1. Field of the Invention
The present invention relates to the field of telecommunications. More particularly, the present invention relates to associating a request for a switched virtual circuit (SVC) service in a high speed network to an originating subscriber, so that the network can apply the subscriber's individual service policies, and optionally registering an access port address to the subscriber.
2. Background Information
Currently, when network subscribers access a high speed network for SVC services, the port being used for the access is associated with the SVC service request. Thus, if multiple subscribers could access the network from a single port, each subscriber would not be uniquely associated with the network access. Similarly, if a subscriber could access the network from a location remote from the subscriber's normal access port (e.g., accessing from a public access port), the subscriber is not associated with the network access. In both cases, because the port is associated with the network access rather than the subscriber, control of access to the network is inadequate.
In a conventional telephone network, access requests do not require control for several reasons. For example, each connection across the network consumes a predetermined amount of bandwidth, regardless of the application employing the connection. In addition, a user in a conventional telephone network is limited to a single connection at each physical interface. In other words, there are natural, systematic limits on the resources a single subscriber is able to consume in the telephone network.
In high speed networks, a single connection can consume the bandwidth of many thousands of conventional telephone network connections. Moreover, many connections can be simultaneously active on a single interface to the network. Thus, due to the potential for depletion of available resources, authorization on a per connection request basis is more important in a high speed network than in the conventional public switched telephone network (PSTN). Accordingly, there is a need for reliable authentication and control of subscriber access to high speed networks.
High speed networks, such as ATM networks, are often configured to use switched virtual circuits (SVCs), which are temporary connections established by the user at the time of call set-up. SVCs generally provide a flexible bandwidth adjusted to accommodate the application being supported by the connection. Typically, customers using SVCs pay a network provider on a per connection time basis, as opposed to paying monthly fees, as for permanent connections. In high speed networks, the bandwidth and SVCs themselves are both limited network resources. Therefore, from the network provider's point of view, each request from a subscriber to establish an SVC must be policy checked to determine if the subscriber has the right to the requested resources, as based on a prior service level agreement.
Furthermore, high speed network subscribers are often groups of users as opposed to individual users. Each group is allocated a combined set of resources, including SVCs and bandwidth, collectively available to the entire group at any one time. Again, close monitoring of the use of group allocated resources is necessary to avoid overcrowding and interference on the network and consumption in excess of the services contracted for by the users.
When a subscriber requests access from a network assigned, non-shared location, the network can identify the port requesting access and can identify the subscriber based upon a known association between the fixed port and the subscriber. In the case of nomadic users, however, ports are not associated with subscribers, preventing simple identification of nomadic users. Thus, remote port SVC connections do not provide the subscribers with the service policies to which the subscribers are entitled.
Furthermore, even when a subscriber originates a request from a fixed port, existing methods are able to associate only one user at a time with the fixed access port. This restriction is problematic when multiple subscribers require access to a single port, and when a single subscriber has multiple subscriber identities from the network's point of view, e.g., each identity has a different service policy.
Establishing a connection to a virtual private network, such as an ATM network, is well known in the field of telecommunications. For example, TELLO et al., U.S. Pat. No. 6,032,118, teach a method for accessing (and billing) a virtual private network through a data network from a remote location using terminals, such as desktop, laptop and notebook computers. The method of TELLO et al., however, is limited in that the authentication steps are cumbersome and inconvenient. In particular, the user must affirmatively select the identification and password and a virtual private network. An encryption key is then sent to the user, along with an authorization code upon password verification. Also, the method of TELLO et al. does not provide a registration process, by which the virtual private network would “memorize” the user's remote location and treat it as part of the network. Therefore, the user must repeat the authentication process each time access is attempted, even if using the same port.
The overarching need is to enable subscribers to a high speed network to access that network, even when calling from a remote location, so that appropriate corresponding service policies may be implemented. Also, the need includes permitting a nomadic subscriber to associate the temporary physical address with the subscriber's network for as long as the subscriber desires. Currently, the high speed networks and associated SVC connection systems do not meet these needs.