1. Field of the Invention
The present invention relates to a network connection system, and particularly to a network connection system in which a mobile terminal is connected through a wireless access point to a content server that requires authentication of the mobile terminal, and to a method implemented in the system.
2. Description of the Related Art
Services that provide hot spots are conventionally known. A hot spot connects terminal devices to the Internet through a wireless LAN access point to provide services to an indefinite number of users. In recent years, dual terminal devices are developed in which cellular terminal devices conforming to the Personal Digital Cellular (PDC) system and the 3rd Generation Partnership Project (3GPP) standards are equipped with wireless LAN interfaces (WLAN I/Fs), raising expectations that the use of hot spots will further spread.
A wireless Local Area Network (LAN) access point is connected to intranets of Internet Services Providers (ISPs) who are under contract with the hot spot provider. The hot spot provider may also serve as an ISP.
A user terminal device, e.g., a mobile terminal, is required to perform the following procedure to connect through a hot spot to a content server that requires authentication on the Internet. First, the user terminal device undergoes ISP authentication to connect to the Internet (specifically, an intranet of an ISP) through the hot spot. Next, the user terminal device specifies the Uniform Resource Locator (URL) of the authentication-requiring content server and is then subjected to authentication for the use of content by the authentication-requiring content server. Such techniques are described in JP 2003-318922 A and JP 2002-1522-76 A, for example.
When a user terminal device connects to an intranet of a hot spot provider (ISP) through the hot spot, the authentication server of the hot spot provider often authenticates the user terminal device (user) using a tunneling protocol such as L2TP.
FIG. 7 shows an example in which a mobile terminal 20 accesses an intranet 25 of a hot spot provider, who also serves as an ISP, through a hot spot 25. In other words, FIG. 7 is a diagram illustrating an example in which the mobile terminal 20 connects to the Internet through the hot spot 25.
In FIG. 7, the hot spot 25 has a wireless LAN access point 21 and is connectable to the Internet 27. The intranet 26 includes an authentication gateway 22 connectable to the Internet 27, a secure content server 23 requiring entry of credit numbers etc., and an authentication server 24.
The access from the mobile terminal 20 to the intranet 26 through the hot spot 25 will be described. The mobile terminal 20 accesses the authentication gateway 22 via the wireless LAN access point (W-LAN AP) 21 and the Internet 27. In this case, the mobile terminal 20 and the authentication gateway 22 serve as Virtual Private Network (VPN) terminations.
The authentication server 24 performs authentication of both tunnel ends according to a tunneling protocol such as L2TP. For example, the authentication server 24 authenticates the mobile terminal 20 by obtaining a user ID and a password from the mobile terminal 20 and referring to its own database. When the authentication server 24 has authenticated the mobile terminal 20, the authentication server 24 assigns an IP address to the mobile terminal 20. The authentication gateway 22 provides the mobile terminal 20 with the IP address assigned by the authentication server 24 and connects the mobile terminal 20 to the intranet 26. The mobile terminal 20, receiving its own IP address from the authentication server, recognizes that a permission has been granted to its connection to the desired content server.
Before the mobile terminal 20 connected to the intranet 26 accesses the content server 23 on the intranet 26, the mobile terminal 20 is authenticated by the content provider through a procedure such as Secure Socket Layer (SSL).
The charge for the hot spot service is a fixed amount (including free of charge) in most cases.
When a user terminal device (mobile terminal) attempts to connect to an authentication-requiring content server through a hot spot, the user first performs an ISP authentication procedure in the hot spot. In addition, the user specifies the URL of the authentication-requiring content server and undergoes authentication for the content server. This means that the user has to perform two different authentication procedures to access the content server through the hot spot. This deteriorates user convenience.