment/management server like a Dynamic Host Configuration Protocol, DHCP, server 30) via the remote access device 16 by dialing into the device 16 over telephone lines 22.
  • IP Internet Protocol
  • DHCP Dynamic Host Configuration Protocol
  • the term telephone lines 22 is used herein to mean any digital and/or analog communication link or links used to transmit voice and/or data including wireless links and cellular data links such as Cellular Digital Packet Data (CDPD).
  • CDPD Cellular Digital Packet Data
  • a modem 24 is connected to the remote computer 12, and another modem 26 is connected to the remote access device 16.
  • the modems 24, 26 allow the remote computer 12 and the remote access device 16 to communicate over the telephone lines 22.
  • the modem 26 connected to the remote access device 16 could be part of the remote access device 16 (e.g., included within the device's housing), as indicated by the dotted-line box 28 enclosing the remote access device 16 and the modem 26 connected thereto.
  • the modems 24, 26 could be Integrated Services Digital Network (ISDN) terminal adapters if the telephone lines 22 are the ISDN, or the modems 24, 26 could be any of a variety of other switched-access devices.
  • ISDN Integrated Services Digital Network
  • the remote access system 10 can include one or more remote clients dialed into a single remote access device 16. While one of the remote access devices is shown witr four remote clients dialed thereinto, another remote access device is shown with two clients dialed thereinto, and another has one client dialed thereinto, it generally is possible to have any number of remote clients dialed into any particular remote access device.
  • a remote access device according to the invention allows up to eight remote clients to dial into the network via the device. In some other embodiments, the device allows sixteen or more clients to dial into the network.
  • the remote computer 12 is a portable laptop computer.
  • the remote computer 12 can be any type of portable computer (e.g., a laptop, a notebook, or a palmtop), workstation, or personal computer (e.g., an IBM PC or compatible, an Apple Macintosh, or a Unix-based computer).
  • the remote computer 12 generally must be able to function as a stand-alone computer system when not connected to a network, and as a full network node when it is dialed-in to the network 14 through the remote access device 16.
  • a remote Macintosh system it generally is preferred that the computer have at least a 25 MHz 68030 processor.
  • the computer For a remote PC system, it generally is preferred that the computer have at least a 25 MHz 486 processor.
  • the remote computer 12 of the remote access system 10 must have enough processing power, internal memory, and storage (e.g., disk, tape, etc.) space to run, on the remote computer 12 itself, the remote user's chosen applications without relying upon the on-network communication speed which typically is much higher than the speed of the telephone line link 22.
  • Some telephone lines 22 allow speeds of up to 57.6 or 115.2 kilobits per second whereas the local computer network 14 can operate in ranges from 1 to 100 megabits per second depending on the type of network.
  • the local computer network 14 can be, for example, Ethernet or Token Ring.
  • the remote computer 12 typically will have a serial port 32 which is managed by a serial controller such as a 16550A serial controller chip which can receive or transmit up to sixteen characters without intervention from the central processing unit (CPU) of the remote computer 12.
  • the modem 24 connected to the serial port 32 can be, for example, a N.34 modem (28.8 kilobits per second) or an ISDN terminal adapter.
  • the other modem 26 (which is not shown in FIG. 2 because it is internal to the remote access device 16) is selected to operate properly given the telephone lines 22 employed and the modem 24 connected to the serial port 32.
  • the network services and resources available on the network 14 which the remote user 18 might access via the remote access device 16 can include, for example, a Notes Server 46 and an E-Mail Server 48 in addition to the DHCP server 30.
  • the remote computer 12 can be loaded with network application software 34 and remote access client software 36.
  • the remote access client software 36 can allow, as a relevant example, a Unix-based computer to use a standard Point-to-Point Protocol (PPP) implementation, and a PC-based computer to use any standard (if any) or vendor-supplied remote access clients.
  • a remote access client includes a "dialer” which establishes and terminates the remote access connection and a "driver” which interfaces with the network protocol stacks and the serial port 32 to send and receive network data.
  • the remote access client can operate with a variety of protocols including LPX, TCP/IP, NetBEUI, LLC/802.2, and AppleTalk. Novell's IPX is the native protocol for NetWare.
  • TCP/IP is widely used in Unix-based systems and client-server databases, and TCP/IP also is becoming standard for many other applications.
  • NetBEUI is used for LAN Manager and Microsoft's Windows for Workgroups. LLC/802.2 is for LBM LAN Server and host connectivity.
  • the combination of AppleTalk and TCP/LP covers almost all Macintosh applications.
  • the remote access client software 36 can be, for example, supplied on a computer disk provided free of charge by an Internet Access Provider (IAP).
  • the IAP may be offering a free trial Internet connection by distributing (e.g., with a magazine) identical computer disks to potential customers. A potential customer loads the free disk into his or her computer to take advantage of the free trial Internet access.
  • the software on the free disk helps to establish a free trial connection to the Internet via the phone lines.
  • the disks typically are identical and they contain no unique information. That is, the software on each of the disks contains no information that distinguishes it from any of the other disks.
  • the cost of producing the disks increases if, instead of being identical, each of the disks is coded with some unique identifying information such as a unique serial number. Since the disks are completely identical, the remote clients have no way of identifying themselves uniquely to the remote access device to which they dial into to access the Internet for the free trial.
  • unique identifiers can be generated dynamically and automatically by the remote access device and then provided to the clients dialed thereinto.
  • IAPs offer direct connection to the Internet, as opposed to traditional on-line time-sharing services that only provide limited, controlled Internet access via the service's computer which is connected to the Internet.
  • IAPs are Performance Systems International (PSINet®), Inc. (510 Huntmar Park Drive, Herndon, NA 22070, (703) 709-0300 or (800) 827-7482) and MASSinternet ((800) 236-9737)).
  • PSINet® Performance Systems International
  • Inc. 510 Huntmar Park Drive, Herndon, NA 22070, (703) 709-0300 or (800) 827-7482)
  • MASSinternet (800) 236-9737)
  • Examples of traditional on-line time ⁇ sharing services are Prodigy, CompuServe, and America Online. Referring to FIG.
  • a remote user 18 at a remote computer 12 dials into a remote access device 16 in an attempt to connect to a computer network 14 (step 50).
  • the remote access device 16 is coupled to the computer network 14 either directly as shown or indirectly via a communications link such as a WAN link.
  • the remote computer 12 includes remote access client software 36 (e.g., free software provided by an IAP as described previously) which aids the remote client in dialing into the remote access device 16 (and thus the network 14) over the public telephone lines 22.
  • the remote computer 12 If an identifier is already stored in the remote computer 12 (decision box 52), that identifier is automatically sent to the remote access device 16 in order to obtain network services via the remote access device 16 (steps 54 and 62). If an identifier is however not yet stored at the remote computer 12 (because, for example, this is the first time the remote client has tried to access the network), the remote computer 12 automatically requests an identifier from the remote access device 16 (step 56). In accordance with the invention, neither the remote access client software 36 nor the request sent by the remote computer 12 to the remote access device 16 includes any uniquely identifying information. That is, the remote access device 16 does not receive any information uniquely identifying the remote computer 12 or the remote user thereat.
