Many organizations allow remote access by employees to the corporate computer network via the Internet. Such remote connection is commonly implemented using a VPN (Virtual Private Network). A VPN is a secure way to communicate with a private network through a public network such as the Internet. Several companies offer VPN products. For example, Cisco Systems, Inc. (San Jose, Calif.) offers a family of VPN products for both the network side and the client side of the VPN connection. Additional details regarding Cisco VPN products can be found at www.cisco.com/en/US/products/hw/vpndevc.
In some VPN applications, VPN client software is installed on the user's computer. The VPN client establishes a secure “VPN tunnel” to a VPN server located in the corporate network. For example, Cisco Systems offers a VPN client of this sort, which is described in www.cisco.com/en/US/products/sw/secursw/ps2308.
VPN users often connect to the Internet using a WLAN (Wireless Local Area Network, also referred to as Wi-Fi) enabled laptop computer in a hotspot. (A hotspot is a public location, such as a hotel lobby or coffee-shop, that provides wireless Internet access to WLAN-enabled computers.) Several companies offer products that allow users to gain Internet access via hotspots. For example, Cisco Systems offers products known as SSG (Service Selection Gateway) and SESM (Subscriber Edge Services Manager). SSG/SESM provides subscriber authentication and authorization, service selection, service connection and accounting capabilities to subscribers of Internet services. Additional details regarding SSG/SESM can be found at www.cisco.com/en/US/tech/tk888/tk890/tech_protocol_family_home.html.
Several companies provide Internet roaming services (allowing customers of a given service provider to connect to a network of another service provider, for example via a hotspot) and associated client software. Two examples of such providers are ipass, Inc. (Redwood Shores, Calif.) and Boingo Wireless, Inc. (Santa Monica, Calif.). Additional details can be found at the company web sites www.ipass.com and www.boingo.com, respectively. Both companies provide their clients with dialer software that includes an HTTP (Hypertext Transfer Protocol) client.
Guidelines for connecting roaming users to the Internet via hotspots are described by Anton et al., in a paper entitled “Best Current Practices for Wireless Internet Service Provider (WISP) Roaming,” Wi-Fi Alliance—WISPr, version 1.0, February 2003, which is incorporated herein by reference. The paper describes recommended operational practices, technical architecture, and an authentication, authorization, and accounting (AAA) framework for enabling subscriber roaming among Wi-Fi based Wireless Internet Service Providers (WISPs). The roaming framework described allows using Wi-Fi compliant devices to roam into Wi-Fi enabled hotspots for public access and services. Additional details regarding WISPr can be found at www.wi-fialliance.org/opensection/wispr.asp.
The AAA functions associated with the connection of users to private networks via the Internet are described in the patent literature. For example, U.S. Patent Application Publication 2003/0051041, whose disclosure is incorporated herein by reference, describes a converged network accessible by client terminals. The converged network includes a wide area network, a local area network, and a gateway linked to the wide area and local area networks. The gateway integrates billing and authentication functions of the wide area and local area networks. Other examples of solutions related to VPNs and public access networks are described in U.S. Patent Application Publications 2002/0120872, 2003/0182556, and 2004/0181663, whose disclosures are also incorporated herein by reference.
The present invention will be more fully understood from the following detailed description of the embodiments thereof, taken together with the drawings in which: