DETAILED DESCRIPTION OF THE EMBODIMENTS

[0066] Incorporation by Reference

[0067] U.S. patent application Ser. No. 09/551,291 titled “A Distributed Network Communication System which Enables Multiple Network Providers to Use a Common Distributed Network Infrastructure” and filed on Apr. 18, 2000, whose inventors are Brett B. Stewart, James W. Thompson and Kathleen E. McClelland is hereby incorporated by reference in its entirety as though fully and completely set forth herein.

[0068] U.S. Pat. No. 5,835,061 titled “Method and Apparatus for Geographic-Based Communications Service”, whose inventor is Brett B. Stewart, is hereby incorporated by reference in its entirety as though fully and completely set forth herein.

[0069] U.S. Pat. No. 5,969,678 titled “System for Hybrid Wired and Wireless Geographic-Based Communications Service”, whose inventor is Brett B. Stewart, is hereby incorporated by reference in its entirety as though fully and completely set forth herein.

[0070] U.S. patent application Ser. No. 09/433,817 titled “Geographic Based Communications Service” and filed on Nov. 3, 1999, whose inventors are Brett B. Stewart and James Thompson, is hereby incorporated by reference in its entirety as though fully and completely set forth herein.

[0071] U.S. patent application Ser. No. 09/433,818 titled “A Network Communications Service with an Improved Subscriber Model Using Digital Certificates” and filed on Nov. 3, 1999, whose inventors are Brett B. Stewart and James Thompson, is hereby incorporated by reference in its entirety as though fully and completely set forth herein.

[0072] U.S. patent application Ser. No. 09/551,309 titled “System and Method for Managing User Demographic Information Using Digital Certificates” and filed on Apr. 18, 2000, whose inventors are Brett B. Stewart and James Thompson, is hereby incorporated by reference in its entirety as though fully and completely set forth herein.

[0073] FIG. 1 —Network Communication System

[0074] FIG. 1 shows one embodiment of a distributed network communication system 100 . The network system 100 may include one or more access points 120 , preferably a plurality of access points 120 . At least a subset of the access points 120 are wireless access points (APs) 120 which communicate with a portable computing device (PCD) 110 in a wireless fashion. Each wireless access point (AP) 120 may have a wireless connection or transceiver (e.g., an antenna) and may operate according to various wireless standards, such as wireless Ethernet (IEEE 802.11), Bluetooth, etc. One or more of the access points 120 may also be wired access points which communicate with a portable computing device 110 in a wired fashion.

[0075] Each AP 120 may be coupled to a network 130 . The network 130 may comprise a wired network, a wireless network or a combination of wired and wireless networks. For example, the network 130 may be a standard “wired” Ethernet network which connects each of the wireless (and wired) access points 120 together. The network 130 may also be a wireless network based on IEEE 802.11. The network 130 may form part of the Internet 170 , or may couple to other networks, e.g., other local or wide area networks, such as the Internet 170 .

[0076] The network 130 may also include or be coupled to other types of communications networks, (e.g., networks other than those comprised in the Internet) such as the public switched telephone network (PSTN), whereby a user using PCD 110 may send and receive information from/to the PSTN or other communication network through a wireless service provider. The network 130 may also include, or be coupled to, another wide area network 130 , such as a proprietary WAN. The network 130 thus may be, or be coupled to, any of various wide area networks (WANs) or local area networks (WANs), including the Internet 170 .

[0077] The access points (APs) 120 may be widely distributed in various facilities, such as airports, mass-transit stations, hotels, shopping malls, restaurants and other businesses, such as business offices, law firm offices, retail stores, etc. For example, where the access points 120 are distributed in an airport, one or more access points 120 may be distributed throughout various terminals in the airport, in an airline club, and in coffee shops, restaurants or rental car counters at the respective airport. The access points 120 may thus be primarily designed to service mobile users, wherein it may not be known ahead of time which mobile users will be accessing the network from which locations. Thus the network system 100 is preferably a distributed network system, with access points placed in locations to service mobile users. This differs from a conventional fixed LAN, where it is generally pre-configured as to which pre-determined users will be using which nodes in the fixed LAN on a day-to-day basis, and the relative access levels that these predetermined users have is also pre-configured.

[0078] Each access point 120 may comprise information used to identify or select a wireless service provider (also called a network provider) for a particular user, as well as related access information to enable the wireless service provider to provide access. Each access point 120 may comprise information used to enable network access through a wireless service provider of a plurality of possible wireless service providers. Thus each access point 120 may support a plurality of different wireless service providers. When in sufficiently close range to an access point 120 , or when the PCD 110 is directly coupled to an access point 120 in a wired fashion, the PCD 110 may access the network utilizing a particular wireless service provider, as discussed further below.