  • the remote access device 16 receives the request and then generates and provides to the remote client an identifier guaranteed to be universally unique on the network 14 (step 58).
  • the request sent by the remote computer 12 is in the form of a "null" identifier, and the remote access device 16 interprets this "null" identifier as an indication that it should generate and assign to the client a new unique client identifier.
  • the unique client identifier is stored by the remote computer 12 (step 60).
  • the remote computer can store the unique client identifier in a file (e.g., an initialization file) on its hard disk.
  • the remote client can now use this unique client identifier to obtain network services via the remote access device 16 (step 62).
  • the identifier can be used by the remote access device to identify uniquely the remote client to a DHCP server to obtain dynamically an IP address for the client.
  • the remote computer 12 automatically retrieves the stored unique client identifier stored thereat (decision box 52) and passes it to the remote access device (step 54) in order to again obtain network services (step 62). Because the unique client identifier is stored by the remote computer 12, access to the network 14 can be accomplished via the same pre-disconnection remote access device (16 ⁇ ) or a different remote access device (16 2 ) coupled (directly or indirectly) to the network 14. The remote access device can then use the unique client identifier to obtain network services. For example, the remote access device can use the unique client identifier to obtain from the DHCP server the same IP address for the client as was obtained during the previous dial-in connection.
  • the remote access device after receiving the request for an identifier from the remote computer dialed thereinto, the remote access device generates the unique client identifier (step 58) by concatenating two items (step 66).
  • the two items are: (i) a hardware-level address associated with the remote access device, such as the MAC address on a network interface card that the remote access device uses to couple (directly or indirectly) to the network 14; and (ii) the current date and time which preferably is derived from an on-board Real Time Clock chip in the remote access device.
  • the MAC address of a node coupled (directly or indirectly) to the network is by definition globally unique on the network 14 and in the world, and because the date and time is guaranteed to be unique at any particular instant, the concatenation of these two items is guaranteed to yield a globally unique identifier even if more than one client is dialed into the same remote access device.
  • the remote access device avoids any such conflict by storing the last identifier generated and provided to a remote computer (step 68) and checking or comparing the stored identifier against the most recently generated (current) identifier to make sure that the current identifier contains a date/time value different (e.g., greater) than the stored identifier before providing the current identifier to a remote computer (step 70). If the current identifier is not different than stored identifier (decision box 72), discard the current identifier and generate another identifier to replace it (step 74).
  • This replacement identifier then becomes the current identifier, and the comparison with the stored identifier is performed again (step 70). If the current and stored identifiers are different, the current identifier becomes the stored identifier (e.g., the value in storage is overwritten with the current identifier), and the current identifier is provided to the remote computer (step 76).
  • the stored identifier e.g., the value in storage is overwritten with the current identifier
  • the above-described identifier generation technique assumes or requires that the remote access server's date and time is correct.
  • measures must be taken to ensure the correctness of the date and time. These measures can include making sure that the Time Server(s) on the network from which the remote access devices obtain time/date information are accurate and/or prompting the network administrator to check the remote access devices' date and time at certain points.
  • the invention thus provides remote dial-in clients with unique identifiers even though the clients initially do not provide uniquely identifying information about themselves to either the remote access device or the network.
  • the invention does not rely on usernames to identify uniquely the remote clients or to generate the unique client identifiers, and therefore remote users are allowed to share usernames. Further details about the remote access device according to the invention are provided below.
  • the performance of the remote access device 16 is primarily determined by the ability to move data through its serial ports without much attention from its CPU.
  • the performance of the remote access device 16 also is determined by its CPU's ability to perform the routing, filtering, IP address tracking, etc. that the CPU must do without adding undue delays as it forwards data packets.
  • the remote access device 16 thus has generally been optimized for serial port throughput and general CPU power. Because the remote access device 16 must be highly reliable and efficient, it includes solid-state, non-volatile storage for the controlling software.
  • the software is upgradeable via downloading from the network 14 to the remote access device 16.
  • the network manager can perform any upgrades.
  • the software in the remote access device 16 causes the remote access device 16 to perform the functionality described herein, although it should be noted that it is possible to use dedicated electronic hardware to perform all of the functionality described herein.
  • FIG. 4 shows one embodiment of the remote access device 16.
  • one embodiment of the remote access device 16 includes electronics 38, a plurality of serial communication ports 40J-40N, and a plurality of network ports 42 ⁇ -42jy[.
  • the remote access device 16 also can include a plurality of internal modems 44J-44N.
  • the serial ports 40 and the network ports 42 are controlled by the electronics 38.
  • the electronics 38 include, in some embodiments, a powerful 25 MHz 68EC020 microprocessor and memory such as one or more (e.g., two) megabytes of battery backed-up static random access memory (SRAM) and 64 kilobytes in an erasable programmable read only memory (EPROM).
  • the electronics 38 also can include an on-board Real Time Clock chip 39 from which the remote access device 16 can obtain date and time information.
  • Each of the serial communication ports 40 is for coupling with a commumcation device (e.g., the modem 26 of FIG. 1 A), or for coupling with the telephone lines 22, to provide for 5 communication with a remote computer (e.g., the remote computer 12 of FIGS. 1 and 2) over the telephone lines 22.
  • a connecting cable can be used to couple a serial port 40 with the communication device or with the telephone lines.
  • Each of the serial ports 40 can simultaneously be coupled to a different one of the one or more remote computers so as to provide simultaneous access to the local computer network 14 for each of the remote computers, even if each of the 10 remote computers employs a different protocol (e.g., IPX, TCP/IP, AppleTalk, NetBEUI, or 802.2/LLC).
  • the remote access device 16 includes eight serial ports 40, each port 40 being a DB-25 asynchronous serial port which supports speeds of up to 115.2 kilobits per second (kbps), with an internal N.34 modem 44 associated with each.
  • Each of the network ports 42 is for coupling with a local computer network (e.g., the 15 network 14 of FIGS. 1 and 2), via a connecting cable, to provide for commumcation with the network.
  • the remote access device 16 is connected to only one network during normal operation, although it is possible with some embodiments to connect to more than one network.
  • the remote access device 16 includes three network ports 42, one for lOBaseT Ethernet, one for Thin Ethernet, and one for Thick Ethernet.
  • the remote access device 16 includes a single network port 42 for Token Ring.
  • the network ports 42 are network interface cards and each has a hardware-level address thereon such as a Medium Access Control (MAC) address.
  • MAC Medium Access Control
  • the remote access device 16 shown functionally in FIG. 4 can be contained in a housing similar to that shown in FIG. 2.
  • the housing preferably is less than or equal to about 1.7 by 17 by 25 10 inches. Other housing sizes are possible.
  • the housing can be made rack-mountable.

