WO2020206584A1 - Administrating pending network access requests via a telephony device - Google Patents

Administrating pending network access requests via a telephony device Download PDF

Info

Publication number
WO2020206584A1
WO2020206584A1 PCT/CN2019/081717 CN2019081717W WO2020206584A1 WO 2020206584 A1 WO2020206584 A1 WO 2020206584A1 CN 2019081717 W CN2019081717 W CN 2019081717W WO 2020206584 A1 WO2020206584 A1 WO 2020206584A1
Authority
WO
WIPO (PCT)
Prior art keywords
wireless network
computing device
connection request
signal
network access
Prior art date
Application number
PCT/CN2019/081717
Other languages
French (fr)
Inventor
Shenghao ZHANG
Mu XIANG
Xuebo Chen
Penghui ZHAO
Meihua Li
Original Assignee
Arris Enterprises Llc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Arris Enterprises Llc filed Critical Arris Enterprises Llc
Priority to PCT/CN2019/081717 priority Critical patent/WO2020206584A1/en
Publication of WO2020206584A1 publication Critical patent/WO2020206584A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04MTELEPHONIC COMMUNICATION
    • H04M7/00Arrangements for interconnection between switching centres
    • H04M7/12Arrangements for interconnection between switching centres for working between exchanges having different types of switching equipment, e.g. power-driven and step by step or decimal and non-decimal
    • H04M7/1205Arrangements for interconnection between switching centres for working between exchanges having different types of switching equipment, e.g. power-driven and step by step or decimal and non-decimal where the types of switching equipement comprises PSTN/ISDN equipment and switching equipment of networks other than PSTN/ISDN, e.g. Internet Protocol networks
    • H04M7/121Details of network access arrangements or protocols
    • H04M7/1215Details of network access arrangements or protocols where a cable TV network is used as an access to the PSTN/ISDN
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04MTELEPHONIC COMMUNICATION
    • H04M7/00Arrangements for interconnection between switching centres
    • H04M7/006Networks other than PSTN/ISDN providing telephone service, e.g. Voice over Internet Protocol (VoIP), including next generation networks with a packet-switched transport layer
    • H04M7/0066Details of access arrangements to the networks
    • H04M7/0069Details of access arrangements to the networks comprising a residential gateway, e.g. those which provide an adapter for POTS or ISDN terminals
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04MTELEPHONIC COMMUNICATION
    • H04M7/00Arrangements for interconnection between switching centres
    • H04M7/006Networks other than PSTN/ISDN providing telephone service, e.g. Voice over Internet Protocol (VoIP), including next generation networks with a packet-switched transport layer
    • H04M7/0078Security; Fraud detection; Fraud prevention
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/08Access security
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/60Context-dependent security
    • H04W12/61Time-dependent
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/60Context-dependent security
    • H04W12/69Identity-dependent
    • H04W12/71Hardware identity