[0079] A user operating a portable computing device (PCD) 110 may communicate with one of the access points 120 to gain access to network services, such as Internet access. The portable computing device (PCD) 110 may have a wireless communication device, e.g., a wireless Ethernet card, Bluetooth wireless interface, etc., for communicating with a wireless access point 120 . The portable computing device (PCD) 110 may instead have a wired communication device, e.g., an Ethernet card, for communicating with a wired access point 125 .

[0080] The portable computing device 110 may be any of various types of devices, including a computer system, such as a portable computer, a personal digital assistant (PDA), an Internet appliance, a communications device or telephony device, or other wired or wireless device. The PCD may include various wireless or wired communication devices, such as a wireless Ethernet (IEEE 802.11) card, Bluetooth logic, paging logic, RF communication logic (such as cellular phone logic), a wired Ethernet card, a modem, a DSL device, an ISDN device, an ATM device, a parallel or serial port bus interface, or other type of communication device.

[0081] The PCD 110 preferably includes a memory medium which stores identification information indicating a wireless service provider to which the user has subscribed. The indicated wireless service provider may be one of a plurality of possible wireless service providers that provide Internet access or other network services in a network system such as that shown in FIG. 1 . The identification information may be a System ID (an 802.11 System ID), a MAC ID of a wireless Ethernet device comprised in the PCD 110 , the name of the wireless service provider, or other type of information that uniquely identifies one (or more) wireless service providers. Where the wireless network is IEEE 802.11 wireless Ethernet, the identification information or System ID may be a SSID (Service Set ID), an ESSID (Extended Service Set ID) or possibly a BSSID (Basic Service Set ID). Where the wireless network is Bluetooth, the identification information may be an IP address. The identification information may be contained in a digital certificate, which may be stored in a web browser or other location of the personal computing device 110 .

[0082] Where the access point 120 is a wireless access point 120 , the wireless communication may be accomplished in a number of ways. In one embodiment, PCD 110 and wireless AP 120 are both equipped with an appropriate transmitter and receiver compatible in power and frequency range (e.g., 2.4 GHz) to establish a wireless communication link. Wireless communication may also be accomplished through cellular, digital, or infrared communication technologies, among others. To provide user identification and/or ensure security, the PCD 110 may use any of various security mechanisms, such as WEP (Wired Equivalent Privacy).

[0083] Where the access point 120 is a wired access point 120 , the wired connection may be accomplished through a variety of different ports, connectors, and transmission mediums. For example, the PCD 110 may be connected through an Ethernet, USB, serial, or parallel transmission cables, among others. The PCD 110 may also include various communication devices for connecting to the AP 120 , such as wired Ethernet cards, modems, DSL adapters, ATM adapters, IDSN devices, or other communication devices. For example, a hotel may have Ethernet connections in the restaurants, shops, and guest rooms. An airline club, e.g., an airport Admiral's Club, may also have both wireless and wired connections for mobile users. A user may connect to a wired access point 120 through the use of a laptop computer (PCD 110 ), an Ethernet network card, and a network cable. This connection may have the same impact as a connection made to a wireless AP 120 as discussed above. In other words, a user using a wired PCD 110 is able to “roam” on various network infrastructures in the same manner as a user using a wireless PCD 110 .

[0084] One or more wireless service providers may each have an associated network device 160 coupled to the network 130 . For example, FIG. 1 illustrates network devices 160 associated with three different wireless service providers. The network devices 160 may take any of various forms, such as a computer system, router, bridge, etc. It is noted that wireless service providers may provide network services at a network location without being required to locate any equipment or bandwidth at the network location. For example, a wireless service provider may combine VLANs and IP tunneling to avoid having to locate any equipment or bandwidth at a particular network location.

[0085] A user operating a portable computing device 110 will typically have previously subscribed with one (or more) Wireless Service Providers (WSPs), also called network providers. Examples of wireless service providers include Wayport, MobileStar and Softnet, among others. As discussed further below, when the PCD 110 of a user communicates with an AP 120 , the respective wireless service provider to which the user is subscribed is determined. If no previous affiliation with a wireless service provider is detected, a default wireless service provider may be selected. After the wireless service provider is determined or selected, network access or services may be provided through that wireless service provider. For example, data or packets from the respective PCD 110 may be routed to a destination designated by the respective wireless service provider, such as the respective provider's network device 160 . This effectively allows a plurality of wireless service providers to each offer access on a common network infrastructure, i.e., on common access points. Thus a single access point can support multiple different wireless service providers, i.e., can support subscribers of multiple different wireless service providers. This also allows subscribers of various wireless service providers to “roam” on other networks, such as networks installed and/or maintained by other providers, or networks maintained by independent third parties.

