Existing systems that receive pay per use Internet services commonly provide for sharing of a connection to the Internet services amongst multiple network devices for cost efficiency. For example, current Microsoft® Windows 98/2000 software technology allows users to share one Internet connection with multiple devices operating on a local network. More specifically, an Internet Connection Sharing function is provided in the Windows operating system such that one computer, hereinafter referred to as the Connection Sharing Computer, manages communications with the Internet services amongst a plurality of network devices, e.g. personal computers.
Generally, the Connection Sharing Computer establishes an initial, charged local area network (LAN) connection. The Connection Sharing Computer then serves as a controlling device for the LAN by providing Internet Protocol (IP) addresses and name resolution services for other computers on the LAN, hereinafter referred to as network devices. The network devices may then access the Internet through the Connection Sharing Computer using private IP addressing translation. More specifically, when a network device on the network sends a request to the Internet, its private address is transmitted to the Connection Sharing Computer, and the Connection Sharing Computer then translates the IP address of the network device to its own Internet IP address and then sends it on to the Internet.
Private IP addressing translation occurs when automatic addressing is enabled, which allows the Connection Sharing Computer to use Dynamic Host Configuration Protocol (DHCP) to dynamically assign private IP address to all network devices on a LAN. A user may disable automatic addressing and statically assign an IP address to each network device on the LAN if DHCP is not used, which is common in many European countries. Further, the Connection Sharing Computer may also use sharing features to allow outside users on the Internet to access web sites, e-mail, and game servers that are hosted on the LAN.
To enable Internet Connection Sharing, all network devices on the LAN must have network adapters. One network device is the Connection Sharing Computer, which serves to establish a connection to the Internet using the method offered by the pay per use system, wherein an Internet connection wizard establishes the connection. Interfacing between the network devices is accomplished by assigning automatic private IP addresses for a LAN using TCP/IP (Transmission Control Protocol/Internet Protocol), which allows users to have a small network with assigned unique IP addresses to the network adapter of the Connection Sharing Computer using a “LINKLOCAL” network.
Generally, LINKLOCAL network addresses begin with 169.254 and are used for private, internal addresses and thus are not valid for host computers that are not visible on the Internet. More specifically, the IP addresses cannot be used for computers linked by Internet Connection Sharing, as Internet Connection Sharing networks use addresses in the 192.168.0.xxx range. Accordingly, after a network adapter of a network device is assigned a LINKLOCAL network IP address, network devices can communicate, using TCP/IP protocol, with any other network device on the local network that uses the same addressing.
Despite extensive sophistication, a typical charge per use LAN system recognizes only the Connection Sharing Computer on the local network, due to the direct connection thereof. Accordingly, once the initial, charged Internet connection is established, Internet Connection Sharing is executed to configure the Connection Sharing Computer among other network devices. Further, the Internet Connection Sharing may also be used to configure external devices on the LAN to use file and print sharing to access resources from one another. Although the Internet Connection Sharing prevents access to the shared resource from the Internet, access by network devices is not monitored or blocked in network systems of the known art.
Accordingly, there remains a need in the art for a network architecture wherein access by network devices through a Connection Sharing Computer may be detected and verified, and further blocked if necessary. A need further exists for a network architecture that is capable of detecting, verifying, and blocking access by network devices in a mobile platform network.