Abstract

A remote user (18) at a remote (12) computer accesses a computer network (14) via a remote access device (16) coupled (directly or indirectly) to the network (14). The remote access device receives from the remote computer a request for an identifier. The request does not include any information that uniquely identifies the remote computer or the user thereat. In response to the request, the remote access device generates a client identifier that uniquely identifies the remote computer and then provides that unique client identifier to the remote computer. The remote access device can generate the unique client identifier by concatenating a hardware-level address associated with the remote access device (e.g., a Medium Access Control or MAC address) and the current date and time. The remote computer can store the unique client identifier for future use, and the remote access device can use the unique client identifier to obtain services available on the computer network. For example, the remote access device can use the unique client identifier to identify uniquely the remote computer to a server on the computer network which dynamically assigns Internet Protocol (IP) addresses in order to obtain an IP address for the remote computer.

Description

APPARATUS AND METHOD FOR PROVTDING UNIQUE IDENTIFIERS TO REMOTE DIAL-IN NETWORK CLIENTS
Field of the Invention
This invention relates to providing remote users at remote computers with access to a local computer network, and more particularly, to providing each remote dial-in client dynamically and automatically with an identifier that uniquely identifies the client on the network.
Background of the Invention
The client-server computer networking model allows organizations of all sizes to utilize group productivity products such as e-mail. Many business organizations have grown to rely heavily on network services. Employees who travel typically need to access the same network services and resources provided to them at work. Field offices also frequently need to access the headquarters' network services. The term "telecommuter" has been used to describe an employee who stays at home and conducts business by accessing the network services provided at the traditional worksite. These types of users are sometimes referred to as "remote" or "remote clients" because they typically are located in a physically remote place from the networks and because they do not connect to the networks locally or directly. Remote users typically connect to the networks via telephone lines. The terms "remote access" and "remote networking" are frequently used to identify the situation in which a remote user accesses a computer network over analog or digital telephone lines.
A remote user generally can utilize any type of computer to access the network. The client computer can be, for example, a personal computer, a workstation, or a portable computer such as a laptop computer, a notebook computer, or a palmtop computer. Also, the computer can be, for example, an IBM PC or compatible, an Apple Macintosh, or a Unix-based computer. The user typically connects a modem (or other communications adapter such as a digital adapter if the telephones lines are wholly digital) to a serial port of the computer. The modem (or other communications adapter) connected to the user's remote computer communicates over the telephone lines with another modem (or other communications adapter) which is coupled to a device coupled to the network. The other modem (or other communications adapter) and the device are located at the network which the remote client is attempting to access. The device can be coupled directly to the network, or it can be coupled to the network which the remote client is attempting to access via a communications link (e.g., a WAN link) to that network. It is this device which provides the remote computer with controlled access to the network and the services and resources thereon. The device typically is referred to as a "remote access server" or a "remote access device," and it generally includes at least one serial port for connecting to the other modem, at least one port for connecting to the network, and electronics which include at least a microprocessor and memory. A typical remote access device provides a point of network access for one or more remote clients.
It can be useful for each participant communicating on or attempting to access the network, including remote clients dialed or dialing into the network via one or more remote access devices, to be uniquely identifiable on the network. For example, if a dynamic internet protocol (LP) address assignment/management server (e.g., a DHCP or Dynamic Host Configuration Protocol server) coupled to the network (directly or via a communications link such as a WAN link) can uniquely identify each remote client, each remote client can be dynamically assigned the same IP address even if the user disconnects from the network and then later reconnects, via the same or a different remote access device, before the dynamically- assigned, server-supplied IP address lease expires. (With some network protocols such as TCP/IP, any network participant, including a remote client which dials into the network, requires an IP address to communicate on the network and utilize the various network services.) However, while it can be useful and desirable to identify uniquely each network participant, it generally is not known how to accomplish this result dynamically for remote clients dialed into the network via remote access devices without individually serializing each remote client ahead of time such that each already has a unique identifier.
For nodes coupled to the network, it is known to use as the unique identifier a hardware- level address associated with each such node (e.g., the MAC address on the network interface card of each network node). However, this hardware-level address is not useful as a unique identifier for remote computers because each remote access device coupled to the network (directly or indirectly via a communications link such as a WAN link) typically has more than one remote computer dialed thereinto. That is, the single hardware-level address of a remote access device is insufficient to identify uniquely each of the remote clients accessing the network via that one remote access device. The tendency of some users to utilize the exact same username (e.g., "Joe" or "Smith") renders the username a poor choice as a unique identifier for each network participant. A simple and reliable way of dynamically providing a unique identifier to each network participant, including remote clients accessing the network via dial-in connections to remote access devices coupled to the network (directly or indirectly via a communications link such as a WAN link), is needed.
Summary of the Invention
It is an object of this invention to allow one or more remote users at remote computers (i.e., one or more remote clients) to dial-in and gain access to a local computer network via a remote access device coupled to the network.
It is another object of the invention to identify uniquely on the network each of the remote clients dialed thereinto via remote access devices.
It is a further object of the invention to provide each remote dial-in client dynamically and automatically with an identifier uniquely identifying the client on the network that the client is dialing into via a remote access device. The unique identifier is provided to the remote dial-in client even though the client initially does not, and/or is not able to, provide unique information about the remote computer and/or the remote user thereat to the remote access device or the network. With its dynamically provided unique identifier, the client can then use the unique identifier to access various network services available on the network. For example, the client can then obtain an internet protocol (IP) address dynamically from a Dynamic Host Configuration Protocol (DHCP) server coupled to the network. The invention does not rely on usernames to identify uniquely the remote clients or to generate the unique identifiers, and therefore remote users are allowed to share usernames. In general, the invention involves a remote user at a remote computer (i.e., a remote client) dialing into a computer network via a remote access device coupled to the network. The remote computer includes software which aids the remote user in dialing into the remote access device (and thus the network) over, for example, the public telephone lines. If an identifier is already stored in the remote computer, that identifier is automatically sent to the remote access device. If an identifier is however not yet stored at the remote computer (because, for example, this is the first time the remote client has tried to access the network), the remote computer automatically requests an identifier from the remote access device. The remote access device receives the request and then provides to the remote client an identifier guaranteed to be universally unique on the network. This unique identifier is stored by the remote computer. The remote client can use the identifier to obtain network services. For example, the identifier can be used by the remote access device to identify uniquely the remote client to a DHCP server to obtain an IP address for the client.