Definitions

  • the examples described herein in general, relate to techniques and equipment to administrate, via a telephony device, the network access permissions of a computing device attempting to connect to a cable modem.
  • Network connection management has always been a balancing act –clients wish to connect with ease, yet private networks with simple or no security are easily breached by malicious intruders. While some approaches to network security involve higher standards of security encryption or algorithmic approaches to identifying attackers, some of the best network security systems involve a physical layer. For example, some security systems require a network security smart card be connected to any device attempting to connect to the network. Other security systems require all approved users to possess a physical token that displays an updating passcode, a passcode that needs to be entered into any computing device attempting to connect to the network.
  • the wireless network access approval system includes a cable modem which further includes a wireless network communication interface for communication over a wireless network.
  • the cable modem also includes a processor coupled to the wireless network communication interface, and a voice multimedia terminal adapter, coupled to the processor.
  • the voice multimedia terminal adapter is for communication over a wide area network, or the wireless network, using voice over internet protocol communication with a telephony device.
  • the voice multimedia terminal adapter can be for communication over a telephone interface with the telephony device.
  • the cable modem further includes a memory accessible to the processor, with programming in the memory.
  • Execution of the programming in the memory by the processor configures the cable modem to perform functions, including functions to receive via the wireless network communication interface, a wireless network connection request to communicate over the wireless network from a pending computing device. Execution of the programming in the memory by the processor further configures the cable modem to perform functions in response to receiving the wireless network connection request, such as to communicate, via the voice multimedia terminal adapter, over the wide area network, the wireless network, or the telephone interface to the telephony device, the wireless network connection request from the pending computing device.
  • these functions include to request, via the voice multimedia adapter, a wireless network access approval signal or a wireless network access denial signal from the telephony device; to receive, via the voice multimedia adapter, the wireless network access approval signal from the telephony device; and additionally, based on receiving the wireless network access approval signal, to grant the wireless network connection request from the pending computing device.
  • a method in another example, includes receiving via a wireless network communication interface, a wireless network connection request to communicate over a wireless network from a pending computing device. In response to receiving the wireless network connection request, the method further includes communicating via a voice multimedia adapter, over a wide area network, a wireless network, or a telephone interface to a telephony device, the wireless network connection request from the pending computing device. Then, requesting via a voice multimedia adapter a wireless network access approval signal, or a wireless network access denial signal from the telephony device. Later, receiving via the voice multimedia adapter the wireless network access approval signal from the telephony device. Based on receiving the wireless network access approval signal, the method includes granting the wireless network connection request from the pending computing device.
  • a non-transitory machine-readable medium contains machine-readable programming instructions. These instructions cause a cable modem to take several actions. First, to receive via a wireless network communication interface, a wireless network connection request to communicate over a wireless network from a pending computing device. Then, in response to receiving the wireless network connection request, to communicate via a voice multimedia adapter over a wide area network, a wireless network, or a telephone interface to a telephony device, the wireless network connection request from the pending computing device. Additionally, to request, via the voice multimedia adapter, a wireless network access approval signal, or a wireless network access denial signal from the telephony device. Furthermore, to receive, via the voice multimedia adapter, the wireless network access approval signal from the telephony device. In addition, based on receiving the wireless network access approval signal, to grant the wireless network connection request from the pending computing device.
  • FIG. 1 is a network diagram with a cable modem and multiple pending computing devices, where connection administration is primarily performed via a corded phone handset using voice signaling, in an embodiment.
  • FIG. 2A is a network diagram with a cable modem and multiple pending computing devices, where connection administration is primarily performed via a cellular telephone connected to a wide area network using a text string within a short message service message, in an embodiment.
  • FIG. 2B is a network diagram with a cable modem and multiple pending computing devices, where connection administration is primarily performed via a cellular telephone connected to a wireless network using a text string within a short message service message, in an embodiment.
  • FIG. 3A is a network diagram with a cable modem and multiple pending computing devices, where connection administration is primarily performed via a cellular telephone connected to a wireless network using voice signaling, in an embodiment.
  • FIG. 3B is a network diagram with a cable modem and multiple pending computing devices, where connection administration is primarily performed via a cellular telephone connected to a wide area network using voice signaling, in an embodiment.
  • FIG. 4 is a flowchart of the operation of a connection attempt to the wireless communication system by a pending computing device, in an embodiment.
  • FIG. 5A is a ping pong diagram showing the communication process when a computing device attempts to connect to a cable modem and an administrator issues a denial, in an embodiment.
  • FIG. 5B is a ping pong diagram showing the communication process when the computing device attempts to connect to the cable modem and an administrator has previously issued a denial, in an embodiment.
  • FIG. 6A is a ping pong diagram showing the communication process when a second computing device attempts to connect to the cable modem and the administrator does not respond, in an embodiment.
  • FIG. 6B is a ping pong diagram showing the communication process when the second computing device attempts to connect to the cable modem and an administrator has previously not responded, in an embodiment.
  • FIG. 6C is a ping pong diagram showing the communication process when the second computing device waits out a temporary denial, then attempts to connect to the cable modem, and the administrator approves, in an embodiment.
  • FIG. 1 is a network diagram of a wireless network access approval system 100, with a cable modem 110 including a wireless network communication interface 113 for communication over a wireless network 146.
  • the wireless network communication interface 113 can allow the cable modem 110 to communicate with various devices, such as the computing devices 152 or certain telephony devices 140C over the wireless network 146.
  • the cable modem 110 also includes circuits forming one or more processors to implement a central processing unit (CPU) 116 that controls operations of the cable modem 110. This CPU 116 is coupled to the wireless network communication interface 113, as well as a voice multimedia terminal adapter.
  • CPU central processing unit
  • the voice multimedia terminal adapter 119 is for wired communication over multiple networks (e.g., WAN, LAN) , USB connection, RJ11-enabled telephony, or any available data communication technology.
  • the network communication by the multimedia terminal adapter 119 can be over a wide area network 149, in this example the internet, but also possibly a telecommunications network, or a combination of the internet and a telecommunications network; or over a telephone interface 122 with a connector to connect a telephone set such as an RJ11 jack which receives an RJ11 modular connector.
  • the communication is to a telephony device 140, such as a cellular telephone 140B, or a corded phone handset with a dialing pad 140A.
  • the multimedia terminal adapter 119 When using the wide area network 149 to communicate with a telephony device 140, the multimedia terminal adapter 119 utilizes voice over internet protocol communication, and when using the telephone interface 122 to communicate with a telephony device, it utilizes a direct electrical signaling communication, for example over an RJ11 connected cable.
  • the cable modem 110 further includes persistent non-volatile storage 125, such as ROM or flash memory for permanently storing the cable modem’s 110 functions related to administrating pending network access requests via a telephony device 140.
  • This cable modem 110 also stores within the non-volatile memory a computing device permission tracking table 170.
  • this optional table’s existence depends on the implementation of the cable modem 110.
  • the computing device permission tracking table 170 includes multiple computing device permission records 173A-N.
  • Each record 173A-N in this example tracks a computing device identifier 176A-N, which here is a media access control (MAC) address; a wireless network access approval signal 179A, 179N, or a denial signal 179B-C, which here is a “Y” or “N” character; and an optional expiration time period 182A-N for this specific computing device permission record, which here is either a NULL value when not specified, or a timestamp when it is specified.
  • MAC media access control
  • the approval “Y” signal 179A, 179N indicates to the cable modem 110 that any computing device 152A associated with that MAC address 176A, 179N has permission to access the wireless network 146 and the wide area network 149, so long as the expiration time period 182A, 182 N does not exist or has not elapsed.
  • the denial “N” signal 179B-C indicates to the cable modem 110 that any computing device 152B associated with that MAC address 176B-C does not have permission to access the wireless network 146 and the wide area network 149, and should be summarily rejected from connecting to the cable modem 110.
  • the volatile storage 128 temporarily stores connection data, including any potential computing device 152A identifying information 176A, and also stores various programming instructions.
  • the media forming the non-volatile storage 125 serves as permanent storage for the functions related to administrating pending network access requests via a telephony device 140, but the volatile storage 128 is utilized for execution by the CPU 116.
  • the wireless network interface 113 creates and connects to a wireless Wi-Fi network 146.
  • One telephony device a cellular telephone 140C
  • the wireless network 146 also has a first pending computing device 152A, a desktop workstation, attempting to connect to the wide area network 149 via the wireless network 146, as well as a second pending computing device 152B, also a desktop workstation, also attempting to connect to the wide area network 149 via the wireless network 146.
  • the telephony device being actively used 140A is a corded phone handset connected to the Multimedia Terminal Adapter 119 via an RJ11 phone cable plugged into the telephone interface 122.
  • the handset 140A communicates with the cable modem 110 using voice signaling over the phone cable connected to the multimedia terminal adapter 119 and its telephone interface 122.
  • the first pending computing device’s 152A connection attempt has reached the phase where the cable modem 110 has requested a signal from an administrative telephony device 140A.
  • the administrator using the handset 140A has pressed the “9” key, in order to signal an approval to the connection request.
  • the handset 140A then sends a dual tone multi-frequency signal 143 at approximately 852Hz and 1477Hz, which signals “9” has been pressed in conventional dual tone multi-frequency signaling.
  • the cable modem 110 contains programming to determine that a signal representing “9” is an approval signal. It also contains programming to determine that a signal representing “7” is a denial signal.
  • the cable modem 110 will approve the first computing device’s 152A connection attempt, and update the computing device permission tracking table 170 with an indefinitely long 182A approval 179A record 173A for the first computing device 152A, 176A.
  • the second pending computing device’s 152B connection attempt has reached the point where the cable modem 110 has requested a signal from an administrative telephony device 140C.
  • the administrator using the cellular telephone 140C on the wireless network 146 is not signaling approval or denial, possibly due to being distracted. Therefore, the cable modem 110 will take this non-signal as a signal to temporarily deny the second computing device 152B.
  • the cable modem 110 will reject the second computing device’s 152B connection attempt, and update the computing device permission tracking table 170 with a temporary 182C denial 179C record 173C for the second computing device152B, 176C.
  • voice communication is utilized and the DTMF is a feedback signal from the administrator.
  • the phone rings and plays an announcement to notify the administrator of the pending connection request and requests the decision.
  • a system like the one just described is robustly secured against brute force network attacks. Attempted connections require each novel computing device connection attempt to be approved or denied by the administrator: this makes it extremely difficult for an intruder to perform any kind of exhaustive password search that would succeed in a reasonable period of time. Additionally, if the administrator, now actively aware of the attempted connection decides the computing device is malicious, they can issue a denial, indefinitely prohibiting the intruder from attempting to connect, by perhaps blocking the intruding computing device’s MAC or IP address.
  • FIG. 2A is a network diagram of a wireless network access approval system 100, substantially similar to FIG. 1. The differences are first that the telephony device 140A is not sending a dual tone multi-frequency signal 143. Second, telephony device 140C is sending a predetermined text string within a short message service message of “YES. ”
  • the cable modem 110 contains programming to determine that a signal representing “YES” is an approval signal. It also contains programming to determine that a signal representing “NO” is a denial signal.
  • FIG. 2B is a network diagram of a wireless network access approval system 100, substantially similar to FIG. 1. The differences are first that the telephony device 140A is not sending a dual tone multi-frequency signal 143. Second, telephony device 140C is sending a predetermined text string within a short message service message of “NO. ” The cable modem 110 contains programming to determine that a signal representing “NO” is a denial signal. It also contains programming to determine that a signal representing “YES” is an approval signal.
  • FIG. 3A is a network diagram of a wireless network access approval system 100, substantially similar to FIG. 1. The differences are first that the telephony device 140A is not sending a dual tone multi-frequency signal 143. Second, telephony device 140C is sending a dual tone multi-frequency signal 143 at approximately 852Hz and 1477Hz, which signals “9” has been pressed in conventional dual tone multi-frequency signaling.
  • FIG. 3B is a network diagram of a wireless network access approval system 100, substantially similar to FIG. 1. The differences are first that the telephony device 140A is not sending a dual tone multi-frequency signal 143. Second, telephony device 140B is sending a dual tone multi-frequency signal 143 at approximately 852Hz and 1209Hz, which signals “7” has been pressed in conventional dual tone multi-frequency signaling.
  • FIG. 4 is a flowchart of the operation of a connection attempt to the wireless communication system by a pending computing device 152.
  • a connection attempt begins in Step 400 when a pending computing device 152 such as a workstation computer, laptop, smartphone, or other Wi-Fi enabled device requests network access from the cable modem 110.
  • Step 404 involves the cable modem 110 initiating typical actions related to connection processing, such as determining whether the computing device 152 is using a compatible communication standard, and checking whether appropriate connection channels are available. If any of these actions result in an error or rejection, this information will be used in making a connection determination in Step 470.
