For years, computer networks in workplaces and universities have comprised relatively static client/server systems. A typical university computing arrangement would include a computer laboratory with associated printers and other resources that the student user, after leaving the laboratory, would not expect to be able to access. While these computer networks offer predictable and relatively secure means of providing access to computing resources, these rely on one fundamental assumption—host immobility. IP addresses are statically assigned to devices, access points, or services, and therefore, movement between networks means device, service, or network elements are always lost.
Today's hosts tend to be the exact opposite of immobile, and therefore, applications have been developed to work from anyplace, anywhere, at anytime, and from any device. To answer this growing need for mobility, we have also seen the emergence of the mobile/cloud computer network model which allows users to store their information “in the cloud”, and later access this information from any computer connected to the internet. Furthermore, with the increased use of BYOD (“Bring Your Own Device”) networks in such environments as college campuses and workplaces, the ability to provide resources to hosts as they migrate across subnets in a network is imperative as users are taking their personal devices to school or work, then returning home with their personal devices.
However, while the mobile/cloud model lends increased support to end user mobility, consumer discovery protocol traffic, including without limitation Apple Bonjour traffic, is still subject to the same geographic limitations as predecessor networks. A mobile/cloud network may include one or more subnetworks, and each subnetwork may in turn include consumer discovery protocol traffic. Since most consumer discovery protocols, herein referred to as enterprise or BYOD services, maintain the notion of a local area network (LAN) and are not routable, these BYOD services cannot be made available to end users as they migrate to other subnetworks across a LAN network. These BYOD services may include, without limitation, such devices as smart phones, projectors, scanners, and printers.
Thus, it is easy to imagine various situations wherein a student end user in a university environment or corporate executive in a large enterprise may desire to access these types of BYOD services across various subnetworks. However, routing the enterprise service traffic throughout the network would make the BYOD services available to all of the users of the routed network rather than a subset of privileged end users. Therefore, there is a need in the art for a method, system, and computer readable medium for providing users with privileged and secure access to BYOD services as they travel in a mobile/cloud-based network environment without making those BYOD services available to all end users.