AUTHORIZING SECURED WIRELESS ACCESS AT HOTSPOT BY LOADING USER-SPECIFIC ACCESS CREDENTIAL FOR USER ACCORDING TO IDENTITY OF THE USER

摘要

A hotspot provides an open wireless network and a secure wireless network. The open wireless network has no network-level encryption and allows open association therewith. The secure wireless network employs network-level encryption and requires authentication of a received access credential from a client device before allowing association therewith. A system for authorizing the client device for secured access at the hotspot includes an access controller configured to establish an encrypted connection between the client device and a login portal of the hotspot over the open wireless network, and to store a user-specific access credential transmitted via the encrypted connection as a valid access credential in a credential database. The credential database is accessed by wireless access points of the hotspot to authenticate the received access credential from the client device in response to a request from the client device to associate with the secure wireless network.

主权项

1. A method of authorizing secured wireless access at a hotspot, the method comprising:
providing an open wireless network having no network-level encryption and allowing open association therewith by a client device; establishing an encrypted connection between the client device and a login portal of the hotspot over the open wireless network; requiring a user of the client device to perform a predetermined sign-up process at the login portal in order to determine an identify of the user; accessing a reservation database in order to load a user-specific access credential for the user according to the identity of the user; adding the user-specific access credential as a valid access credential in the credential database, wherein the credential database stores a plurality of valid access credentials acceptable for gaining secure wireless access at the hotspot; transmitting the user-specific access credential from the login portal to the client device via the encrypted connection; providing a secure wireless network employing network-level encryption and requiring successful completion of an authentication process before allowing association therewith by the client device; receiving a request from the client device to associate with the secure wireless network after the user-specific access credential has been added to the credential database; receiving the user-specific access credential from the client device as a part of the authentication process performed before the client device is allowed to associate with the secure wireless network; accessing the credential database to check whether the user-specific access credential received from the client device during the authentication process corresponds to one of the valid access credentials stored in the credential database; allowing the client device to associate with the secure wireless network only when the user-specific access credential received from the client device during the authentication process corresponds to one of the valid access credentials stored in the credential database; and allowing the client device to access the Internet over the secure wireless network after the client device has successfully associated with the secure wireless network until an Internet access expiry time is reached.