  • Step 408 begins, which involves the cable modem 110 querying the computing device permission tracking (CDPT) table 170 to determine if a previous decision regarding this pending computing device 152 has been reached.
  • CDPT computing device permission tracking
  • the CDPT table 170 takes the pending computing device 152 identifier 176, in this example a media access control (MAC) address, and checks whether the identifier 174 is among the section of records 173 that are approved. If the CDPT table contains an approval record 173 for the pending computing device 152, then it will proceed to Step 426 and see if that record 173 has expired. An unexpired record 173 means that the approval is valid, so the CDPT table 170 will proceed to issue an approval on behalf of the administrator in Step 416, to be used in making a connection determination in Step 470.
  • MAC media access control
  • the CDPT table 170 removes the pending computing device 152 record 173 in Step 436, and proceeds to messaging the administrator in Step 424. If, in Step 412, no record 173 is found, the CDPT table 170 performs a similar operation in Step 420 to check denial records 173. If the CDPT table 170 contains a denial record for the pending computing devices 152, then it will proceed to Step 428 and see if that record 173 has expired. An unexpired record 173 means that the denial is valid, so the CDPT table 170 will proceed to issue an approval on behalf of the administrator in Step 432, and the cable modem 110 will reject and cancel the pending computing device 152 connection attempt in Step 482. If the record 173 has expired, then the CDPT table 170 removes the pending computing device 152 record 173 in Step 436, and proceeds to messaging the administrator in Step 424.
  • Step 424 the cable modem 110 contacts an administrator’s telephony device (ATD) 140, either a cellular telephone connected to one of the several networks 146, 149 the cable modem 110 has access to, or a corded handset connected directly to the cable modem 110 via the multimedia terminal device (MTA) 119 for wide area network telephony devices 140B, and utilizing the telephone interface 122 in the case of a directly connected corded handset 140A.
  • the cable modem 110 uses the wireless network communication interface 113 to contact telephony devices 140C on the wireless network 146.
  • Step 440 Any device capable of short message service (SMS) messaging, or capable of generating a dual tone multi-frequency signal over one of the networks or direct connection is technically capable of being contacted.
  • SMS short message service
  • the ATD 140 is reached out to in Step 440, either by ringing the phone, or sending an SMS message containing summary information regarding the connection attempt, possibly including the time of the attempt, the MAC address of the device, or how many attempts the pending computing device 152 has made to connect to this network 146.
  • the administrator can either respond in Step 444, by answering the phone call, and then signaling by pressing the ATD’s 140 “7” or “9” key on the key pad to signal denial or approval, or by replying to the SMS message with another SMS messaging containing “NO” or “YES” to signal denial or approval. However, the administrator can also not respond, and allow a predetermined time period to elapse in Step 448. As soon as the ATD 140 responds or time elapses, the cable modem 110 has data to make a decision on what to do in Step 452. In Step 456, the cable modem 110 determines whether the ATD 140 signaled an approval back.
  • the cable modem 110 adds a record 173 to the CDPT table 170 in Step 460 indicating that the pending computing device 152 is approved for future connection attempts, and then uses this approval in making a connection determination in Step 470. If no approval was issued, the cable modem 110 determines whether the ATD 140 signaled a denial back. If so, then the cable modem 110 adds a record to the CDPT table 170 in Step 460 indicating that the pending computing device 152 is denied for future connection attempts, and then rejects and cancels the pending computing device 152 connection attempt in Step 482. If neither an approval nor denial was issues by the ATD 140, then time must have elapsed, as noted in Step 486.
  • the cable modem 110 adds a record of the pending computing device 152 to the CDPT table 170, but additionally adds an expiration 182 for this denial, perhaps fifteen minutes, so that the computing device 152 can eventually attempt to connect again, but cannot harass an administrator and their ATD 140.
  • Step 470 the cable modem 110 has approval to connect the pending computing device to the network 146.
  • the cable modem 110 therefore completes any remaining standard connection steps, and if it experiences any issues or rejections not related to this process, then the cable modem 110 still rejects and cancels the pending computing device 152 connection attempt in Step 482. If the connection attempt experiences no issues or rejections not related to this process, then the cable modem 110 connects the pending computing device 152 to the network 146 in Step 474.
  • Fig. 5A is an example of a specific connection attempt.
  • no computing device 152 has ever attempted to connect to this cable modem 110 before.
  • a pending computing device 152A attempts to connect to the cable modem 110 in Step 500.
  • the cable modem 110 begins its standard process of connecting: for example, determining whether the pending computing device 152A is using a compatible communication standard, and checking whether appropriate connection channels are available.
  • the cable modem 110 collects identifying information 176 about the pending computing device 152A, and queries the computing device permission tracking (CDPT) table 170 with this information to see if there is any previously stored authorization information related to this pending computing device 152A.
  • the CDPT table 170 checks its approved subsection of records 173, and finds nothing.
  • the CDPT table 170 notifies the cable modem 110 that there is no authorization data 173 related to this pending computing device 152A.
  • the cable modem 110 receives this notice, and then contacts the multimedia terminal adapter (MTA) 119 in Step 515.
  • the contact contains pending computing device 152 identifying information 176 and a request that the MTA 119 request a decision from an administrator telephony device (ATD) 140A-N.
  • the MTA 119 receives this request, and reaches out to an example ATD 140A shown as a cellular telephone, using VoIP connection abilities in the programming of the cable modem 110 in Step 520. It therefore calls an administrator on their cellular telephone 140A via a phone call, and aurally relays information about the attempting connection, such as the pending computing device’s 152A identifying information 176.
  • Step 525 the administrator presses the “7” key on their phone 140A, which in this example signals a denial.
  • the MTA 119 receives this signal, and sends it to the cable modem 110.
  • the cable modem 110 in Step 530 receives this denial message, and updates its subsection of denial records 176B In the CDPT table 170 to include a record 173B containing the pending computing device’s 152A identifying information 176B.
  • the cable modem 110 additionally rejects the pending computing device’s 152A connection.
  • FIG. 5B is a continuation of the example from FIG. 5A.
  • the pending computing device 152A attempts to connect again in Step 550.
  • the cable modem 110 begins its standard processing of connecting.
  • the cable modem 110 collects identifying information 176B about the pending computing device 152A, and queries the CDPT table 170 with this information 176 to see if there are any previously stored approval records 173 related to this pending computing device 152A.
  • the CDPT table 170 checks its records 173, and finds the pending computing device’s 152A identifying information 176B associated with a denial record 179B.
  • the CDPT table 170 notifies the cable modem 110 that the pending computing device 152A is denied access.
  • the cable modem 110 rejects the pending computing device’s 152A connection to complete Step 560.
  • FIG. 6A is a continuation of the example from FIG. 5B.
  • Step 600 a second pending computing device 152B attempts to connect to the cable modem 110.
  • the cable modem 110 in Step 605 proceeds in the same manner as it does in FIG. 5A during the first pending computing device’s 152A connection attempt, including the cable modem 110 starting validation and querying the CDPT table 170 for the second pending computing device 152B; the CDPT table 170 finding no matching records 173 in Step 610, and the cable modem 110 using the MTA 119 and its telephone interface 122 in Step 615 and Step 620 to contact an administrator via their telephone handset 140A.
  • Step 630 involves the cable modem 110 processes this non-response as a temporary denial message, and updates its subsection of denial records 173C in the CDPT table 170 to include a record including the pending computing device’s 152B identifying information 176C, as well as an expiration time stamp 182C.
  • the expiration time stamp 182C is set to the current time plus five minutes.
  • the cable modem 110 additionally rejects the pending computing device’s 152B connection to complete Step 630.
  • FIG. 6B is a continuation of the example in FIG. 6A.
  • the second pending computing device 152B immediately attempts to connect again.
  • the cable modem 110 begins its standard process of connecting in Step 640: for example, determining whether the second pending computing device 152B is using a compatible communication standard, and checking whether appropriate connection channels are available. Simultaneously, the cable modem 110 collects identifying information 176C about the second pending computing device 152B, and queries the CDPT table 170 with this information to see if there is any previously stored authorization information 179 related to this second pending computing device 152B. In Step 645 the CDPT table 170 checks its approved subsection of records 173, and finds nothing.
  • the CDPT table 170 compares the expiration time stamp 182C to the current time. It find the expiration stamp 182C to be greater than the current time. Therefore, The CDPT table 170 notifies the cable modem 110 that the second pending computing device 152B is denied access. The cable modem 110 rejects the second pending computing device’s 152B connection, completing Step 645.
  • FIG. 6C is a continuation of the example in FIG. 6B.
  • the second pending computing device 152B now waits six minutes, then attempts to connect a third time in Step 650.
  • the cable modem 110 in Step 655 begins its standard process of connecting: for example, determining whether the second pending computing device 152B is using a compatible communication standard, and checking whether appropriate connection channels are available. Simultaneously, the cable modem 110 collects identifying information 176 about the pending computing device 152B, and queries the CDPT table 170 with this information 176 to see if there is any previously stored authorization information 179 related to this pending computing device 152B. In Step 660 the CDPT table 170 checks its approved subsection of records 173, and finds nothing.
  • the CDPT table 170 compares the expiration time stamp 182C to the current time. It find the expiration stamp 182C to be less than the current time. Therefore, the CDPT table 170 removes the record 173C for the second pending computing device 152B from the CDPT table 170, and notifies the cable modem 110 that there is no approval data 173C related to the second pending computing device 152B to complete Step 660.
  • the cable modem 110 receives this notice, and then contacts the multimedia terminal adapter (MTA) 119 in Step 665.
  • the contact contains pending computing device 152B identifying information 173 and a request that the wireless network communication interface 113 request a decision from an administrator telephony device (ATD) 140.
  • the wireless network communication interface 113 receives this request, and reaches out to an ATD 140C, a cellular telephone, using VoIP connection abilities in the programming of the cable modem 110 in Step 670. It therefore sends short message service (SMS) message to an administrator on their cellular telephone 140C, and textually relays information about the attempting connection, such as the pending computing device’s 152B identifying information 176 in this message.
  • SMS short message service
  • Step 525 the administrator types and responds with an SMS messaging containing “YES” on their phone 140C, which in this example signals an approval.
  • the wireless network communication interface 113 receives this signal, and sends it to the cable modem 110.
  • the cable modem 110 in Step 680 receives this approval message, and updates its subsection of approval records 173 In the CDPT table 170 to include a record 173A containing the second pending computing device’s 152B identifying information 176A.
  • the cable modem 110 additionally completes any remaining standard communication steps, and having found no issue, completes the second pending computing device’s 152B connection.
  • functions refers to logic embodied in hardware software instructions, which can be written in a programming language, such as Java TM , C, C++, C#, for example.
  • a software function can be compiled into executable programs or written in interpreted programming languages, such as Perl, Visual Basic script, HTML, or JavaScript.
  • Software functions may be callable from other functions.
  • functions described herein refer to logical modules that may be merged with other modules or divided into sub-module despite their physical organization.
  • the functions can be stored in any type of computer readable medium or computer storage device and be executed by one or more general purpose computers.
  • the methods and processes disclosed herein can alternatively be embodied in specialized computer hardware or an application specific integrated circuit (ASIC) , field programmable gate array (FPGA) or a complex programmable logic device (CPLD) .
  • ASIC application specific integrated circuit
  • FPGA field programmable gate array
  • CPLD complex programmable logic device
  • Program aspects of the technology may be thought of as “products” or “articles of manufacture” typically in the form of executable code and/or associated data that is carried on or embodied in a type of machine readable medium.
  • programming code could include code for the server or the sending device for generating meta-data files and programming for the receiving device for reproducing content based on the meta-data files.
  • “Storage” type media include any or all of the tangible memory of the computers, processors or the like, or associated modules thereof, such as various semiconductor memories, tape drives, disk drives and the like, which may provide non-transitory storage at any time for the software programming. All or portions of the software may at times be communicated through the Internet or various other telecommunication networks.
  • Such communications may enable loading of the software from one computer or processor into another, for example, from a management server or host computer of the service provider into the computer platforms of the wireless access point and computing devices.
  • another type of media that may bear the programming, media content or meta-data files includes optical, electrical and electromagnetic waves, such as used across physical interfaces between local devices, through wired and optical landline networks and over various air-links.
  • the physical elements that carry such waves, such as wired or wireless links, optical links or the like, also may be considered as media bearing the software.
  • terms such as computer or machine “readable medium” refer to any medium that participates in providing instructions or data to a processor for execution.
  • Non-volatile storage media include, for example, optical or magnetic disks, such as any of the storage devices in any computer (s) or the like, such as may be used to implement the computing device, media gateway, transcoder, etc. shown in the drawings.
  • Volatile storage media include dynamic memory, such as main memory of such a computer platform.
  • Tangible transmission media include coaxial cables; copper wire and fiber optics, including the wires that comprise a bus within a computer system.
  • Carrier-wave transmission media may take the form of electric or electromagnetic signals, or acoustic or light waves such as those generated during radio frequency (RF) and infrared (IR) data communications.
  • Computer-readable media therefore include for example: a floppy disk, a flexible disk, hard disk, magnetic tape, any other magnetic medium, a CD-ROM, DVD or DVD-ROM, any other optical medium, punch cards paper tape, any other physical storage medium with patterns of holes, a RAM, a PROM and EPROM, a FLASH-EPROM, any other memory chip or cartridge, a carrier wave transporting data or instructions, cables or links transporting such a carrier wave, or any other medium from which a computer may read programming code and/or data. Many of these forms of computer readable media may be involved in carrying one or more sequences of one or more instructions to a processor for execution.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

