US007490348B1
`
`(12) United States Patent
`Harris
`
`(10) Patent N0.:
`(45) Date of Patent:
`
`US 7,490,348 B1
`Feb. 10, 2009
`
`(54)
`
`(75)
`
`WIRELESS NETWORK HAVING MULTIPLE
`COMMUNICATION ALLOWANCES
`
`Inventor: Scott C. Harris, Rancho Santa Fe, CA
`(Us)
`
`(73)
`
`Assignee: Harris Technology, LLC, Rancho Sante
`Fe, CA (U S)
`
`(*)
`
`Notice:
`
`Subject to any disclaimer, the term of this
`patent is extended or adjusted under 35
`USC 154(b) by 684 days.
`
`(21)
`
`(22)
`
`(60)
`
`(51)
`
`(52)
`
`(58)
`
`(56)
`
`Appl. No.: 10/800,472
`
`Filed:
`
`Mar. 15, 2004
`
`Related US. Application Data
`
`Provisional application No. 60/454,694, ?led on Mar.
`17, 2003.
`
`Int. Cl.
`(2006.01)
`H04L 29/00
`US. Cl. ................. .. 726/4; 726/2; 726/14; 726/21;
`726/27; 713/153; 713/155; 713/166; 725/29;
`725/30
`Field of Classi?cation Search ................... .. 726/3,
`726/4, 5, 7, 14, 15, 17, 19, 21, 27, 2; 713/166,
`713/153, 155; 709/203, 225; 725/29, 30
`See application ?le for complete search history.
`
`References Cited
`
`U.S. PATENT DOCUMENTS
`
`5,272,754 A * 12/1993 Boerbert ................... .. 713/159
`6,044,349 A *
`3/2000 Tolopka et a1. ..
`705/1
`6,119,945 A *
`9/2000 Muller et a1. .......... .. 235/492
`6,181,684 B1* 1/2001 Turcotte et a1. ........... .. 370/332
`
`6,240,455
`6,304,973
`6,332,163
`6,337,912
`6,356,937
`6,463,338
`6,530,025
`6,606,659
`6,615,251
`6,719,200
`6,934,841
`6,970,927
`7,062,750
`7,130,904
`7,286,848
`2002/0022483
`2002/0178365
`2002/0188589
`2003/0004950
`2003/0079120
`2003/0087649
`2003/0177237
`2003/0231610
`2004/0004965
`2004/0073674
`2005/0086346
`
`5/2001
`10/2001
`12/2001
`1/2002
`3/2002
`10/2002
`3/2003
`8/2003
`9/2003
`4/2004
`8/2005
`11/2005
`6/2006
`10/2006
`10/2007
`2/2002
`11/2002
`12/2002
`1/2003
`4/2003
`5/2003
`9/2003
`12/2003
`1/2004
`4/2004
`4/2005
`
`Kamasaka et al. ........ .. 709/229
`
`Williams . . . . . . . . . . . . .
`
`. . . . .. 726/3
`
`Bowman-Amuah ..
`
`Buhr et al. ...... ..
`Montville et al. .
`
`709/231
`
`380/279
`709/206
`
`Neet ................. ..
`
`700/17
`
`.... .. 726/4
`Nakagawa et al.
`709/225
`Hegli et al. ..... ..
`709/218
`Klug et al.
`235/382
`Wiebe ......... ..
`713/159
`Boyles et a1.
`709/225
`Stewart et al.
`Whidby et al. ............ .. 717/103
`
`Kitchin ..................... .. 709/225
`Vireday et al.
`.. 455/5501
`Thompson et al.
`Yamaguchi ........ ..
`
`713/182
`
`Salmenkaita et al. ......... .. 707/1
`
`Wils et al. ................... .. 707/10
`Hearn et al.
`713/150
`Bhatia et al.
`455/456
`Stebbings .... ..
`709/225
`Haddad
`370/338
`Chen et al. ...... ..
`370/395.2
`
`Vergnaud et al. ..
`
`..... .. 709/226
`
`Meyer ...................... .. 709/229
`
`* cited by examiner
`
`Primary ExamineriCarl Colin
`
`(57)
`
`ABSTRACT
`
`Multiple levels of Wireless network resource granting. A user
`who has an authorized key, e.g., an encryption key or a key
`indicating that they have paid for service, gets a ?rst, better
`level of access to the network resources. One without the key
`is granted lesser access, e.g., less total bandwidth, less band
`width speed, no access to ?les or the like.