After the remote client eventually disconnects from the remote access device (and thus disconnects from the network), that client can later reconnect to the same or a different remote access device to again access the network. Upon reconnection, the remote computer automatically retrieves the stored unique identifier and passes it to the remote access device. Because the unique identifier is stored by the remote computer, access to the network can be accomplished via the same pre-disconnection remote access device or a different remote access device coupled to the network. The remote access device can then use the unique identifier to obtain network services. For example, the remote access device can use the identifier to obtain from the same DHCP server the same LP address for the client as was obtained during the previous dial-in connection.
In a preferred embodiment of the invention, after receiving the request for an identifier from a remote computer dialed thereinto, the remote access device generates a unique identifier by concatenating two items: (1) a hardware-level address associated with the remote access device, preferably the MAC address on a network interface card that the remote access device uses to couple to the network; and (2) the current date and time which preferably is derived from an on-board Real Time Clock chip in the remote access device. Since the MAC address of a node coupled to the network is by definition globally unique on the network and in the world, and because the date and time is guaranteed to be unique at any particular instant, the concatenation of these two items is guaranteed to yield a globally unique identifier even if more than one client is dialed into the same remote access device. While it is unlikely that two or more remote clients will dial into the same remote access device and request an identifier at precisely the same instant in time or even within a short interval of time (e.g., one second), the remote access device avoids any such conflict by storing the last identifier generated and provided to a remote computer and making sure that the current identifier contains a date/time value different (e.g., greater) than the last identifier before providing the current identifier to a remote computer.
The invention provides remote dial-in clients with unique identifiers even if the clients initially do not, and/or are not able to, provide uniquely identifying information about themselves to either the remote access device or the network. For example, in a situation where an Internet Access Provider (IAP) offers free trial service by distributing (e.g., with a magazine) identical computer disks to potential customers, the invention is useful for generating and utilizing unique identifiers for each potential customer who loads the software on the disk into his or her computer and attempts to take advantage of the free trial Internet access. In such a mass distribution, the disks typically are identical and they contain no unique information. That is, the software on each of the disks contains no information that distinguishes it from any of the other disks. The cost of producing the disks increases if, instead of being identical, each of the disks is coded with some unique identifying information such as a unique serial number. Since the disks are completely identical, the remote clients have no way of identifying themselves uniquely to the remote access device to which they dial into to access the network. In accordance with the invention, unique identifiers can be generated dynamically and automatically by the remote access device and then provided to the clients dialed thereinto.
The foregoing and other objects, aspects, features, and advantages of the invention will become more apparent from the following description and from the claims.
Brief Description of the Drawings In the drawings, like reference characters generally refer to the same parts throughout the different views. Also, the drawings are not necessarily to scale, emphasis instead generally being placed upon illustrating the principles of the invention. FIG. 1 A is a simplified diagram of a remote access system in which a remote access device according to the invention provides a remote user at a remote computer with access to a local computer network.
FIG. IB is a diagram of a remote access system having a plurality of remote access devices and a plurality of remote users at a plurality of remote computers. FIG. 2 is a diagram of a remote access system shown in more detail than the system shown in FIG. 1A.
FIG. 3 A is a flowchart for providing a unique client identifier to a remote dial-in network client according to the invention.
FIGS. 3B and 3C are flowcharts showing some details of the operations of FIG. 3 A. FIG. 4 is a block diagram showing major components of a remote access device according to the invention.
- 1 - Description Referring to FIG. 1A, in a remote access system 10, a remote computer 12 is allowed access to a local computer network 14 by a remote access device 16. As will be described in more detail later with reference to FIGS. IB and 3, the remote access device 16 is itself a powerful programmable computer which provides a point of network access for one or more remote users/computers 18, 12. A remote user at a remote computer generally is referred to herein as a remote client. Only one remote user 18 and one remote computer 12 is shown in FIG. 1A for simplicity. In some embodiments, the remote access device 16 is a LanRover which is available from Shiva Corporation of Burlington, MA. In some other embodiments, the device 16 can be a NetModem/E or other platforms available from Shiva Corporation.
The remote user 18 at the remote computer 12 initiates an attempt to gain access to the network 14 (and the network services and resources available thereon such as a dynamic Internet Protocol (IP) address assignment/management server like a Dynamic Host Configuration Protocol, DHCP, server 30) via the remote access device 16 by dialing into the device 16 over telephone lines 22. The term telephone lines 22 is used herein to mean any digital and/or analog communication link or links used to transmit voice and/or data including wireless links and cellular data links such as Cellular Digital Packet Data (CDPD).
In the disclosed embodiment, a modem 24 is connected to the remote computer 12, and another modem 26 is connected to the remote access device 16. The modems 24, 26 allow the remote computer 12 and the remote access device 16 to communicate over the telephone lines 22. Note that the modem 26 connected to the remote access device 16 could be part of the remote access device 16 (e.g., included within the device's housing), as indicated by the dotted-line box 28 enclosing the remote access device 16 and the modem 26 connected thereto. Also note that the modems 24, 26 could be Integrated Services Digital Network (ISDN) terminal adapters if the telephone lines 22 are the ISDN, or the modems 24, 26 could be any of a variety of other switched-access devices.
Referring to FIG. IB, the remote access system 10 can include one or more remote clients dialed into a single remote access device 16. While one of the remote access devices is shown witr four remote clients dialed thereinto, another remote access device is shown with two clients dialed thereinto, and another has one client dialed thereinto, it generally is possible to have any number of remote clients dialed into any particular remote access device. In some embodiments, a remote access device according to the invention allows up to eight remote clients to dial into the network via the device. In some other embodiments, the device allows sixteen or more clients to dial into the network.