An example method includes receiving via a wireless network communication interface, a wireless network connection request to communicate over a wireless network from a pending computing device. In response to receiving the wireless network connection request, the method further includes communicating via a voice multimedia adapter, over a wide area network, a wireless network, or a telephone interface, to a telephony device, the wireless network connection request from the pending computing device. Then requesting, via a voice multimedia adapter, a wireless network access approval signal, or a wireless network access denial signal from the telephony device. Then receiving, via the voice multimedia adapter, the wireless network access approval signal from the telephony device. Based on receiving the wireless network access approval signal, further granting the wireless network connection request from the pending computing device.

Description

ADMINISTRATING PENDING NETWORK ACCESS REQUESTS VIA A TELEPHONY DEVICE Technical Field
The examples described herein, in general, relate to techniques and equipment to administrate, via a telephony device, the network access permissions of a computing device attempting to connect to a cable modem.
Background
Network connection management has always been a balancing act –clients wish to connect with ease, yet private networks with simple or no security are easily breached by malicious intruders. While some approaches to network security involve higher standards of security encryption or algorithmic approaches to identifying attackers, some of the best network security systems involve a physical layer. For example, some security systems require a network security smart card be connected to any device attempting to connect to the network. Other security systems require all approved users to possess a physical token that displays an updating passcode, a passcode that needs to be entered into any computing device attempting to connect to the network.
These methods can be seen as cumbersome, unintuitive, and expensive to deploy and use. Simpler methods have previously been employed. In 2006, the Wi-Fi Alliance published a protocol to allow for home users who know little of wireless security to still maintain a secure network. One of the modes disclosed was a Push Button method, wherein a user attempting to connect to the network must first press a physical button on the router –then, for about 2 minutes or less, any device attempting to connect to the network would be authenticated and granted a key to the network for future connections.
This method, however, has its flaws. It requires the approver to be physically at the router. It also creates a window of time in which all access requests are approved, and authenticated for the future. Corporate networks could use some of this technology, but with certain improvements. Administrators often need to be able to remotely approve devices, and often need to be able to do so quickly: This means an email might be insufficient. Given the relatively large number of clients in a corporate network compared to a home network, devices benefit from being able to initiate the authentication process, rather than waiting for the  approving administrator to check a queue. Administrators would also prefer to approve a specific device, rather than issue a blanket approval to all devices attempting to connect in a span of time. Finally, authenticated client lists should be preserved within the network, rather than granting the client a permanent key, so that access can be revoked easily if needed.
Summary
In an example, the wireless network access approval system includes a cable modem which further includes a wireless network communication interface for communication over a wireless network. The cable modem also includes a processor coupled to the wireless network communication interface, and a voice multimedia terminal adapter, coupled to the processor. The voice multimedia terminal adapter is for communication over a wide area network, or the wireless network, using voice over internet protocol communication with a telephony device. Alternatively, the voice multimedia terminal adapter can be for communication over a telephone interface with the telephony device. The cable modem further includes a memory accessible to the processor, with programming in the memory.
Execution of the programming in the memory by the processor configures the cable modem to perform functions, including functions to receive via the wireless network communication interface, a wireless network connection request to communicate over the wireless network from a pending computing device. Execution of the programming in the memory by the processor further configures the cable modem to perform functions in response to receiving the wireless network connection request, such as to communicate, via the voice multimedia terminal adapter, over the wide area network, the wireless network, or the telephone interface to the telephony device, the wireless network connection request from the pending computing device. Furthermore, these functions include to request, via the voice multimedia adapter, a wireless network access approval signal or a wireless network access denial signal from the telephony device; to receive, via the voice multimedia adapter, the wireless network access approval signal from the telephony device; and additionally, based on receiving the wireless network access approval signal, to grant the wireless network connection request from the pending computing device.
In another example, a method includes receiving via a wireless network communication interface, a wireless network connection request to communicate over a wireless network from a pending computing device. In response to receiving the wireless network  connection request, the method further includes communicating via a voice multimedia adapter, over a wide area network, a wireless network, or a telephone interface to a telephony device, the wireless network connection request from the pending computing device. Then, requesting via a voice multimedia adapter a wireless network access approval signal, or a wireless network access denial signal from the telephony device. Later, receiving via the voice multimedia adapter the wireless network access approval signal from the telephony device. Based on receiving the wireless network access approval signal, the method includes granting the wireless network connection request from the pending computing device.
In a further example, a non-transitory machine-readable medium contains machine-readable programming instructions. These instructions cause a cable modem to take several actions. First, to receive via a wireless network communication interface, a wireless network connection request to communicate over a wireless network from a pending computing device. Then, in response to receiving the wireless network connection request, to communicate via a voice multimedia adapter over a wide area network, a wireless network, or a telephone interface to a telephony device, the wireless network connection request from the pending computing device. Additionally, to request, via the voice multimedia adapter, a wireless network access approval signal, or a wireless network access denial signal from the telephony device. Furthermore, to receive, via the voice multimedia adapter, the wireless network access approval signal from the telephony device. In addition, based on receiving the wireless network access approval signal, to grant the wireless network connection request from the pending computing device.
Additional advantages and novel features will be set forth in part in the description which follows, and in part will become apparent to those skilled in the art upon examination of the following and the accompanying drawings or may be learned by production or operation of the examples. The advantages of the present teachings may be realized and attained by practice or use of various aspects of the methodologies, instrumentalities and combinations set forth in the detailed examples discussed below.
Brief Description of the Drawings
The figures depict one of more implementations in accordance with the present teachings by way of example only, not by way of limitation. In the figures, like reference numbers refer to the same or similar elements.
FIG. 1 is a network diagram with a cable modem and multiple pending computing devices, where connection administration is primarily performed via a corded phone handset using voice signaling, in an embodiment.
FIG. 2A is a network diagram with a cable modem and multiple pending computing devices, where connection administration is primarily performed via a cellular telephone connected to a wide area network using a text string within a short message service message, in an embodiment.
FIG. 2B is a network diagram with a cable modem and multiple pending computing devices, where connection administration is primarily performed via a cellular telephone connected to a wireless network using a text string within a short message service message, in an embodiment.
FIG. 3A is a network diagram with a cable modem and multiple pending computing devices, where connection administration is primarily performed via a cellular telephone connected to a wireless network using voice signaling, in an embodiment.
FIG. 3B is a network diagram with a cable modem and multiple pending computing devices, where connection administration is primarily performed via a cellular telephone connected to a wide area network using voice signaling, in an embodiment.
FIG. 4 is a flowchart of the operation of a connection attempt to the wireless communication system by a pending computing device, in an embodiment.
FIG. 5A is a ping pong diagram showing the communication process when a computing device attempts to connect to a cable modem and an administrator issues a denial, in an embodiment.
FIG. 5B is a ping pong diagram showing the communication process when the computing device attempts to connect to the cable modem and an administrator has previously issued a denial, in an embodiment.
FIG. 6A is a ping pong diagram showing the communication process when a second computing device attempts to connect to the cable modem and the administrator does not respond, in an embodiment.
FIG. 6B is a ping pong diagram showing the communication process when the second computing device attempts to connect to the cable modem and an administrator has previously not responded, in an embodiment.
FIG. 6C is a ping pong diagram showing the communication process when the second computing device waits out a temporary denial, then attempts to connect to the cable modem, and the administrator approves, in an embodiment.
Detailed Description
In the following detailed description of certain embodiments, numerous specific details are set forth by way of examples in order to provide a thorough understanding of the relevant teachings. However, it should be apparent that the present teachings may be practiced without such details. In other instances, well-known methods, procedures, components, and/or circuitry have been described at a relatively high level, without detailed comment in order to avoid unnecessarily obscuring aspects of the present teachings.
FIG. 1 is a network diagram of a wireless network access approval system 100, with a cable modem 110 including a wireless network communication interface 113 for communication over a wireless network 146. The wireless network communication interface 113 can allow the cable modem 110 to communicate with various devices, such as the computing devices 152 or certain telephony devices 140C over the wireless network 146. The cable modem 110 also includes circuits forming one or more processors to implement a central processing unit (CPU) 116 that controls operations of the cable modem 110. This CPU 116 is coupled to the wireless network communication interface 113, as well as a voice multimedia terminal adapter. The voice multimedia terminal adapter 119 is for wired communication over multiple networks (e.g., WAN, LAN) , USB connection, RJ11-enabled telephony, or any available data communication technology. Specifically in this example, the network communication by the multimedia terminal adapter 119 can be over a wide area network 149, in this example the internet, but also possibly a telecommunications network, or a combination of the internet and a telecommunications network; or over a telephone interface 122 with a connector to connect a telephone set such as an RJ11 jack which receives an RJ11 modular connector. The communication is to a telephony device 140, such as a cellular telephone 140B, or a corded phone handset with a dialing pad 140A. When using the wide area network 149 to communicate with a telephony device 140, the multimedia terminal adapter 119 utilizes voice over internet protocol communication, and when using the telephone interface 122 to communicate with a telephony device, it utilizes a direct electrical signaling communication, for example over an RJ11 connected cable.
As shown, the cable modem 110 further includes persistent non-volatile storage 125, such as ROM or flash memory for permanently storing the cable modem’s 110 functions related to administrating pending network access requests via a telephony device 140. This cable modem 110 also stores within the non-volatile memory a computing device permission tracking table 170. However, this optional table’s existence depends on the implementation of the cable modem 110. The computing device permission tracking table 170 includes multiple computing device permission records 173A-N. Each record 173A-N in this example tracks a computing device identifier 176A-N, which here is a media access control (MAC) address; a wireless network  access approval signal  179A, 179N, or a denial signal 179B-C, which here is a “Y” or “N” character; and an optional expiration time period 182A-N for this specific computing device permission record, which here is either a NULL value when not specified, or a timestamp when it is specified. The approval “Y”  signal  179A, 179N indicates to the cable modem 110 that any computing device 152A associated with that  MAC address  176A, 179N has permission to access the wireless network 146 and the wide area network 149, so long as the  expiration time period  182A, 182 N does not exist or has not elapsed. The denial “N” signal 179B-C indicates to the cable modem 110 that any computing device 152B associated with that MAC address 176B-C does not have permission to access the wireless network 146 and the wide area network 149, and should be summarily rejected from connecting to the cable modem 110.