`
`14 Claims, 1 Drawing Sheet
`
`[98
`US
`[/30
`nu J
`K100 i
`l
`I
`C 1
`1
`99 i
`i
`‘ '
`ftmj
`SERVER l
`1
`l
`: |—_ :
`lr —————————— ——1'
`:
`K72 :
`l
`1
`,1
`C3 5
`:
`g
`
`'
`
`|
`
`Wireless
`@454; USER’
`
`|
`
`Wireless
`PR/N/(Yr/NTERNET
`
`ER2
`
`Wireless
`USE/73
`LIMITS
`—> Commercial Only
`—> Limited Quantity / Request
`/ Computer
`
`STARWOOD Ex 1001, page 1
`
`

`
`US. Patent
`
`Feb. 10, 2009
`
`US 7,490,348 B1
`
`f98
`0S
`
`1/130
`K100 5
`E
`.
`IABCDEF i
`K110 ;
`
`: Wireless ;
`FULL FILE
`ACCESS
`
`F99 i
`:
`:
`SERVER 5
`
`I: :
`
`i i
`
`IPUBLIC :
`i
`i ---------- --1'
`
`r120 :
`i
`i
`i
`i
`t
`:
`:
`I ___________ _ _|
`
`‘ Wireless PR‘INT & INTERNFT
`
`ONLY
`
`‘
`l Wireless
`‘ LIMITS * USE/93
`—> Commercial Only
`—> Limited Quantity / Request
`—>
`/ Computer
`
`FIG. 1
`
`STARWOOD Ex 1001, page 2
`
`

`
`US 7,490,348 B1
`
`1
`WIRELESS NETWORK HAVING MULTIPLE
`COMMUNICATION ALLOWANCES
`
`This application claims priority to US. Provisional Ser.
`No. 60/454,694 ?led Mar. 17, 2003.
`
`FIELD OF INVENTION
`
`Wireless networks are well-known, and may be based, for
`example, on the 802.1 1 standard. Because the contents of the
`wireless network can be received by anyone with wireless
`access, security may be achieved through encryption of the
`stream. Anyone with an encryption code can tap into the
`network. Those without the encryption code, however, simply
`cannot decode the wireless stream. In addition, standard net
`work protocols may be used, so that not only the encryption
`code, but also a network login, is necessary.
`
`SUMMARY
`
`The present application describes a wireless network,
`de?ning a plurality of different classes of service, where the
`different classes of service include at least a ?rst class of
`service that includes a ?rst set of permissions for access to
`resources, and a second class of service which includes a
`second set of permissions of access to resources.
`
`20
`
`25
`
`BRIEF DESCRIPTION OF THE DRAWINGS
`
`These and other aspects will now be described in detail
`with reference to the accompanying drawings, in which:
`FIG. 1 shows a basic diagram of the networks described
`herein.
`
`30
`
`DETAILED DESCRIPTION
`
`Wireless networks have been used for other things besides
`secure ?le transfer. For example, Internet Cafes, and “wire
`less hot spots” may include the capability of communication
`to a user’s personal laptop which is equipped with a wireless
`card. This may use a network key for the encryption of the
`word “public”, or a network key which is given to users who
`pay for the service or pay for a drink or food, or without any
`network key at all. Certain areas such as hotel rooms are often
`wireless enabled. However, the communication is typically or
`totally on, or totally off; that is either the user is allowed to
`receive wireless Internet, or the user is blocked from all
`communications.
`The present system teaches a network with multiple levels
`of capability, depending on the access credentials possessed
`by the user. FIG. 1 shows this being carried out using multiple
`network cards or NICs. However, the same effect can be
`obtained with a single NIC. Preferably the network cards are
`wireless, using one of the features of IEEE 802.11 wireless
`communication protocols.
`Different classes of users may be assigned. The ?rst class
`of users, shown as user 1, are allowed ?le access to ?les and
`information from the server. These users may be given the
`encryption key, here for the ?rst NIC 100 here shown as
`ABCDEF. These users may be allowed the highest level of
`access to resources. As conventional users who have the com
`plete set of credentials, they are allowed unlimited upload and
`download, and full ?le access (that is allowed to non-admin
`istrator users). In addition, these users may be allowed the
`maximum upload and download speeds which is given to
`network users, and to receive all different kinds of Internet
`and ?les from all sources.
