WIPO logo
Mobile | Deutsch | Español | Français | 日本語 | 한국어 | Português | Русский | 中文 | العربية |
PATENTSCOPE

Search International and National Patent Collections
World Intellectual Property Organization
Search
 
Browse
 
Translate
 
Options
 
News
 
Login
 
Help
 
maximize
Machine translation
1. (WO2007069207) ACCESS CONTROL IN A NETWORK
Note: Text based on automatic Optical Character Recognition processes. Please use the PDF version for legal matters

CLAIMS:

1. An apparatus for controlling access to devices of a network, the apparatus comprising:
group means (301) for determining permission settings for at least one authorization group of a plurality of authorization groups for a plurality of devices;
storage means (305) for storing the permission settings;
means (309) for receiving an access permission request for a first device (109) accessing a second device (101);
means (311) for associating the first device (109) with a first group of the at least one authorization group in response to a user input;
means (313) for determining first permission settings for the first device (109) accessing the second device (101) by retrieving the permission settings for the first group from the storage means; and
communicating means (315) for communicating the first permission settings to the second device.

2. The apparatus of claim 1, wherein the group means (301) is arranged to determine the permission settings in response to a user input.

3. The apparatus of claim 1, wherein the group means (301) is arranged to determine the permission settings in response to a permission profile received from the second device (101).

4. The apparatus of claim 1, wherein the communicating means (315) is arranged to generate an entry for the first device (109) for an access control list of the second device (101) in response to the first permission settings and to communicate the entry to the second device (101).

5. The apparatus of claim 1, further comprising means for dividing the at least one authorization group into a plurality of authorization groups in response to a user input.

6. The apparatus of claim 1, wherein the communicating means (315) is arranged to determine if the second device (101) is available and, if not, to delay communication of the first permission settings until the second device (101) is available.

7. The apparatus of claim 6, wherein the apparatus comprises means for storing a synchronization state for each device associated with the apparatus, the synchronization state being indicative of whether any communications of permission settings are pending.

8. The apparatus of claim 6, comprising means for indicating to a user of the apparatus that the communication of the first permission settings to the second device is pending.

9. The apparatus of claim 1, wherein the access permission request is a group access permission request for a plurality of devices for which permission is to be determined, and wherein the apparatus is arranged to generate an entry of an access control list of the second device (101) corresponding to the first permission settings for each of the plurality of devices.

10. An apparatus as claimed in claim 1, wherein the network is a Universal Plug and Play (UPnP) network, the first device (109) is a Control Point, the second device (101) is a Device and the apparatus is a Security Console.

11. A network comprising:
at least a first and a second device (109, 101); and
a control device (107) comprising:
group means (301) for determining permission settings for at least one authorization group of a plurality of authorization groups for a plurality of devices,
storage means (305) for storing the permission settings,
means (309) for receiving an access permission request for a first device (109) accessing a second device (101),
means (311) for associating the first device (109) with a first group of the at least one authorization group in response to a user input,
means (313) for determining first permission settings for the first device (109) accessing the second device (101) by retrieving the permission settings for the first group from the storage means (305), and
communicating means (315) for communicating the first permission settings to the second device (101),
wherein the second device (101) comprises means for controlling access from the first device (109) in accordance with the first permission settings.

12. A method of controlling access to devices of a network, the method comprising the steps of:
determining permission settings for at least one authorization group of a plurality of authorization groups for a plurality of devices;
storing the permission settings;
receiving an access permission request for a first device (109) accessing a second device (101);
associating the first device (109) with a first group of the at least one authorization group in response to a user input;
determining first permission settings for the first device (109) accessing the second device (101) by retrieving the stored permission settings for the first group; and
communicating the first permission settings to the second device (101).