The volatile storage 128 temporarily stores connection data, including any potential computing device 152A identifying information 176A, and also stores various programming instructions. The media forming the non-volatile storage 125 serves as permanent storage for the functions related to administrating pending network access requests via a telephony device 140, but the volatile storage 128 is utilized for execution by the CPU 116.
In this example, the wireless network interface 113 creates and connects to a wireless Wi-Fi network 146. One telephony device, a cellular telephone 140C, is connected to the wireless network 146, but it is not in the process of approving a pending computing device 152 connection attempt. The wireless network 146 also has a first pending computing device 152A, a desktop workstation, attempting to connect to the wide area network 149 via the wireless network 146, as well as a second pending computing device 152B, also a desktop workstation, also attempting to connect to the wide area network 149 via the wireless network 146.
As this example further shows, the telephony device being actively used 140A is a corded phone handset connected to the Multimedia Terminal Adapter 119 via an RJ11 phone cable plugged into the telephone interface 122. There is also a third telephony device 140B, a cellular telephone connected to the cable modem 110 via the wide area network 149, but it is not in the process of signaling an approval decision for a pending computing device 152 connection attempt. The handset 140A communicates with the cable modem 110 using voice signaling over the phone cable connected to the multimedia terminal adapter 119 and its telephone interface 122. The first pending computing device’s 152A connection attempt has reached the phase where the cable modem 110 has requested a signal from an administrative telephony device 140A. The administrator using the handset 140A has pressed the “9” key, in order to signal an approval to the connection request. The handset 140A then sends a dual tone multi-frequency signal 143 at approximately 852Hz and 1477Hz, which signals “9” has been pressed in conventional dual tone multi-frequency signaling. The cable modem 110 contains programming to determine that a signal representing “9” is an approval signal. It also contains programming to determine that a signal representing “7” is a denial signal. The cable modem 110 will approve the first computing device’s 152A connection attempt, and update the computing device permission tracking table 170 with an indefinitely long 182A approval 179A record 173A for the  first computing device  152A, 176A. At the same time, the second pending computing device’s 152B connection attempt has reached the point where the cable modem 110 has requested a signal from an administrative telephony device 140C. However, the administrator using the cellular telephone 140C on the wireless network 146 is not signaling approval or denial, possibly due to being distracted. Therefore, the cable modem 110 will take this non-signal as a signal to temporarily deny the second computing device 152B. The cable modem 110 will reject the second computing device’s 152B connection attempt, and update the computing device permission tracking table 170 with a temporary 182C denial 179C record 173C for the second computing device152B, 176C.
In the example, voice communication is utilized and the DTMF is a feedback signal from the administrator. Before the administrator makes a decision, the phone rings and plays an announcement to notify the administrator of the pending connection request and requests the decision.
A system like the one just described is robustly secured against brute force network attacks. Attempted connections require each novel computing device connection attempt to be approved or denied by the administrator: this makes it extremely difficult for an intruder to perform any kind of exhaustive password search that would succeed in a reasonable period of time. Additionally, if the administrator, now actively aware of the attempted connection decides the computing device is malicious, they can issue a denial, indefinitely prohibiting the intruder from attempting to connect, by perhaps blocking the intruding computing device’s MAC or IP address.
FIG. 2A is a network diagram of a wireless network access approval system 100, substantially similar to FIG. 1. The differences are first that the telephony device 140A is not sending a dual tone multi-frequency signal 143. Second, telephony device 140C is sending a predetermined text string within a short message service message of “YES. ” The cable modem 110 contains programming to determine that a signal representing “YES” is an approval signal. It also contains programming to determine that a signal representing “NO” is a denial signal.
FIG. 2B is a network diagram of a wireless network access approval system 100, substantially similar to FIG. 1. The differences are first that the telephony device 140A is not sending a dual tone multi-frequency signal 143. Second, telephony device 140C is sending a predetermined text string within a short message service message of “NO. ” The cable modem 110 contains programming to determine that a signal representing “NO” is a denial signal. It also contains programming to determine that a signal representing “YES” is an approval signal.
FIG. 3A is a network diagram of a wireless network access approval system 100, substantially similar to FIG. 1. The differences are first that the telephony device 140A is not sending a dual tone multi-frequency signal 143. Second, telephony device 140C is sending a dual tone multi-frequency signal 143 at approximately 852Hz and 1477Hz, which signals “9” has been pressed in conventional dual tone multi-frequency signaling.
FIG. 3B is a network diagram of a wireless network access approval system 100, substantially similar to FIG. 1. The differences are first that the telephony device 140A is not sending a dual tone multi-frequency signal 143. Second, telephony device 140B is sending a dual tone multi-frequency signal 143 at approximately 852Hz and 1209Hz, which signals “7” has been pressed in conventional dual tone multi-frequency signaling.
FIG. 4 is a flowchart of the operation of a connection attempt to the wireless communication system by a pending computing device 152. A connection attempt begins in Step 400 when a pending computing device 152 such as a workstation computer, laptop, smartphone, or other Wi-Fi enabled device requests network access from the cable modem 110. Step 404 involves the cable modem 110 initiating typical actions related to connection processing, such as determining whether the computing device 152 is using a compatible communication standard, and checking whether appropriate connection channels are available. If any of these actions result in an error or rejection, this information will be used in making a connection determination in Step 470. Simultaneous with Step 404, Step 408 begins, which involves the cable modem 110 querying the computing device permission tracking (CDPT) table 170 to determine if a previous decision regarding this pending computing device 152 has been reached. A prior decision could have been made by this process on a previous connection attempt, or by an administrator using a conventional computing interface to enter records in the CDPT table 170 manually, or possibly by software that has a more esoteric and specific set of rules for pre-determining whether certain pending computing devices 152 with certain computing device identifiers 176 should be admitted to the network 146, or blocked from the network 146, and for how long.
In Step 412, the CDPT table 170 takes the pending computing device 152 identifier 176, in this example a media access control (MAC) address, and checks whether the identifier 174 is among the section of records 173 that are approved. If the CDPT table contains an approval record 173 for the pending computing device 152, then it will proceed to Step 426 and see if that record 173 has expired. An unexpired record 173 means that the approval is valid, so the CDPT table 170 will proceed to issue an approval on behalf of the administrator in Step 416, to be used in making a connection determination in Step 470. If the record 173 has expired, then the CDPT table 170 removes the pending computing device 152 record 173 in Step 436, and proceeds to messaging the administrator in Step 424. If, in Step 412, no record 173 is found, the CDPT table 170 performs a similar operation in Step 420 to check denial records 173. If the CDPT table 170 contains a denial record for the pending computing devices 152, then it will proceed to Step 428 and see if that record 173 has expired. An unexpired record 173 means that the denial is valid, so the CDPT table 170 will proceed to issue an approval on behalf of the administrator in Step 432, and the cable modem 110 will reject and cancel the pending  computing device 152 connection attempt in Step 482. If the record 173 has expired, then the CDPT table 170 removes the pending computing device 152 record 173 in Step 436, and proceeds to messaging the administrator in Step 424.
Therefore, if there is no unexpired computing device 152 record 173 for a pending computing device 152, Step 424 is reached. Here, the cable modem 110 contacts an administrator’s telephony device (ATD) 140, either a cellular telephone connected to one of the  several networks  146, 149 the cable modem 110 has access to, or a corded handset connected directly to the cable modem 110 via the multimedia terminal device (MTA) 119 for wide area network telephony devices 140B, and utilizing the telephone interface 122 in the case of a directly connected corded handset 140A. The cable modem 110 uses the wireless network communication interface 113 to contact telephony devices 140C on the wireless network 146. Any device capable of short message service (SMS) messaging, or capable of generating a dual tone multi-frequency signal over one of the networks or direct connection is technically capable of being contacted. The ATD 140 is reached out to in Step 440, either by ringing the phone, or sending an SMS message containing summary information regarding the connection attempt, possibly including the time of the attempt, the MAC address of the device, or how many attempts the pending computing device 152 has made to connect to this network 146.
The administrator can either respond in Step 444, by answering the phone call, and then signaling by pressing the ATD’s 140 “7” or “9” key on the key pad to signal denial or approval, or by replying to the SMS message with another SMS messaging containing “NO” or “YES” to signal denial or approval. However, the administrator can also not respond, and allow a predetermined time period to elapse in Step 448. As soon as the ATD 140 responds or time elapses, the cable modem 110 has data to make a decision on what to do in Step 452. In Step 456, the cable modem 110 determines whether the ATD 140 signaled an approval back. If so, then the cable modem 110 adds a record 173 to the CDPT table 170 in Step 460 indicating that the pending computing device 152 is approved for future connection attempts, and then uses this approval in making a connection determination in Step 470. If no approval was issued, the cable modem 110 determines whether the ATD 140 signaled a denial back. If so, then the cable modem 110 adds a record to the CDPT table 170 in Step 460 indicating that the pending computing device 152 is denied for future connection attempts, and then rejects and cancels the pending computing device 152 connection attempt in Step 482. If neither an approval nor denial  was issues by the ATD 140, then time must have elapsed, as noted in Step 486. In this scenario, the cable modem 110 adds a record of the pending computing device 152 to the CDPT table 170, but additionally adds an expiration 182 for this denial, perhaps fifteen minutes, so that the computing device 152 can eventually attempt to connect again, but cannot harass an administrator and their ATD 140.
Finally, if Step 470 has been reached in any manner, the cable modem 110 has approval to connect the pending computing device to the network 146. The cable modem 110 therefore completes any remaining standard connection steps, and if it experiences any issues or rejections not related to this process, then the cable modem 110 still rejects and cancels the pending computing device 152 connection attempt in Step 482. If the connection attempt experiences no issues or rejections not related to this process, then the cable modem 110 connects the pending computing device 152 to the network 146 in Step 474.
Fig. 5A is an example of a specific connection attempt. There is a cable modem 110 with a Wi-Fi radio 113 available for incoming computing device 152 connections. In this example no computing device 152 has ever attempted to connect to this cable modem 110 before.
A pending computing device 152A (e.g., see FIG. 1) attempts to connect to the cable modem 110 in Step 500. In Step 505 the cable modem 110 begins its standard process of connecting: for example, determining whether the pending computing device 152A is using a compatible communication standard, and checking whether appropriate connection channels are available. Simultaneously, the cable modem 110 collects identifying information 176 about the pending computing device 152A, and queries the computing device permission tracking (CDPT) table 170 with this information to see if there is any previously stored authorization information related to this pending computing device 152A. In Step 510 the CDPT table 170 checks its approved subsection of records 173, and finds nothing. It then checks its denied subsection of records 173, and again finds nothing (because there are no records 173, due to this being the first computing device 152 ever to attempt to connect. ) The CDPT table 170 notifies the cable modem 110 that there is no authorization data 173 related to this pending computing device 152A.
The cable modem 110 receives this notice, and then contacts the multimedia terminal adapter (MTA) 119 in Step 515. The contact contains pending computing device 152  identifying information 176 and a request that the MTA 119 request a decision from an administrator telephony device (ATD) 140A-N. The MTA 119 receives this request, and reaches out to an example ATD 140A shown as a cellular telephone, using VoIP connection abilities in the programming of the cable modem 110 in Step 520. It therefore calls an administrator on their cellular telephone 140A via a phone call, and aurally relays information about the attempting connection, such as the pending computing device’s 152A identifying information 176.
In Step 525 the administrator presses the “7” key on their phone 140A, which in this example signals a denial. The MTA 119 receives this signal, and sends it to the cable modem 110. The cable modem 110 in Step 530 receives this denial message, and updates its subsection of denial records 176B In the CDPT table 170 to include a record 173B containing the pending computing device’s 152A identifying information 176B. The cable modem 110 additionally rejects the pending computing device’s 152A connection.
FIG. 5B is a continuation of the example from FIG. 5A. Here the pending computing device 152A attempts to connect again in Step 550. In Step 555 the cable modem 110 begins its standard processing of connecting. Simultaneously, the cable modem 110 collects identifying information 176B about the pending computing device 152A, and queries the CDPT table 170 with this information 176 to see if there are any previously stored approval records 173 related to this pending computing device 152A. In Step 560 the CDPT table 170 checks its records 173, and finds the pending computing device’s 152A identifying information 176B associated with a denial record 179B. The CDPT table 170 notifies the cable modem 110 that the pending computing device 152A is denied access. The cable modem 110 rejects the pending computing device’s 152A connection to complete Step 560.
FIG. 6A is a continuation of the example from FIG. 5B. Here, in Step 600 a second pending computing device 152B attempts to connect to the cable modem 110. The cable modem 110 in Step 605 proceeds in the same manner as it does in FIG. 5A during the first pending computing device’s 152A connection attempt, including the cable modem 110 starting validation and querying the CDPT table 170 for the second pending computing device 152B; the CDPT table 170 finding no matching records 173 in Step 610, and the cable modem 110 using the MTA 119 and its telephone interface 122 in Step 615 and Step 620 to contact an administrator via their telephone handset 140A. For the second pending computing device 152B,  however, the administrator does not answer their phone 140A, or does not press any keypad button associated to a denial or approval signal ( “7” or “9” in this example) in Step 625. After some time elapses (perhaps about 2 minutes) , the MTA 119 disconnects from the administrator’s telephone handset 140A. Step 630 involves the cable modem 110 processes this non-response as a temporary denial message, and updates its subsection of denial records 173C in the CDPT table 170 to include a record including the pending computing device’s 152B identifying information 176C, as well as an expiration time stamp 182C. In this example, the expiration time stamp 182C is set to the current time plus five minutes. The cable modem 110 additionally rejects the pending computing device’s 152B connection to complete Step 630.
FIG. 6B is a continuation of the example in FIG. 6A. Here in Step 635 the second pending computing device 152B immediately attempts to connect again. The cable modem 110 begins its standard process of connecting in Step 640: for example, determining whether the second pending computing device 152B is using a compatible communication standard, and checking whether appropriate connection channels are available. Simultaneously, the cable modem 110 collects identifying information 176C about the second pending computing device 152B, and queries the CDPT table 170 with this information to see if there is any previously stored authorization information 179 related to this second pending computing device 152B. In Step 645 the CDPT table 170 checks its approved subsection of records 173, and finds nothing. It then checks the denied subsection of records 173, and find the second pending computing device’s 152B identifying information 176C, along with an expiration time stamp 182C. The CDPT table 170 compares the expiration time stamp 182C to the current time. It find the expiration stamp 182C to be greater than the current time. Therefore, The CDPT table 170 notifies the cable modem 110 that the second pending computing device 152B is denied access. The cable modem 110 rejects the second pending computing device’s 152B connection, completing Step 645.
FIG. 6C is a continuation of the example in FIG. 6B. Here, the second pending computing device 152B now waits six minutes, then attempts to connect a third time in Step 650. The cable modem 110 in Step 655 begins its standard process of connecting: for example, determining whether the second pending computing device 152B is using a compatible communication standard, and checking whether appropriate connection channels are available. Simultaneously, the cable modem 110 collects identifying information 176 about the pending  computing device 152B, and queries the CDPT table 170 with this information 176 to see if there is any previously stored authorization information 179 related to this pending computing device 152B. In Step 660 the CDPT table 170 checks its approved subsection of records 173, and finds nothing. It then checks the denied subsection of records 173, and find the second pending computing device’s 152B identifying information 176C, along with an expiration time stamp 182C. The CDPT table 170 compares the expiration time stamp 182C to the current time. It find the expiration stamp 182C to be less than the current time. Therefore, the CDPT table 170 removes the record 173C for the second pending computing device 152B from the CDPT table 170, and notifies the cable modem 110 that there is no approval data 173C related to the second pending computing device 152B to complete Step 660.
The cable modem 110 receives this notice, and then contacts the multimedia terminal adapter (MTA) 119 in Step 665. The contact contains pending computing device 152B identifying information 173 and a request that the wireless network communication interface 113 request a decision from an administrator telephony device (ATD) 140. The wireless network communication interface 113 receives this request, and reaches out to an ATD 140C, a cellular telephone, using VoIP connection abilities in the programming of the cable modem 110 in Step 670. It therefore sends short message service (SMS) message to an administrator on their cellular telephone 140C, and textually relays information about the attempting connection, such as the pending computing device’s 152B identifying information 176 in this message. In Step 525 the administrator types and responds with an SMS messaging containing “YES” on their phone 140C, which in this example signals an approval. The wireless network communication interface 113 receives this signal, and sends it to the cable modem 110. The cable modem 110 in Step 680 receives this approval message, and updates its subsection of approval records 173 In the CDPT table 170 to include a record 173A containing the second pending computing device’s 152B identifying information 176A. The cable modem 110 additionally completes any remaining standard communication steps, and having found no issue, completes the second pending computing device’s 152B connection.
In general, the term “functions, ” as used herein, refers to logic embodied in hardware software instructions, which can be written in a programming language, such as Java TM, C, C++, C#, for example. A software function can be compiled into executable programs or written in interpreted programming languages, such as Perl, Visual Basic script,  HTML, or JavaScript. Software functions may be callable from other functions. Generally, functions described herein refer to logical modules that may be merged with other modules or divided into sub-module despite their physical organization. The functions can be stored in any type of computer readable medium or computer storage device and be executed by one or more general purpose computers. In addition, the methods and processes disclosed herein can alternatively be embodied in specialized computer hardware or an application specific integrated circuit (ASIC) , field programmable gate array (FPGA) or a complex programmable logic device (CPLD) .
Program aspects of the technology may be thought of as “products” or “articles of manufacture” typically in the form of executable code and/or associated data that is carried on or embodied in a type of machine readable medium. For example, programming code could include code for the server or the sending device for generating meta-data files and programming for the receiving device for reproducing content based on the meta-data files. “Storage” type media include any or all of the tangible memory of the computers, processors or the like, or associated modules thereof, such as various semiconductor memories, tape drives, disk drives and the like, which may provide non-transitory storage at any time for the software programming. All or portions of the software may at times be communicated through the Internet or various other telecommunication networks. Such communications, for example, may enable loading of the software from one computer or processor into another, for example, from a management server or host computer of the service provider into the computer platforms of the wireless access point and computing devices. Thus, another type of media that may bear the programming, media content or meta-data files includes optical, electrical and electromagnetic waves, such as used across physical interfaces between local devices, through wired and optical landline networks and over various air-links. The physical elements that carry such waves, such as wired or wireless links, optical links or the like, also may be considered as media bearing the software. As used herein, unless restricted to “non-transitory” , “tangible” , or “storage” media, terms such as computer or machine “readable medium” refer to any medium that participates in providing instructions or data to a processor for execution.
Hence, a machine readable medium may take many forms of tangible storage medium. Non-volatile storage media include, for example, optical or magnetic disks, such as any of the storage devices in any computer (s) or the like, such as may be used to implement the  computing device, media gateway, transcoder, etc. shown in the drawings. Volatile storage media include dynamic memory, such as main memory of such a computer platform. Tangible transmission media include coaxial cables; copper wire and fiber optics, including the wires that comprise a bus within a computer system. Carrier-wave transmission media may take the form of electric or electromagnetic signals, or acoustic or light waves such as those generated during radio frequency (RF) and infrared (IR) data communications. Common forms of computer-readable media therefore include for example: a floppy disk, a flexible disk, hard disk, magnetic tape, any other magnetic medium, a CD-ROM, DVD or DVD-ROM, any other optical medium, punch cards paper tape, any other physical storage medium with patterns of holes, a RAM, a PROM and EPROM, a FLASH-EPROM, any other memory chip or cartridge, a carrier wave transporting data or instructions, cables or links transporting such a carrier wave, or any other medium from which a computer may read programming code and/or data. Many of these forms of computer readable media may be involved in carrying one or more sequences of one or more instructions to a processor for execution.
While the foregoing has described what are considered to be the best mode and/or other examples, it is understood that various modifications may be made therein and that the subject matter disclosed herein may be implemented in various forms and examples, and that the teachings may be applied in numerous applications, only some of which have been described herein. It is intended by the following claims to claim any and all applications, modifications, and variations that fall within the true scope of the present teachings.
Unless otherwise stated, all measurements, values, ratings, positions, magnitudes, sizes, and other specifications that are set forth in this specification, including in the claims that follow, are approximate, not exact. They are intended to have a reasonable range that is consistent with the functions to which they relate and with what is customary in the art to which they pertain.
The scope of protection is limited solely by the claims that now follow. That scope is intended and should be interpreted to be as broad as is consistent with the ordinary meaning of the language that is used in the claims when interpreted in light of this specification and the prosecution history that follows and to encompass all structural and functional equivalents. Notwithstanding, none of the claims are intended to embrace subject matter that fails to satisfy the requirement of Sections 101, 102, or 103 of the Patent Act, nor should they be  interpreted in such a way. Any unintended embracement of such subject matter is hereby disclaimed.
Except as stated immediately above, nothing that has been stated or illustrated is intended or should be interpreted to cause a dedication of any component, step, feature, object, benefit, advantage, or equivalent to the public, regardless of whether it is or is not recited in the claims.
It will be understood that the terms and expressions used herein have the ordinary meaning as is accorded to such terms and expressions with respect to their corresponding respective areas of inquiry and study except where specific meanings have otherwise been set forth herein. Relational terms such as first and second and the like may be used solely to distinguish one entity or action from another without necessarily requiring or implying any actual such relationship or order between such entities or actions. The terms “comprises, ” “comprising, ” or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. An element preceded by “a” or “an” does not, without further constraints, preclude the existence of additional identical elements in the process, method, article, or apparatus that comprises the element.
The Abstract of the Disclosure is provided to allow the reader to quickly ascertain the nature of the technical disclosure. It is submitted with the understanding that it will not be used to interpret or limit the scope or meaning of the claims. In addition, in the foregoing Detailed Description, it may be seen that various features are grouped together in various embodiments for the purpose of streamlining the disclosure. This method of disclosure is not to be interpreted as reflecting an intention that the claimed embodiments require more features than are expressly recited in each claim. Rather, as the following claims reflect, inventive subject matter lies in less than all features of a single disclosed embodiment. Thus the following claims are hereby incorporated into the Detailed Description, with each claim standing on its own as a separately claimed subject matter.

