The present invention relates to systems and methods for controlling data access by a user device on a network.
In an existing data network, a variety of different user devices such as desktop computers, laptop computers, or even hand-held devices, are used to access data over the network. Typically, the network includes a server that the user device logs on to. In many cases, the server assigns a dynamic address to the user device. For example, in a transmission control protocol/Internet protocol (TCP/IP) network, a dynamic Internet protocol address or IP address is assigned to the logged on user device.
As additional user devices log on to the server, the server, in turn, dynamically assigns addresses, such as IP addresses in a TCP/IP network, to the user devices. As such, because the user device addresses are dynamically assigned, meaning that the same user device may receive different addresses during different network sessions, the server cannot distinguish between different user devices based on the device addresses.
As a result, data access control techniques are limited. In general, the server will give the same data access privileges to all user devices. This is a primary disadvantage in existing data access control techniques that utilize dynamic addresses for user devices. Alternatively, some servers require a user name and password. Of course, user name and password techniques are disadvantageous in that a person may be forced to have multiple user names and passwords. Further, user names and passwords may be stolen and then used by others.
For the foregoing reasons, there is a need for a system and method for data access control that overcomes the problems and limitations of the prior art.
It is, therefore, an object of the present invention to provide a system and method for controlling data access that utilizes dynamic addressing, while allowing data access control based on the device identity.
In carrying out the above object, and other objects, features and advantages of the present invention, a system for controlling data access by a user device on a network having a server, with the user device having a device identity, is provided. The system comprises an interworking function device operative to receive a call from the user device, and a subscriber database. A dynamic address is assigned to the user device. The interworking function device further operates to send a message indicating the device identity and the corresponding dynamic address to the subscriber database. The subscriber database receives the message from the interworking function device, and catalogs the device identity along with the corresponding dynamic address. Cataloging the device identity and the corresponding dynamic address allows the server, when the server receives the corresponding dynamic address from the user device, to retrieve the device identity from the subscriber database. Resultantly, the server may control data access over the network based on the device identity.
In one embodiment, the user device is a wireless device; and, the system includes a switch center operative to receive the call from the user device and route the call to the interworking function device. Further, preferably, the interworking function device operates to assign the dynamic address to the user device.
Preferably, the system includes a customer database cataloging the device identity and a set of corresponding services. The server, in turn, controls data access over the network based on the set of services corresponding to the device identity corresponding to the dynamic address. Further, preferably, the user device has a device type and the subscriber database catalogs the device type.
Further, in carrying out the present invention, a system for controlling data access by a user device on a network having a server, with the user device having a device identity, is provided. The system comprises an interworking function device, a subscriber database, and a customer database. The interworking function device operates to receive a call from the user device. The user device has a corresponding dynamic address assigned thereto. The interworking function device is further operative to send a message indicating the device identity and the corresponding dynamic address to the subscriber database. The subscriber database receives the message from the interworking function device, and catalogs the device identity and the corresponding dynamic address. As such, the server is allowed to retrieve the device identity from the subscriber database when the server receives the corresponding dynamic address from the user device. The customer database catalogs the device identity and a set of corresponding services. The server controls data access over the network based on the set of services corresponding to the device identity corresponding to the dynamic address. The user device is operative, through the server, to modify the sets of corresponding services upon demand by a user.
Still further, in carrying out the present invention, a method for controlling data access by a user device on a network having a server, with the user device having a device identity, is provided. The method comprises receiving a call from the user device at an interworking function device, sending a message from the interworking function device and receiving the message at the subscriber database, and cataloging the device identity and the corresponding dynamic address in the subscriber database. As such, the server is allowed to retrieve the device identity from the subscriber database, when the server receives the corresponding dynamic address, and to control data access over the network based on the device identity.
The above object and other objects, features, and advantages of the present invention are readily apparent from the following detailed description of the best mode for carrying out the invention when taken in connection with the accompanying drawings.