`
`35
`
`40
`
`45
`
`50
`
`55
`
`60
`
`65
`
`2
`For example, the amount of access which is provided to
`these users may be assigned by the operating system which
`drives the NICS. For example, if Windows XP is used as the
`operating system, it may assign NIC 100 with unlimited ?le
`access.
`A second class of users shown as user 2 do not have the
`credentials, here the encryption key, for the network card 100,
`and hence use the encryption key “public” and thereby can
`only communicate with the network card No. 2 shown as 110.
`Alternatively, these same users may communicate using no
`encryption key at all. The network card 110 allows only some
`subset of the operations that are allowed by the network card
`1 00. For example, the user 2 may receive Internet only, and no
`?le access. They may be allowed to print. In addition, the
`upload and download speeds may be limited or severely lim
`ited; for example, the Internet may be limited to 1M download
`speeds and 100K of upload speed.
`This system as described above may be usable in an o?ice
`environment. For example, users who are actually members
`of the of?ce obtain ?le access, while visitors only receive
`print and Internet access.
`Another contemplated use is in pay-for-Internet use. The
`user 1 may pay a higher fee than the user 2. For example, user
`2 may pay only for limited Internet, while user 1 may pay for
`access to resources such as video over IP, and higher down
`load speeds from the Internet.
`In addition, a third class of users shown as user 3 may be
`de?ned. These users communicate only to NIC 120. Note that
`while this describes users 1, 2 and 3, any subset of these users
`may be used, for example a system may be con?gured which
`only communicates with user 1 and user 3. The NIC No. 3 is
`shown as having no encryption code whatsoever. User 3 is
`limited even further. User 3 may receive only commercial
`parts of the Internet. In the of?ce environment, this may limit
`the Internet to web pages describing the of?ce and/ or certain
`intranet sites. In a pay for internet environment, this may
`describe the “free” user, who may only receive certain con
`tent. User 3 may also receive a severely restricted bandwidth
`and/or only a limited quantity of information. For example,
`the user 3 may be assigned a token which allows them only to
`receive for example total of 1 megabytes of download and
`only to upload 100 Kilobytes of upload. This even further
`limits the user 3.
`As described above, the different users in their different
`classes have different levels of ?le access, and resource
`access, resource speed and resource amount.
`FIG. 1 shows this being carried out with three different
`network cards over the same airspace. Alternatively, the three
`different networks may be carried out as part of a single
`network card; shown as network card 130. For example, this
`may include three network resources which operate on the
`single card. Alternatively, the three different kinds of
`resources may be carried out in software, for example this
`may be carried out by three different network resource allow
`ances within the software that runs the network card or within
`the server 99.
`Other implementations are within the disclosed embodi
`ment
`What is claimed is:
`1. A wireless network, comprising:
`a ?rst communication part de?ning a ?rst class of service
`that includes a ?rst set of permissions for access to
`resources including access to ?les on a system being
`controlled by said ?rst communication part, and a sec
`ond communication part, transmitting a separate com
`munication stream from said ?rst communication part,
`over substantially a same transmitting area as said ?rst
`
`STARWOOD Ex 1001, page 3
`
`

`
`US 7,490,348 B1
`
`3
`communication part, and said second communication
`part de?ning a second class of service Which includes a
`second set of permissions of access to resources, Where
`said second set of permissions does not include said
`access to said ?les on said system,
`said ?rst communication part having its access controlled
`by requiring users of the ?rst communication part to use
`a ?rst key, said ?rst key being a non-public key of a type
`that controls access, and automatically provides access
`to users that have said ?rst key and does not provide
`access to users Who do not have said ?rst key, said
`second communication part alloWing access Without
`said ?rst key;
`Wherein said second communication part alloWs said
`access upon detecting a second key Which is a public
`key, and does not alloW said access When not detecting
`said second key;
`a third communication part, transmitting a separate com
`munication stream from said ?rst communication part,
`and separate from said second communication part, over
`substantially a same transmitting area as said ?rst and
`second communication parts, and said third communi
`cation part de?ning a third class of service Which
`includes a third set of permissions of access to resources,
`Where said third set of permissions does not include said
`access to said ?les on said system, and alloWs access to
`only speci?ed internet sites;
`Wherein said third communication part alloWing access
`Without needing any key.
`2. A netWork as in claim 1, Wherein said ?rst class of
`service includes a greater speed of netWork access than said
`second class of service.