Claims (20)

  1. A cable modem comprising:
    a wireless network communication interface for communication over a wireless network;
    a processor coupled to the wireless network communication interface;
    a voice multimedia terminal adapter coupled to the processor and for communication:
    over a wide area network or the wireless network for voice over internet protocol communication with a telephony device; or
    over a telephone interface with the telephony device;
    a memory accessible to the processor; and
    programming in the memory, wherein execution of the programming by the processor configures the cable modem to perform functions, including functions to:
    receive via the wireless network communication interface, a wireless network connection request to communicate over the wireless network from a pending computing device;
    in response to receiving the wireless network connection request:
    communicate, via the voice multimedia terminal adapter, over the wide area network, the wireless network, or the telephone interface, to the telephony device, the wireless network connection request from the pending computing device;
    request, via the voice multimedia adapter, a wireless network access approval signal or a wireless network access denial signal from the telephony device;
    receive, via the voice multimedia adapter, the wireless network access approval signal from the telephony device; and
    based on receiving the wireless network access approval signal, grant the wireless network connection request from the pending computing device.
  2. The cable modem of claim 1, wherein:
    requesting the wireless network access approval or the wireless network access denial signal from the telephony device is communicated over the telephone interface; and
    the wireless network access approval signal received from the telephony device is a dual tone multi-frequency signal.
  3. The cable modem of claim 1, wherein:
    requesting the wireless network access approval or the wireless network access denial signal from the telephony device is communicated over the wide area network or the wireless network; and
    the wireless network access approval signal received from the telephony device is a predetermined text string within a short message service message indicating that the pending computing device is granted access to the wireless network.
  4. The cable modem of claim 1, wherein:
    the memory further comprises a computing device permission tracking table that includes multiple computing device permission records, each computing device permission record storing:
    a computing device identifier of a respective computing device; and
    a respective wireless network access approval signal or a respective wireless network access denial signal received from the telephony device for the respective computing device,
    wherein:
    the respective wireless network access approval signal indicates that the respective computing device is granted access to the wireless network permanently or for a restricted access time period; or
    the respective wireless network access denial signal indicates that the respective computing device is denied access to the wireless network permanently or for a denial time period; and
    execution of the programming by the processor further configures the cable modem to perform functions, including functions to:
    in response to receiving the wireless network access approval signal from the telephony device, store the wireless network access approval signal and a pending computing device identifier of the pending computing device in the computing device permission tracking table as one of the computing device permission records, wherein the wireless network access approval signal indicates that the pending computing device is granted access to the wireless network for the restricted access time period;
    receive via the wireless network communication interface, a second wireless network connection request to communicate over the wireless network from the pending computing device and the pending computing device identifier; and
    in response to receiving the second wireless network connection request:
    retrieve, from the computing device permission tracking table, one of the permission records for the pending computing device based on the received pending computing device identifier;
    determine that the second wireless network connection request is received within the restricted access time period stored in the retrieved one of the permission records;
    based on determining that the second wireless network connection request is received within the restricted access time period, grant the second wireless network connection request from the pending computing device.
  5. The cable modem of claim 4, wherein the pending computing device identifier is a media access control (MAC) address of the pending computing device.
  6. The cable modem of claim 1, wherein:
    requesting the wireless network access approval or the wireless network access denial signal from the telephony device is communicated over the wide area network or the wireless network; and
    the wireless network access approval signal received from the telephony device is a dual tone multi-frequency signal.
  7. The cable modem of claim 1, wherein:
    the wireless area network is Wi-Fi; and
    the wide area network includes internet, a telecommunication network, or a combination thereof.
  8. The cable modem of claim 1, wherein execution of the programming by the processor further configures the cable modem to perform functions, including functions to:
    receive via the wireless network communication interface, a second wireless network connection request to communicate over the wireless network from a second pending computing device; and
    in response to receiving the second wireless network connection request:
    communicate, via the voice multimedia terminal adapter, over the wide area network, the wireless network, or the telephone interface, to the telephony device, the second wireless network connection request from the second pending computing device;
    request a second wireless network access approval or denial signal from the telephony device;
    await the second wireless network access approval or denial signal from the telephony device for a predetermined timeout period; and
    upon waiting for the second approval or denial signal from the telephony device for the predetermined timeout period without receiving the wireless network access approval or denial signal from the telephony device, deny the second wireless network connection request from the second pending computing device.
  9. A method comprising:
    receiving via a wireless network communication interface, a wireless network connection request to communicate over a wireless network from a pending computing device;
    in response to receiving the wireless network connection request:
    communicating via a voice multimedia adapter, over a wide area network, the wireless network, or a telephone interface, to a telephony device, the wireless network connection request from the pending computing device;
    requesting, via the voice multimedia adapter, a wireless network access approval signal or a wireless network access denial signal from the telephony device;
    receiving, via the voice multimedia adapter, the wireless network access approval signal from the telephony device; and
    based on receiving the wireless network access approval signal, granting the wireless network connection request from the pending computing device.
  10. The method of claim 9, wherein:
    the request for the wireless network access approval or the wireless network access denial signal from the telephony device is communicated over the telephone interface; and
    the wireless network access approval signal received from the telephony device is a dual tone multi-frequency signal.
  11. The method of claim 9, wherein:
    the request for the wireless network access approval or the wireless network access denial signal from the telephony device is communicated over a wide area network or the wireless network; and
    the wireless network access approval signal received from the telephony device is a predetermined text string within a short message service message indicating that the pending computing device is granted access to the wireless network.
  12. The method of claim 9, further comprising:
    in response to receiving the wireless network access approval signal from the telephony device, storing the wireless network access approval signal and a pending computing device identifier of the pending computing device in a computing device permission tracking table as a computing device permission record, wherein the wireless network access approval signal indicates that the pending computing device is granted access to the wireless network for a restricted access time period;
    receiving via the wireless network communication interface, a second wireless network connection request to communicate over the wireless network from the pending computing device and the pending computing device identifier; and
    in response to receiving the second wireless network connection request:
    retrieving, from the computing device permission tracking table, one of the permission records for the pending computing device based on the received pending computing device identifier;
    determining that the second wireless network connection request is received within a restricted access time period stored in the retrieved one of the permission records;
    based on determining that the second wireless network connection request is received within the restricted access time period, granting the second wireless network connection request from the pending computing device.
  13. The method of claim 9, wherein:
    the request for the wireless network access approval or the wireless network access denial signal from the telephony device is communicated over a wide area network or the wireless network; and
    the wireless network access approval signal from the telephony device is a dual tone multi-frequency signal.
  14. The method of claim 9, further comprising:
    receiving via the wireless network communication interface, a second wireless network connection request to communicate over the wireless network from a second pending computing device; and
    in response to receiving the second wireless network connection request:
    communicating, via the voice multimedia terminal adapter, over the wide area network, the wireless network, or the telephone interface with the telephony device, the second wireless network connection request from the second pending computing device;
    requesting a second wireless network access approval or denial signal from the telephony device;
    awaiting the second approval or denial signal from the telephony device for a predetermined timeout period; and
    upon waiting for the second approval or denial signal from the telephony device for the predetermined timeout period without receiving the wireless network access approval  or denial signal from the telephony device, denying the second wireless network connection request from the second pending computing device.
  15. A non-transitory machine-readable medium containing machine-readable programming instructions, the instructions causing a cable modem to:
    receive via a wireless network communication interface, a wireless network connection request to communicate over a wireless network from a pending computing device;
    in response to receiving the wireless network connection request:
    communicate via a voice multimedia adapter, over a wide area network, the wireless network, or a telephone interface to a telephony device, the wireless network connection request from the pending computing device;
    request, via the voice multimedia adapter, a wireless network access approval signal or a wireless network access denial signal from the telephony device;
    receive, via the voice multimedia adapter, the wireless network access approval signal from the telephony device; and
    based on receiving the wireless network access approval signal, grant the wireless network connection request from the pending computing device.
  16. The machine-readable medium of claim 15 wherein:
    requesting the wireless network access approval or the wireless network access denial signal from the telephony device is communicated over the telephone interface; and
    the wireless network access approval signal received from the telephony device is a dual tone multi-frequency signal.
  17. The machine-readable medium of claim 15 wherein:
    requesting the wireless network access approval or the wireless network access denial signal from the telephony device is communicated over a wide area network or the wireless network; and
    the wireless network access approval signal received from the telephony device is a predetermined text string within a short message service message indicating that the pending computing device is granted access to the wireless network.
  18. The machine-readable medium of claim 15, wherein the instructions further comprise instructions to:
    in response to receiving the wireless network access approval signal from the telephony device, store the wireless network access approval signal and a pending computing device identifier of the pending computing device in a computing device permission tracking table as a computing device permission record, wherein the wireless network access approval signal indicates that the pending computing device is granted access to the wireless network for a restricted access time period;
    receive via the wireless network communication interface, a second wireless network connection request to communicate over the wireless network from the pending computing device and the pending computing device identifier; and
    in response to receiving the second wireless network connection request:
    retrieve, from the computing device permission tracking table, one of the permission records for the pending computing device based on the received pending computing device identifier;
    determine that the second wireless network connection request is received within a restricted access time period stored in the retrieved one of the permission records;
    based on determining that the second wireless network connection request is received within the restricted access time period, grant the second wireless network connection request from the pending computing device.
  19. The machine-readable medium of claim 15, wherein:
    requesting the wireless network access approval or the wireless network access denial signal from the telephony device is communicated over a wide area network or the wireless network; and
    the wireless network access approval signal received from the telephony device is a dual tone multi-frequency signal.
  20. The machine-readable medium of claim 15, wherein the instructions further comprise instructions to:
    receive via the wireless network communication interface, a second wireless network connection request to communicate over the wireless network from a second pending computing device; and
    in response to receiving the second wireless network connection request:
    communicate via the voice multimedia terminal adapter, over the wide area network, the wireless network, or the telephone interface with the telephony device, the second wireless network connection request from the second pending computing device;
    request a second wireless network access approval or denial signal from the telephony device;
    await the second approval or denial signal from the telephony device for a predetermined timeout period ; and
    upon waiting for the second approval or denial signal from the telephony device for the predetermined timeout period without receiving the wireless network access approval or denial signal from the telephony device, deny the second wireless network connection request from the second pending computing device.
PCT/CN2019/081717 2019-04-08 2019-04-08 Administrating pending network access requests via a telephony device WO2020206584A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/CN2019/081717 WO2020206584A1 (en) 2019-04-08 2019-04-08 Administrating pending network access requests via a telephony device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CN2019/081717 WO2020206584A1 (en) 2019-04-08 2019-04-08 Administrating pending network access requests via a telephony device

