A packet-based communications network can transmit a data stream of bits in the form of packets of fixed or variable length for the purpose of moving information between computers. Each packet is routed through the network based on address information contained in the data stream. There are approximately 30 million users of packet networks in the U.S. The Internet, the largest and most well-known of the existing packet networks, connects millions of computers in countries across the world. In addition to the Internet, many companies use packet networks, locally or internally within the company, which are functionally modeled on the Internet. These packet networks, denoted "intranets" or "extranets," are compatible with the Internet Protocol (IP), a communications protocol for the address information of data packets transmitted using the Internet.
The World Wide Web, or "Web," represents a portion of the information on the Internet accessible through a graphical user interface software program, commonly known as a Web "browser." The Netscape Navigator.TM. browser, available from Netscape Communications Corporation in Mountain View, Calif., is one example of a Web browser. The Web is made up of "pages" that are stored and transmitted over the Internet using the Hyper Text Markup Language (HTML) by computer, known as "servers." In general, a Web page can include combinations of text, graphics, sound, video and small application programs. A Web page can also include a "link" which, when selected by a user, results in the automatic display of another Web page.
Typically, a user will access the Web by establishing a communications link with, or "logging onto," an Internet Service Provider (ISP), perhaps over a telephone line using a modem. When the user requests a Web page, the user's browser communicates with the Internet through the ISP to retrieve the information related to the requested page. The ISP, which can serve thousands of users, generates revenue by charging each user a fee, such as a flat monthly fee, for the service. The ISP can also charge the user a time based fee in addition to, or instead of, the flat fee. Some ISPs also limit the amount of time that a given user can spend accessing the Internet.
The equipment required to operate an ISP can be very expensive, especially if the ISP expects to serve many users. The ISP may have to install, for example, a large number of phone lines, packet routers and communication switches. Moreover, the maintenance and technical support required to keep this equipment running can be difficult and expensive.
A company with the marketing ability required to attract a large number of users may not have the resources and expertise needed to provide Internet access. The company may, for example, be well known by users in a different, but related, field. Such company may also have, or not have, the resources and expertise needed to handle the billing and accounting functions typically provided by an ISP. Conversely, a company with Internet access equipment may not be interested in, or be capable of, the marketing required to attract a large number of users. The company may also lack a support staff to answer user questions and an accounting system to track and bill users.
To solve this problem, it is known that a branded Internet access re-seller can be established to handle the marketing and accounting aspects of Internet access. Such a "virtual" ISP can lease Internet access time from a traditional "hardware capable" ISP, such as for a flat or time based fee. FIG. 1 is a block diagram of a known system of providing access to the Internet 300 through a virtual ISP 200. The virtual ISP 200 serves a number of users 110, 120, 130 by leasing access from a number of ISPs 210, 220 that route communications to and from the Internet 300.
A user subscribes directly with the virtual ISP 200 for Internet access. The virtual ISP 200 assigns a user identifier (ID) and password to the user, and provides this information to one of the ISPs, such as the first ISP 210. The user is typically unaware of the identity of the ISP 210 that actually provides access to the Internet. The virtual ISP 200 also provides the user with a client software program 114 to be used when accessing the Internet 300. As used herein, a "client" is a requesting computer program, and a "server" is a computer program that provides service to the client in response to the request.
To access the Internet 300, the user runs the client program 114 on a PC 110. The client program 114 may include, for example, a communications software program and may be configured to display the name and logo of the virtual ISP 200. The client program 114 is configured to directly contact the ISP 210, using, for example, a modem 116. The client program 114 then presents the user's ID and password to the ISP 210 in order to "log onto" the system. Once the user logs onto the ISP 210, the user can access the Internet 300 with a browser program 112. When the user is finished, he can "log off" the system to end the Internet access "session."
The virtual ISP 200 generally receives a periodic report from each ISP 210, 220 for billing purposes. For example, the ISP 210 may provide the virtual ISP 200 with a usage report each night listing the user ID of every user that accessed the Internet 300 during the last 24 hour period. The report can also reflect the start time and end time, or length, of each such user session in order to determine how much the ISP 210 will bill the virtual ISP 200 for access. The report can also be used by the virtual ISP 200 to in turn bill each user directly.