Referring to FIG. 2, the remote access system 10 of FIG. 1A is shown in more detail. The remote computer 12 is a portable laptop computer. In general, the remote computer 12 can be any type of portable computer (e.g., a laptop, a notebook, or a palmtop), workstation, or personal computer (e.g., an IBM PC or compatible, an Apple Macintosh, or a Unix-based computer). The remote computer 12 generally must be able to function as a stand-alone computer system when not connected to a network, and as a full network node when it is dialed-in to the network 14 through the remote access device 16. For a remote Macintosh system, it generally is preferred that the computer have at least a 25 MHz 68030 processor. For a remote PC system, it generally is preferred that the computer have at least a 25 MHz 486 processor.
In general, the remote computer 12 of the remote access system 10 must have enough processing power, internal memory, and storage (e.g., disk, tape, etc.) space to run, on the remote computer 12 itself, the remote user's chosen applications without relying upon the on-network communication speed which typically is much higher than the speed of the telephone line link 22. Some telephone lines 22 allow speeds of up to 57.6 or 115.2 kilobits per second whereas the local computer network 14 can operate in ranges from 1 to 100 megabits per second depending on the type of network. The local computer network 14 can be, for example, Ethernet or Token Ring. The remote computer 12 typically will have a serial port 32 which is managed by a serial controller such as a 16550A serial controller chip which can receive or transmit up to sixteen characters without intervention from the central processing unit (CPU) of the remote computer 12. The modem 24 connected to the serial port 32 can be, for example, a N.34 modem (28.8 kilobits per second) or an ISDN terminal adapter. The other modem 26 (which is not shown in FIG. 2 because it is internal to the remote access device 16) is selected to operate properly given the telephone lines 22 employed and the modem 24 connected to the serial port 32. The network services and resources available on the network 14 which the remote user 18 might access via the remote access device 16 can include, for example, a Notes Server 46 and an E-Mail Server 48 in addition to the DHCP server 30.
The remote computer 12 can be loaded with network application software 34 and remote access client software 36. The remote access client software 36 can allow, as a relevant example, a Unix-based computer to use a standard Point-to-Point Protocol (PPP) implementation, and a PC-based computer to use any standard (if any) or vendor-supplied remote access clients. A remote access client includes a "dialer" which establishes and terminates the remote access connection and a "driver" which interfaces with the network protocol stacks and the serial port 32 to send and receive network data. The remote access client can operate with a variety of protocols including LPX, TCP/IP, NetBEUI, LLC/802.2, and AppleTalk. Novell's IPX is the native protocol for NetWare. TCP/IP is widely used in Unix-based systems and client-server databases, and TCP/IP also is becoming standard for many other applications. NetBEUI is used for LAN Manager and Microsoft's Windows for Workgroups. LLC/802.2 is for LBM LAN Server and host connectivity. The combination of AppleTalk and TCP/LP covers almost all Macintosh applications. The remote access client software 36 can be, for example, supplied on a computer disk provided free of charge by an Internet Access Provider (IAP). The IAP may be offering a free trial Internet connection by distributing (e.g., with a magazine) identical computer disks to potential customers. A potential customer loads the free disk into his or her computer to take advantage of the free trial Internet access. The software on the free disk helps to establish a free trial connection to the Internet via the phone lines. In such a mass distribution, the disks typically are identical and they contain no unique information. That is, the software on each of the disks contains no information that distinguishes it from any of the other disks. The cost of producing the disks increases if, instead of being identical, each of the disks is coded with some unique identifying information such as a unique serial number. Since the disks are completely identical, the remote clients have no way of identifying themselves uniquely to the remote access device to which they dial into to access the Internet for the free trial. In accordance with the invention, unique identifiers can be generated dynamically and automatically by the remote access device and then provided to the clients dialed thereinto.
As an aside, IAPs offer direct connection to the Internet, as opposed to traditional on-line time-sharing services that only provide limited, controlled Internet access via the service's computer which is connected to the Internet. Examples of IAPs are Performance Systems International (PSINet®), Inc. (510 Huntmar Park Drive, Herndon, NA 22070, (703) 709-0300 or (800) 827-7482) and MASSinternet ((800) 236-9737)). Examples of traditional on-line time¬ sharing services are Prodigy, CompuServe, and America Online. Referring to FIG. 3 A, in accordance with the invention, a remote user 18 at a remote computer 12 (i.e., a remote client) dials into a remote access device 16 in an attempt to connect to a computer network 14 (step 50). The remote access device 16 is coupled to the computer network 14 either directly as shown or indirectly via a communications link such as a WAN link. The remote computer 12 includes remote access client software 36 (e.g., free software provided by an IAP as described previously) which aids the remote client in dialing into the remote access device 16 (and thus the network 14) over the public telephone lines 22. If an identifier is already stored in the remote computer 12 (decision box 52), that identifier is automatically sent to the remote access device 16 in order to obtain network services via the remote access device 16 (steps 54 and 62). If an identifier is however not yet stored at the remote computer 12 (because, for example, this is the first time the remote client has tried to access the network), the remote computer 12 automatically requests an identifier from the remote access device 16 (step 56). In accordance with the invention, neither the remote access client software 36 nor the request sent by the remote computer 12 to the remote access device 16 includes any uniquely identifying information. That is, the remote access device 16 does not receive any information uniquely identifying the remote computer 12 or the remote user thereat. The remote access device 16 receives the request and then generates and provides to the remote client an identifier guaranteed to be universally unique on the network 14 (step 58). In the disclosed embodiment, the request sent by the remote computer 12 is in the form of a "null" identifier, and the remote access device 16 interprets this "null" identifier as an indication that it should generate and assign to the client a new unique client identifier. The unique client identifier is stored by the remote computer 12 (step 60). For example, the remote computer can store the unique client identifier in a file (e.g., an initialization file) on its hard disk. The remote client can now use this unique client identifier to obtain network services via the remote access device 16 (step 62). For example, the identifier can be used by the remote access device to identify uniquely the remote client to a DHCP server to obtain dynamically an IP address for the client.