`3. A netWork as in claim 1, Wherein said Wireless netWork
`includes an access granting mechanism, that detects a user’s
`key, and automatically grants one of said ?rst and second
`levels of services based on detecting one of said ?rst or second
`key, or grants said third level of service if a user is detected
`Without said ?rst or second key.
`4. A Wireless netWork system, comprising:
`a ?rst Wireless netWork portion, including a ?rst netWork
`transmitter, Which is accessed by users having a ?rst key
`Which is a non-public key of a type that controls access,
`and Which alloWs a ?rst speci?ed level of access to
`services, and Which automatically grants access to users
`having said ?rst key but does not grant access to users
`Who do not have said ?rst key; and
`a second Wireless netWork portion, including a second
`netWork transmitter transmitting over substantially the
`same area as said ?rst netWork transmitter, Which is
`accessed by users not having said ?rst key, Which alloWs
`a second speci?ed level of access to services Which
`includes less services than said ?rst speci?ed level of
`access to services;
`Wherein said second Wireless netWork portion alloWs said
`access upon detecting a second key Which is a public
`key, and does not alloW said access When not detecting
`said second key;
`a third Wireless netWork portion, transmitting a separate
`communication stream from said ?rst and second Wire
`less netWork portions, and separate from said ?rst and
`second Wireless netWork portions, over substantially a
`same transmitting area as said ?rst and second Wireless
`netWork portions, and said third Wireless netWork por
`tions de?ning a third class of service Which includes a
`
`5
`
`20
`
`25
`
`30
`
`35
`
`40
`
`45
`
`50
`
`55
`
`60
`
`4
`third set of permissions of access to resources, Where
`said third set of permissions does not include access to
`?les on said system, and alloWs access to only speci?ed
`internet sites,
`Wherein said third communication part alloWing access
`Without needing any key.
`5. A system as in claim 4, Wherein said second speci?ed
`level of access to services speci?es an amount of bandWidth.
`6. A system as in claim 4, Wherein said second speci?ed
`level of access to services speci?es an amount of access to
`netWork ?les.
`7. A system as in claim 4, Wherein said ?rst and second
`Wireless netWork portions are separate Wireless netWork
`interface cards operating in the same location.
`8. A system as in claim 4, Wherein said non-public key is an
`encryption key.
`9. A method, comprising:
`at a ?rst location, ?rst alloWing a user to obtain access to
`Wireless netWork resources Which has a speci?ed level
`of netWork features by using a ?rst key Which is a non
`public encryption key, to access a ?rst Wireless netWork
`portion that has said ?rst speci?ed level of netWork
`features;
`at said ?rst location, second alloWing a user to obtain
`access to only a ?rst subset of said speci?ed level of
`netWork features, less than said speci?ed level of net
`Work features, and having a more limited doWnload
`speed than said ?rst Wireless netWork, by accessing a
`second Wireless netWork portion using a second key
`Which is a public encryption key; and
`at said ?rst location, third alloWing a user to obtain access
`to only a second subset of speci?ed internet sites, com
`prising less access than said ?rst subset of said speci?ed
`level of netWork features, by accessing a third Wireless
`netWork portion, said third Wireless netWork portion
`de?ning a third class of service;
`Wherein said third alloWing alloWs access Without needing
`any encryption key and Wherein each of said ?rst, second
`and third Wireless netWork portions transmit a separate
`communication over substantially a same transmitting
`area as said ?rst and second Wireless netWork portions;
`and
`automatically granting said ?rst alloWing if a ?rst encryp
`tion key is detected, automatically granting said second
`alloWing if a second encryption key is detected, and
`automatically granting said third alloWing if neither said
`?rst nor second encryption key is detected.
`10. A method as in claim 9, Wherein said second alloWing
`alloWs said access upon detecting a second key, and does not
`alloW said access When not detecting said second key.
`11. A method as in claim 9, Wherein said ?rst alloWing
`alloWs access to ?les, and said second alloWing does not alloW
`access to any ?les, but does alloW access to lntemet.
`12. A method as in claim 9, further comprising detecting a
`user’s netWork credential, and automatically granting one of
`said ?rst alloWing or said second alloWing based on said
`credential.
`13. A method as in claim 9, Wherein said ?rst non-public
`key comprises an indication that a user has paid for a certain
`speci?ed service.
`14. A method as in claim 9, Wherein said second alloWing
`alloWs internet access but only to certain Web pages.
`
`*
`
`*
`
`*
`
`*
`
`*
`
`STARWOOD Ex 1001, page 4