One problem with known virtual ISP systems, however, is that the virtual ISP 200 does not know which users are currently logged on. That is, although a nightly report may be accurate for billing purposes, it does not reflect in real time which users are communicating with the Internet 300. A known protocol, called the Remote Authentication Dial In User Service (RADIUS) authentication protocol, can alert the virtual ISP 200 when a user logs on, but there is no way to inform the virtual ISP 200 when the user logs off. A related protocol called, the RADIUS accounting protocol, can alert the virtual ISP 200 both when the user logs on and when the user logs off the system. However, the RADIUS accounting protocol operates between a virtual ISP 200 and a physical ISP 210, not between a virtual ISP 200 and a client program 114. Therefore, even the RADIUS accounting protocol does not let the virtual ISP 200 exercise any control over the client program 114.
There are several reasons why a virtual ISP 200 may want to know which users are currently logged onto the system. For example, the virtual ISP 200 may want to communicate with all users who are currently on-line, such as to announce a special event. The virtual ISP 200 would not want to deal with a large number of ISPs to determine which users are currently logged onto each ISP. The virtual ISP 200 may also be interested in which users are currently logged on for trouble shooting purposes.
Moreover, user fraud could be detected, and deterred, if the virtual ISP 200 could maintain an independent log of user access, instead of relying on the report generated by the ISP 210. For example, a user that bypasses the client program 114 and contacts the ISP 210 directly would be detected by comparing the virtual ISP's log with the ISP's report. Similarly, such a log could be used to detect and resolve billing errors between the virtual ISP 200 and the ISP 210.
Another problem with known virtual ISP systems is that the virtual ISP 200 cannot directly control the client program 114 when a user is on-line. Suppose, for example, that the virtual ISP 200 wants to automatically install a new software release, or to update a list of access telephone numbers stored on the user's computer 110. Because the user PC 110 communicates with the ISP 210, and not with the virtual ISP 200, the virtual ISP 200 cannot instruct the client to download the new information. Even if the virtual ISP 200 could arrange to have every individual ISP perform such a download, this approach is cumbersome if the virtual ISP 200 leases access time from a large number of ISPs.
Similarly, the virtual ISP 200 may want to send a message to a user, such as a dialog window explaining why access to the network is being denied. Such an ability would reduce the number of customer support phone calls from users wondering if there is a technical problem with their connection. Because ISP 210 does not know the status of each user's account, and due to limitations in the RADIUS authentication protocol, the ISP 210 cannot perform this action. The virtual ISP 200 may also want to send a message warning a user that their monthly allotment of time is almost over, which is also not known by each ISP.
Another disadvantage of known virtual ISP arrangements is that real-time services cannot be offered to users. For example, the virtual ISP may want to offer users "chat rooms" that let users communicate with each other on a real-time basis. As part of this service, the virtual ISP might like to send a message to a user, letting the user know that certain other users are also currently logged on. Such a feature can typically be blocked by a user, if desired, for privacy reasons. Because the ISP 210 does not know if users are logged onto other ISPs, it cannot perform this service. Similarly, the virtual ISP does not know which users are currently logged on and cannot perform this service.
In view of the foregoing, it can be appreciated that a substantial need exists for a method and apparatus that provides a virtual ISP with real time information about, and control over, a client and solves the other problems, such as those associated with offering real-time services to a user, discussed above.
SUMMARY OF THE INVENTION
The disadvantages of the art are alleviated to a great extent by a method and apparatus to control a client via a client controller in a communications network, accessed by the client though a service provider independent of the client controller. In one embodiment of the present invention, the client controller receives from the client a start session message containing user identity information. The start session message is received using the communications network in accordance with a client control protocol. Based on the user identity information, the client controller can send to the client a control message using the communications network in accordance with the client control protocol.
With these and other advantages and features of the invention that will become hereinafter apparent, the nature of the invention may be more clearly understood by reference to the following detailed description of the invention, the appended claims and to the several drawings attached herein.