Publications (1)

Publication Number Publication Date
WO2020206584A1 true WO2020206584A1 (en) 2020-10-15

Family

ID=72752180

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2019/081717 WO2020206584A1 (en) 2019-04-08 2019-04-08 Administrating pending network access requests via a telephony device

Country Status (1)

Country Link
WO (1) WO2020206584A1 (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20100119047A1 (en) * 2008-11-12 2010-05-13 Anthony Pike Telecommunication redirect system and method
CN101765232A (en) * 2008-12-25 2010-06-30 中兴通讯股份有限公司 DSL (Digital Subscriber Line) network access method and system as well as broadband remote access server
US8457294B1 (en) * 2008-05-23 2013-06-04 Arris Group, Inc. Transferring a communication session
US20140298490A1 (en) * 2013-03-26 2014-10-02 International Business Machines Corporation Access request authorization
CN104380776A (en) * 2014-05-31 2015-02-25 华为技术有限公司 Network connection method, hotspot terminal and management terminal

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8457294B1 (en) * 2008-05-23 2013-06-04 Arris Group, Inc. Transferring a communication session
US20100119047A1 (en) * 2008-11-12 2010-05-13 Anthony Pike Telecommunication redirect system and method
CN101765232A (en) * 2008-12-25 2010-06-30 中兴通讯股份有限公司 DSL (Digital Subscriber Line) network access method and system as well as broadband remote access server
US20140298490A1 (en) * 2013-03-26 2014-10-02 International Business Machines Corporation Access request authorization
CN104380776A (en) * 2014-05-31 2015-02-25 华为技术有限公司 Network connection method, hotspot terminal and management terminal

Similar Documents

Publication Publication Date Title
EP3080963B1 (en) Methods, devices and systems for dynamic network access administration
US9384479B2 (en) Mobile phone takeover protection system and method
US7559081B2 (en) Method and apparatus for authenticating a user at an access terminal
US7565547B2 (en) Trust inheritance in network authentication
US9412381B2 (en) Integrated voice biometrics cloud security gateway
RU2546610C1 (en) Method of determining unsafe wireless access point
US10045213B2 (en) Method and apparatus for authenticating terminal in mobile communications system
US9787678B2 (en) Multifactor authentication for mail server access
US8931068B2 (en) Authentication process
WO2012004640A1 (en) Transaction authentication
US20200036674A1 (en) System and method to use a mobile number in conjunction with a non-telephony internet connected device
RU2439702C2 (en) Method to execute transaction between two servers with pre-check of validity by means of two mobile telephones
US20080282331A1 (en) User Provisioning With Multi-Factor Authentication
US9065816B2 (en) Systems and methods of integrating openID with a telecommunications network
US20210105354A1 (en) Detecting nuisance and restricted communications via a communication privilege control system
WO2020206584A1 (en) Administrating pending network access requests via a telephony device
JP2000209284A (en) Device and method for authentication
TWI778434B (en) Base station and uplink transmission security detection method
CN111465004B (en) Device activation enablement
KR102204416B1 (en) Authentication service method based on voice
CA3222971A1 (en) Transferring an authentication state from a digital channel to an agent channel
CN117319999A (en) Communication device identification method, communication system and electronic device
CN116567628A (en) Communication method, device, electronic equipment and storage medium
CN118332536A (en) Proximity-based unlocking of public computing devices
IE20130096U1 (en) Mobile phone SIM takeover protection

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 19924132

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 19924132

Country of ref document: EP

Kind code of ref document: A1