If (or when) the remote client disconnects or is disconnected from the remote access device 16 and thus disconnects or is disconnected from the network 14 (step 64), that client can later reconnect to the same or a different remote access device to again access the network 14 (step 50). Upon reconnection (step 50), the remote computer 12 automatically retrieves the stored unique client identifier stored thereat (decision box 52) and passes it to the remote access device (step 54) in order to again obtain network services (step 62). Because the unique client identifier is stored by the remote computer 12, access to the network 14 can be accomplished via the same pre-disconnection remote access device (16ι) or a different remote access device (162) coupled (directly or indirectly) to the network 14. The remote access device can then use the unique client identifier to obtain network services. For example, the remote access device can use the unique client identifier to obtain from the DHCP server the same IP address for the client as was obtained during the previous dial-in connection.
Note that this exchange of identifier information is not meant to replace authentication of the client. If it were to be used for authentication, it would have to be subject to some randomization technique used to prevent recording and playback.
Referring to FIGS. 3B and 3C, in the disclosed embodiment of the invention, after receiving the request for an identifier from the remote computer dialed thereinto, the remote access device generates the unique client identifier (step 58) by concatenating two items (step 66). The two items are: (i) a hardware-level address associated with the remote access device, such as the MAC address on a network interface card that the remote access device uses to couple (directly or indirectly) to the network 14; and (ii) the current date and time which preferably is derived from an on-board Real Time Clock chip in the remote access device. Since the MAC address of a node coupled (directly or indirectly) to the network is by definition globally unique on the network 14 and in the world, and because the date and time is guaranteed to be unique at any particular instant, the concatenation of these two items is guaranteed to yield a globally unique identifier even if more than one client is dialed into the same remote access device.
While it is unlikely that at precisely the same instant in time, or even within a short interval of time (e.g., one second), two or more remote clients will dial into the same remote access device and request an identifier, the remote access device avoids any such conflict by storing the last identifier generated and provided to a remote computer (step 68) and checking or comparing the stored identifier against the most recently generated (current) identifier to make sure that the current identifier contains a date/time value different (e.g., greater) than the stored identifier before providing the current identifier to a remote computer (step 70). If the current identifier is not different than stored identifier (decision box 72), discard the current identifier and generate another identifier to replace it (step 74). This replacement identifier then becomes the current identifier, and the comparison with the stored identifier is performed again (step 70). If the current and stored identifiers are different, the current identifier becomes the stored identifier (e.g., the value in storage is overwritten with the current identifier), and the current identifier is provided to the remote computer (step 76).
Note that the above-described identifier generation technique assumes or requires that the remote access server's date and time is correct. In general, measures must be taken to ensure the correctness of the date and time. These measures can include making sure that the Time Server(s) on the network from which the remote access devices obtain time/date information are accurate and/or prompting the network administrator to check the remote access devices' date and time at certain points. The invention thus provides remote dial-in clients with unique identifiers even though the clients initially do not provide uniquely identifying information about themselves to either the remote access device or the network. The invention does not rely on usernames to identify uniquely the remote clients or to generate the unique client identifiers, and therefore remote users are allowed to share usernames. Further details about the remote access device according to the invention are provided below.
The performance of the remote access device 16 is primarily determined by the ability to move data through its serial ports without much attention from its CPU. The performance of the remote access device 16 also is determined by its CPU's ability to perform the routing, filtering, IP address tracking, etc. that the CPU must do without adding undue delays as it forwards data packets. The remote access device 16 thus has generally been optimized for serial port throughput and general CPU power. Because the remote access device 16 must be highly reliable and efficient, it includes solid-state, non-volatile storage for the controlling software. The software is upgradeable via downloading from the network 14 to the remote access device 16. The network manager can perform any upgrades.
In general, the software in the remote access device 16 causes the remote access device 16 to perform the functionality described herein, although it should be noted that it is possible to use dedicated electronic hardware to perform all of the functionality described herein.
FIG. 4 shows one embodiment of the remote access device 16. Other embodiments have different configurations. Referring to FIG. 4, one embodiment of the remote access device 16 includes electronics 38, a plurality of serial communication ports 40J-40N, and a plurality of network ports 42ι-42jy[. The remote access device 16 also can include a plurality of internal modems 44J-44N. The serial ports 40 and the network ports 42 are controlled by the electronics 38. The electronics 38 include, in some embodiments, a powerful 25 MHz 68EC020 microprocessor and memory such as one or more (e.g., two) megabytes of battery backed-up static random access memory (SRAM) and 64 kilobytes in an erasable programmable read only memory (EPROM). The electronics 38 also can include an on-board Real Time Clock chip 39 from which the remote access device 16 can obtain date and time information.
Each of the serial communication ports 40 is for coupling with a commumcation device (e.g., the modem 26 of FIG. 1 A), or for coupling with the telephone lines 22, to provide for 5 communication with a remote computer (e.g., the remote computer 12 of FIGS. 1 and 2) over the telephone lines 22. A connecting cable can be used to couple a serial port 40 with the communication device or with the telephone lines. Each of the serial ports 40 can simultaneously be coupled to a different one of the one or more remote computers so as to provide simultaneous access to the local computer network 14 for each of the remote computers, even if each of the 10 remote computers employs a different protocol (e.g., IPX, TCP/IP, AppleTalk, NetBEUI, or 802.2/LLC). In some embodiments, the remote access device 16 includes eight serial ports 40, each port 40 being a DB-25 asynchronous serial port which supports speeds of up to 115.2 kilobits per second (kbps), with an internal N.34 modem 44 associated with each.
Each of the network ports 42 is for coupling with a local computer network (e.g., the 15 network 14 of FIGS. 1 and 2), via a connecting cable, to provide for commumcation with the network. Typically, the remote access device 16 is connected to only one network during normal operation, although it is possible with some embodiments to connect to more than one network. In some embodiments, the remote access device 16 includes three network ports 42, one for lOBaseT Ethernet, one for Thin Ethernet, and one for Thick Ethernet. In some other 20 embodiments, the remote access device 16 includes a single network port 42 for Token Ring. In general, the network ports 42 are network interface cards and each has a hardware-level address thereon such as a Medium Access Control (MAC) address.
The remote access device 16 shown functionally in FIG. 4 can be contained in a housing similar to that shown in FIG. 2. The housing preferably is less than or equal to about 1.7 by 17 by 25 10 inches. Other housing sizes are possible. The housing can be made rack-mountable.
Variations, modifications, and other implementations of what is described herein will occur to those of ordinary skill in the art without departing from the spirit and the scope of the invention as claimed. Accordingly, the invention is to be defined not by the preceding illustrative
^ description but instead by the following claims. 30 What is claimed is:

Claims

Claims
1. A method for providing unique identifiers to remote computers, comprising: . providing a remote access device coupled to a computer network; receiving at the remote access device a request for an identifier from a remote computer which is attempting to gain access to the computer network via the remote access device which is located remote from the remote computer as is the computer network; generating at the remote access device a unique client identifier in response to the request for the identifier received from the remote computer, the unique client identifier uniquely identifying the remote computer; and providing the unique client identifier to the remote computer.
2. The method of claim 1 further comprising: storing the unique client identifier at the remote computer; and using the unique client identifier to obtain services available on the computer network.
3. The method of claim 2 wherein the step of using the unique client identifier comprises the remote access device using the unique client identifier to identify uniquely the remote computer to a server on the computer network which dynamically assigns internet protocol (IP) addresses in order to obtain an IP address for the remote computer.
4. The method of claim 1 wherein the step of receiving the request comprises receiving the request which does not include any information uniquely identifying the remote computer or a user at the remote computer.
5. The method of claim 1 wherein the step of generating the unique client identifier comprises: concatenating a hardware-level address associated with the remote access device and the current date and time.
6. The method of claim 5 wherein the step of concatenating comprises concatenating a Medium Access Control (MAC) address associated with the remote access device and the current date and time.
7. A method for providing unique identifiers to remote computers, comprising: providing a remote access device coupled to a computer network at a first location; providing a remote computer at a second location remote from the first location; receiving at the remote access device a request for an identifier from the remote computer which is attempting to gain access to the computer network via the remote access device, the request including no information uniquely identifying the remote computer or a user at the remote computer; generating at the remote access device a unique client identifier in response to the request for the identifier received from the remote computer, the unique client identifier uniquely identifying the remote computer; providing the unique client identifier to the remote computer; and using the unique client identifier to obtain services available on the computer network.
8. The method of claim 7 further comprising: storing the unique client identifier at the remote computer.
9. The method of claim 7 wherein the step of using the unique client identifier comprises the remote access device using the unique client identifier to identify uniquely the remote computer to a server on the computer network which dynamically assigns internet protocol (IP) addresses in order to obtain an IP address for the remote computer.
10. The method of claim 7 wherein the step of generating the unique client identifier comprises: concatenating a hardware-level address associated with the remote access device and the current date and time.
11. The method of claim 10 wherein the step of concatenating comprises concatenating a Medium Access Control (MAC) address associated with the remote access device and the current date and time.
12. Apparatus for providing unique identifiers to remote computers, comprising: a computer network located at a first location; a remote computer at a second location remote from the first location; and a remote access device, coupled to the computer network at the first location, comprising means for receiving a request for an identifier from the remote computer which is attempting to gain access to the computer network via the remote access device, the request including no information uniquely identifying the remote computer or a user at the remote computer, means for generating a unique client identifier in response to the request for the identifier received from the remote computer, the unique client identifier uniquely identifying the remote computer, means for providing the unique client identifier to the remote computer, and means for using the unique client identifier to obtain services available on the computer network.
13. The apparatus of claim 12 wherein the remote computer comprises means for storing the unique client identifier.
14. The apparatus of claim 12 wherein the means for using the unique client identifier comprises means for using the unique client identifier to identify uniquely the remote computer to a server on the computer network which dynamically assigns internet protocol (LP) addresses in order to obtain an IP address for the remote computer.
15. The apparatus of claim 12 wherein the means for generating the unique client identifier comprise means for concatenating a hardware-level address associated with the remote access device and the current date and time.
16. The apparatus of claim 15 wherein the means for concatenating comprise means for concatenating a Medium Access Control (MAC) address associated with the remote access device and the current date and time.
17. Apparatus for providing unique identifiers to remote computers, comprising: a communications link; a remote computer, at a first location, for sending a request for an identifier over the communications link, the request including no information uniquely identifying the remote computer or a user at the remote computer; a computer network located at a second location remote from the first location; and a remote access device, coupled to the computer network at the second location, for receiving the request from the communications link, generating in response to the request a unique client identifier which uniquely identifies the remote computer, and providing the unique client identifier to the remote computer.
18. The apparatus of claim 17 wherein the remote computer comprises means for storing the unique client identifier.
19. The apparatus of claim 17 wherein the remote access device also uses the unique client identifier to obtain, for the remote computer, services available on the computer network.
20. The apparatus of claim 19 wherein the remote access device uses the unique client identifier to identify uniquely the remote computer to a server on the computer network which dynamically assigns internet protocol (IP) addresses in order to obtain an IP address for the remote computer.
21. The apparatus of claim 17 wherein the remote access device generates the unique client identifier by concatenating a hardware-level address associated with the remote access device and the current date and time.
22. The apparatus of claim 21 wherein the remote access device concatenates a Medium Access Control (MAC) address associated with the remote access device and the current date and time.
PCT/US1996/004603 1995-06-05 1996-04-04 Apparatus and method for providing unique identifiers to remote dial-in network clients WO1996039769A1 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
AU54416/96A AU5441696A (en) 1995-06-05 1996-04-04 Apparatus and method for providing unique identifiers to rem ote dial-in network clients
EP96911564A EP0830772A1 (en) 1995-06-05 1996-04-04 Apparatus and method for providing unique identifiers to remote dial-in network clients

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US46523195A 1995-06-05 1995-06-05
US08/465,231 1995-06-05

Publications (1)

Publication Number Publication Date
WO1996039769A1 true WO1996039769A1 (en) 1996-12-12

Family

ID=23846964

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US1996/004603 WO1996039769A1 (en) 1995-06-05 1996-04-04 Apparatus and method for providing unique identifiers to remote dial-in network clients

Country Status (4)

Country Link
EP (1) EP0830772A1 (en)
AU (1) AU5441696A (en)
CA (1) CA2223693A1 (en)
WO (1) WO1996039769A1 (en)

Cited By (15)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO1998026554A1 (en) * 1996-12-09 1998-06-18 Sun Microsystems, Inc. Method and apparatus for assignment of ip addresses
WO1999028842A1 (en) * 1997-11-28 1999-06-10 International Business Machines Corporation Processing extended transactions in a client-server system
GB2333670A (en) * 1998-01-19 1999-07-28 Ericsson Telefon Ab L M Address allocation
EP0947067A1 (en) * 1996-12-09 1999-10-06 Motorola, Inc. System, device, and method for routing dhcp packets in a public data network
WO1999063711A1 (en) * 1998-06-02 1999-12-09 Ivanov, Iliya Borisovitch Method for accessing the resources of the world wide web
WO2001054437A1 (en) * 2000-01-20 2001-07-26 Nokia Corporation Address acquisition
NL1015702C2 (en) * 2000-07-13 2002-01-15 Dia Services B V System for registering a writable medium, system for authenticating a writable medium, as well as servers and client system for such systems.
WO2002065725A2 (en) * 2001-02-13 2002-08-22 Siemens Aktiengesellschaft Method and array for determining the virtual address of a terminal
WO2002065726A2 (en) * 2001-02-13 2002-08-22 Siemens Aktiengesellschaft Method and array for determining internet protocol addresses of a terminal array
WO2003061203A1 (en) * 2002-01-18 2003-07-24 Nokia Corporation Addressing in wireless local area networks
CN1305287C (en) * 2002-03-20 2007-03-14 株式会社Kt Apparatus and method for web-phone service in DSL
DE10148627B4 (en) * 2001-02-13 2008-01-24 Siemens Ag Method and arrangement for determining the virtual address of a terminal
US7333459B2 (en) * 2000-01-27 2008-02-19 Telefonaktiebolaget Lm Ericsson (Publ) Allocation of a server address to a terminal
US7359989B2 (en) 2002-01-18 2008-04-15 Nokia Corporation Addressing in wireless local area networks
WO2015123235A1 (en) * 2014-02-11 2015-08-20 Getit Remote Llc System and method for remotely accessing a local computer network via a web interface

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0472836A1 (en) * 1990-08-31 1992-03-04 International Business Machines Corporation Acquiring addresses in an input/output system
EP0483547A1 (en) * 1990-10-29 1992-05-06 International Business Machines Corporation Network address management for a wired network supporting wireless communication to a plurality of mobile users

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0472836A1 (en) * 1990-08-31 1992-03-04 International Business Machines Corporation Acquiring addresses in an input/output system
EP0483547A1 (en) * 1990-10-29 1992-05-06 International Business Machines Corporation Network address management for a wired network supporting wireless communication to a plurality of mobile users

