The approaches described in this section could be pursued, but are not necessarily approaches that have been previously conceived or pursued. Therefore, unless otherwise indicated herein, the approaches described in this section are not prior art to the claims in this application and are not admitted to be prior art by inclusion in this section.
Public Wireless Local Area Networks (PwLAN) enable mobile computer users using a laptop or portable computing device to access information through continuous high-speed communications. PwLAN “hotspots” are the public locations where wireless Internet access can be obtained. Hotspots are typically located in such public areas as coffee shops, hotel lobbies or airport lounges.
PwLAN hotspots are capable of applying different behaviors to user sessions, depending on where the user connects to the network. This “location awareness” feature allows for the presentation of location-specific or branded retail pages or different elements within a page based on the user's connection attributes.
Although network access through a PwLAN hotspot typically requires a user to authenticate before access is allowed, a hotspot may allow the user to access certain designated free services before requiring the user to authenticate. When access to an Internet destination does not require identification and/or authentication of the user, the destination is considered to be “free of charge.” Two mechanisms used to determine when a destination is “free of charge”, and therefore accessible by an unauthenticated user, are “Open Gardens” and “White Lists.” An “Open Garden” refers to a collection of domains that a user can access without providing authentication information. A “White List” is a set of specific Internet destinations that are accessible by an unauthorized user. The primary difference between Open Gardens and White Lists is the level at which accessible destinations are defined. Open Gardens allow or deny access to routing domains, while White Lists do not require a physical address and can define specific accessible destinations by URL (Uniform Resource Locator). Closely related to a White List is a “Black List.” When a Black List is used to control access to specific destinations, the user is allowed access to all destinations that are not in the Black List.
White Lists, Black Lists and Open Gardens are typically implemented at the gateway through which the PwLAN hotspot connects to the network. As many hotspots can connect to the network through the same gateway, in these implementations the Open Garden or White List at the gateway applies to all users that connect through a gateway, no matter which hotspot they are using to access the network.
It would be advantageous to be able to configure a White List service such that different White Lists could be applied to different users. In particular, it would be advantageous to apply a location-awareness feature similar to the branding feature to a White List service such that different white lists can be configured for each hotspot from a centrally managed location.
Known implementations of location-aware branding are based on the ability to derive the connection attributes of the user's subnet based on the user's source IP or gateway through which the user connects, and present branded pages or different elements within a page based on those attributes. However, the ability to have a “location-based white list service” is more complex than merely providing a branded user web-based experience, as White Lists may be used before a user is authenticated, and therefore the known methods of implementing location awareness that rely on a user name or other authentication information cannot be used to implement a location-based white list service.
The concept of “location” can be more complex than a simple client IP address. A finer resolution of location, such as a particular access point or even switch access-port through which the user gains access, is desirable. Furthermore, location is often a hierarchical concept. For example, the United Kingdom, Heathrow, Terminal 1, and a specific airline first-class lounge can all be considered to be “locations”. It is desirable to allow for different customizations at different location levels.
In addition to location, it is desirable to use any attribute of the user and/or the user's session to dynamically define a list of free services for the user in a particular session, such as authentication information, service level information, etc.
Furthermore, in addition to a White List service, it is desirable to apply location-awareness to other services, such as determining payment methods, setting Quality of Service parameters for a session, selecting an ISP, determining the rate at which to charge a user, determining how to perform authentication, or determining how to aggregate and distribute accounting information.
Based on the foregoing, there is a clear need for a method of dynamically defining available services for each user based on attributes of the user and/or the user's session. In particular, there is a need to dynamically define a White List for each user based on the location of the user when accessing the network, whether the user has been authenticated, and the services available to the user. Such a method should preferably be able to handle any type of request from a client browser without necessitating any configuration changes on the client (i.e. zero-configuration).
The method disclosed herein uses a granular approach for determining whether to allow access to destinations according to the location of a client session. The location is determined according to key characteristics or attributes of the client connection. In one embodiment of the disclosed method, a router redirects requests for access to a host to a Captive Portal Web Server which is capable of handling normal and proxy HTTP requests. The Captive Portal permits or denies access to hosts through configurable White and/or Black Lists. The lists can be default or location-specific, and can be used for other purposes in addition to providing a configurable White List service.