1. Field of the Invention
The present invention relates to a wireless access control method and a wireless access system.
2. Description of the Related Art
In recent years, as the Internet has become widespread, a wireless access system for access from a mobile terminal to the Internet has been contemplated.
A conventional wireless access system is described below. Among other wireless access systems, a wireless LAN system using a wireless LAN (local area network) as a wireless transmission line is described herein.
By referring to FIG. 5, the wireless LAN system according to the conventional technology includes a mobile terminal 100, a wireless base station 200 for communicating with the mobile terminal 100 through a wireless line, an access network control station 300 for controlling the communications with the mobile terminal 100 through a wireless access network, and a wireless access gateway (default router) 400 for establishing a channel between the mobile terminal 100 and equipment external to the wireless access network.
The operation performed as an operation of the conventional wireless LAN system shown in FIG. 5 when the communications is performed from the mobile terminal 100 to equipment external to the wireless access network is described below by referring to a flowchart shown in FIG. 6.
A wireless transmission line (802.11 association) in the wireless LAN is established between the mobile terminal 100 and the wireless base station 200 (step 700). “802.11” refers to a standard of a wireless LAN standardized by the IEEE 802 Committee, and 2.4 GHz band DS (direct spread), FH (frequency hopping) system, etc. is prescribed.
Then, the wireless base station 200 transmits an 802.1X authentication request signal for authenticating access by the mobile terminal 100 (step 710). In this example, “802.1X” refers to a standard of an authentication protocol standardized by the IEEE 802 Committee, and is used in user authentication, etc. during logging in a wireless LAN.
The mobile terminal 100 returns to the wireless base station 200 an 802.1X authentication reply signal corresponding to an 802.1X authentication request signal received from the wireless base station 200 (step 720).
The wireless base station 200 converts the 802.1X authentication reply signal which is a wireless region specific signal received from the mobile terminal 100 into a RADIUS authentication signal which is an IP (Internet protocol) layer signal (step 730), and transmits the converted RADIUS authentication signal as a RADIUS authentication reply signal to the access network control station 300 (step 740). “RADIUS” refers to the standard (RFC 2138) of the user authentication system standardized by the IETF, and is used when access is permitted or rejected, etc. according to user information.
The access network control station 300 determines whether or not access by the mobile terminal 100 is permitted according to the RADIUS authentication reply signal received from the wireless base station 200. When access is permitted, a RADIUS authentication permission signal is transmitted to the wireless base station 200 (step 750).
The wireless base station 200 converts a RADIUS authentication permission signal which is an IP layer signal into an 802.1X authentication permission signal which is a wireless specific signal (step 760), and the converted 802.1X authentication permission signal is transmitted to the mobile terminal 100 (step 770).
Then, the mobile terminal 100 starts communications with a terminal external to the wireless access network (step 780).
As described above, in access control shown in FIG. 6 the conventional wireless access system realizes access control to equipment external to the wireless access network by converting a wireless region specific signal into an IP layer signal by the wireless base station. On the other hand, the technology of the IP layer has been advanced through the standardization by the IETF, etc., and technologies of authentication, accounting, QoS (Quality of Service) control, etc. have been newly developed.
In the conventional wireless access system, the IP layer technology can be applied to a wireless access network if a new IP layer technology is added or amended to a wireless region specific signal in the processes in steps 700 to 720 in the wireless base station.
However, after completing the access control process, the processes in steps 700 to 720 are not performed. Therefore, unless a new IP layer technology is added or amended to the wireless region specific signal before completing the access control process in the wireless base station, all IP packets received and put in packets by the wireless base station are transmitted outside the wireless access network without applying a new IP layer technology.
The present invention aims at providing a wireless access control method and a wireless access system in which a new IP layer technology can be applied to a wireless access network without a wireless base station adding or amending the new IP layer technology to a wireless region specific signal.