Cited By (31)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO1998026554A1 (en) * 1996-12-09 1998-06-18 Sun Microsystems, Inc. Method and apparatus for assignment of ip addresses
EP0947067A1 (en) * 1996-12-09 1999-10-06 Motorola, Inc. System, device, and method for routing dhcp packets in a public data network
US6073178A (en) * 1996-12-09 2000-06-06 Sun Microsystems, Inc. Method and apparatus for assignment of IP addresses
EP0947067A4 (en) * 1996-12-09 2002-05-02 Motorola Inc System, device, and method for routing dhcp packets in a public data network
WO1999028842A1 (en) * 1997-11-28 1999-06-10 International Business Machines Corporation Processing extended transactions in a client-server system
US6671716B1 (en) 1997-11-28 2003-12-30 International Business Machines Corporation Processing extended transactions in a client-server system
GB2333670A (en) * 1998-01-19 1999-07-28 Ericsson Telefon Ab L M Address allocation
GB2333670B (en) * 1998-01-19 2003-02-12 Ericsson Telefon Ab L M Address allocation
US6408339B1 (en) 1998-01-19 2002-06-18 Telefonaktiebolaget Lm Ericsson (Publ) Non-permanent address allocation
WO1999063711A1 (en) * 1998-06-02 1999-12-09 Ivanov, Iliya Borisovitch Method for accessing the resources of the world wide web
EA003439B1 (en) * 1998-06-02 2003-04-24 Александр Геннадьевич Лихачев Method for accessing the resources of the world wide web
US7920575B2 (en) 2000-01-20 2011-04-05 Nokia Corporation Address acquisition
US6959009B2 (en) 2000-01-20 2005-10-25 Nokia Mobile Phones Ltd. Address acquisition
USRE44592E1 (en) 2000-01-20 2013-11-12 Nokia Corporation Address acquisition
KR100750370B1 (en) * 2000-01-20 2007-08-17 노키아 코포레이션 Address acquisition
WO2001054437A1 (en) * 2000-01-20 2001-07-26 Nokia Corporation Address acquisition
US7333459B2 (en) * 2000-01-27 2008-02-19 Telefonaktiebolaget Lm Ericsson (Publ) Allocation of a server address to a terminal
WO2002006927A1 (en) * 2000-07-13 2002-01-24 Dia Services Bv System for registering a recordable medium, system for authenticating a recordable medium, as well as servers and a client system for such systems
NL1015702C2 (en) * 2000-07-13 2002-01-15 Dia Services B V System for registering a writable medium, system for authenticating a writable medium, as well as servers and client system for such systems.
WO2002065725A3 (en) * 2001-02-13 2002-12-27 Siemens Ag Method and array for determining the virtual address of a terminal
US6934765B2 (en) 2001-02-13 2005-08-23 Siemens Aktiengesellschaft Method and array for determining the virtual address of a terminal
US7313610B2 (en) 2001-02-13 2007-12-25 Siemens Ag Method and array for determining internet protocol addresses of a terminal array
DE10148627B4 (en) * 2001-02-13 2008-01-24 Siemens Ag Method and arrangement for determining the virtual address of a terminal
WO2002065726A3 (en) * 2001-02-13 2002-12-27 Siemens Ag Method and array for determining internet protocol addresses of a terminal array
WO2002065726A2 (en) * 2001-02-13 2002-08-22 Siemens Aktiengesellschaft Method and array for determining internet protocol addresses of a terminal array
CN1528080B (en) * 2001-02-13 2011-04-20 西门子公司 Method and equipment for determining the virtual address of a terminal
WO2002065725A2 (en) * 2001-02-13 2002-08-22 Siemens Aktiengesellschaft Method and array for determining the virtual address of a terminal
WO2003061203A1 (en) * 2002-01-18 2003-07-24 Nokia Corporation Addressing in wireless local area networks
US7359989B2 (en) 2002-01-18 2008-04-15 Nokia Corporation Addressing in wireless local area networks
CN1305287C (en) * 2002-03-20 2007-03-14 株式会社Kt Apparatus and method for web-phone service in DSL
WO2015123235A1 (en) * 2014-02-11 2015-08-20 Getit Remote Llc System and method for remotely accessing a local computer network via a web interface

Also Published As

Publication number Publication date
AU5441696A (en) 1996-12-24
EP0830772A1 (en) 1998-03-25
CA2223693A1 (en) 1996-12-12

Similar Documents

Publication Publication Date Title
US5812819A (en) Remote access apparatus and method which allow dynamic internet protocol (IP) address management
EP0775411B1 (en) Apparatus and method for accessing a local computer network
EP0998099B1 (en) Network address management
EP0775341B1 (en) Apparatus and method for limiting access to a local computer network
US5894479A (en) Providing address resolution information for self registration of clients on power-up or dial-in
US6094659A (en) Web server for use in a LAN modem
US6510153B1 (en) Mobile IP communication scheme using dynamic address allocation protocol
US6108330A (en) Apparatus and methods for use therein for an ISDN LAN modem that selects among a plurality of DNS servers for responding to a DNS query
US6028848A (en) Apparatus and methods for use therein for an ISDN LAN modem utilizing internal DNS and DHCP servers for transparent translation of local host names to IP addresses
US6029203A (en) Apparatus and methods for use therein for an ISDN LAN modem that provides enhanced network activity
US6052803A (en) Key-based technique for assuring and maintaining integrity of firmware stored in both volatile and non-volatile memory
US7870271B2 (en) Disk drive partitioning methods and apparatus
US20030069946A1 (en) Central directory server
WO1996039769A1 (en) Apparatus and method for providing unique identifiers to remote dial-in network clients
US20030069884A1 (en) Database structure
WO2001025926A1 (en) Virtual network environment
US20030069965A1 (en) Provisioning per cable modem
JP3420512B2 (en) Dynamic domain name system
US9319235B2 (en) Authentication, authorization, and accounting based on an automatically generated username
JP2001313674A (en) Network device and computer network
US7536479B2 (en) Local and remote network based management of an operating system-independent processor
CA2223434C (en) Remote access apparatus and method which allow dynamic internet protocol (ip) address management
JPH11308274A (en) Network system and medium for storing network system program
Qu et al. A practical method for achieving portable communications in the Internet context
JP2001092729A (en) Lan system and protocol recognizing method thereof

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): AM AU AZ BB BG BR BY CA CN CZ EE GE HU IS JP KG KP KR KZ LK LR LT LV MD MG MK MN MX NO NZ PL RO RU SG SI SK TJ TM TR TT UA UZ VN

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): KE LS MW SD SZ UG AT BE CH DE DK ES FI FR GB GR IE IT LU MC NL PT SE BF BJ CF CG CI CM GA GN ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
ENP Entry into the national phase

Ref document number: 2223693

Country of ref document: CA

Ref country code: CA

Ref document number: 2223693

Kind code of ref document: A

Format of ref document f/p: F

WWE Wipo information: entry into national phase

Ref document number: 1996911564

Country of ref document: EP

DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
WWP Wipo information: published in national office

Ref document number: 1996911564

Country of ref document: EP

WWW Wipo information: withdrawn in national office

Ref document number: 1996911564

Country of ref document: EP