[0086] The network system 100 may also include a management information base (MIB) 150 . The MIB 150 may be a mechanism, such as a memory, which may allow the persistent storage and management of information needed by network 130 to operate. For example, in one embodiment of the invention, the MIB 150 may store a data structure, such as a table comprising a list of identification information and a corresponding list of the plurality of possible wireless service providers. The data structure may also store access information, which may comprise associated methods for providing data to the respective plurality of possible wireless service providers. The access information may further comprise access level or privilege level information. Thus, the data structure may comprise a table having a plurality of tuples, with each tuple having the identification information, e.g., a System ID, the corresponding wireless service provider, and access information containing a method of access to the provider, possibly including a destination IP address or other methodology for accessing the provider's site. In an alternate embodiment, as noted above, the data structures which store this information may be comprised in each of the access points 120 , or may be provided in various other locations. Each tuple may further include wired transport information, such as a VLAN tag, Generalized Routing Encapsulation (GRE), or other wired transport information, indicating a channel to be used on the wired network to which the AP 120 is coupled.

[0087] As discussed further below, when a portable communication device 110 of a user begins communication with an access point 120 , the portable communication device 110 may transmit wireless service provider ID information, and the wireless service provider for the portable computing device 110 may be determined using this data structure. The memory medium containing the data structure may be accessed, and received wireless service provider identification information from the respective portable computing device 110 may be used to index into the data structure or table to determine the wireless service provider. The appropriate access method may also be accessed and used for enabling the wireless service provider to provide network services, e.g., the access method may be used for providing the data from the respective portable computing device 110 to the determined wireless service provider. For example, wired transport information may also be used to determine how to transfer packets on the wired network. Access level information may also be retrieved and used to determine a user's access to local network resources or Internet access.

[0088] The MIB 150 may store other information, such as a directory of all the elements (e.g., APs, PCDs, etc) in the network, the topology of the network, characteristics of individual network elements, characteristics of connection links, performance and trend statistics, and any information which is of interest in the operation of the network 130 . For example, the MIB may store the precise longitude, latitude, altitude and other geographic information pinpointing the location of each access point.

[0089] One or more service providers 140 may also be coupled to the network 130 or other networks to which the network 130 is coupled, such as the Internet 170 . As used herein, the term “service provider” is intended to include various types of service and information providers which may be connected to the network 130 . The service provider 140 may take any of various forms and may provide any of various services or information. Each service provider 140 may include one or more computers or computer systems configured to provide goods, information, and/or services as appropriate for the service provider. The one or more service providers 140 may couple to the network in a wired or wireless fashion. The service providers 140 may include “network access” providers which typically charge fees for network access. The service providers 140 may also include other types of providers which may provide a service at the location where the APs are located. For example, in an airport, example service providers may include an airline server or airline personnel (which may operate as clients of APs) which provides flight information and/or helps direct passengers to flights. In a hotel, example service providers may include housekeeping, engineering, and other typical hotel services which may utilize particular WSPs for their respective network services. For example, maid carts in a hotel may be configured with PCDs to answer requests from users that are staying in the hotel. Thus, the plurality of WSPs may include fee-based network access providers for serving customers, as well as operational service providers for serving the needs of employees.

[0090] The network communication system 100 may be geographic-based. In other words, the network communication system 100 may provide information and/or services to the user based at least partly on the known geographic location of the user, e.g., as indicated by the access points 120 or as indicated by geographic information (e.g., GPS information) provided from the PCD 110 . In one embodiment, the APs 120 are arranged at known geographic locations and may provide geographic location information regarding the geographic location of the user or the PCD 110 . In another embodiment, the PCD 110 may provide geographic location information of the PCD 110 through the AP 120 to the network 130 . For example, the PCD 110 may include GPS (Global Positioning System) equipment to enable the PCD 110 to provide its geographic location through the AP 120 to the network 130 , such as to a service provider 140 coupled to the network 130 .

[0091] In one embodiment, the network communication system 100 may provide information and/or services to the user based on both the known geographic location of the user and an access level of the user. For example, a bank official may have an access level which allows access to security codes regarding electronic or physical access to funds. The access level may only be operational when the employee (or the employee's PCD) is in a secure area of the bank, thereby preventing unauthorized or unintended access to sensitive information, such as due to coercion or theft of the user's PCD.

[0092] Memory Medium and Carrier Medium

[0093] One or more of the systems described above, such as PCD 110 , access points 120 , MIB 150 , and wireless service providers 160 may include a memory medium on which computer programs or data according to the present invention may be stored. For example, each of the access points 120 and/or the MIB 150 may store a data structure as described above comprising information regarding identification information, corresponding wireless service providers 160 and access information such as associated data routing methods. Each of the access points 120 and/or the MIB 150 may further store a software program for accessing these data structures and using the information therein to properly provide or route data between users (subscribers) and their corresponding wireless service providers, or to selectively provide or route data depending on the access information.

[0094] One or more of the access points 120 and/or the MIB 150 may include software that enables the AP 120 to accommodate or service subscribers of a plurality of different WSPs. Thus an AP 120 may be operable to appear as any one of a plurality of different WSP APs, meaning that a single AP may “pretend to be” or behave as an access point dedicated to a particular WSP for each of a plurality of different WSPs. In contrast, prior art APs are only able to provide access point services for a single WSP. In other words, according to one embodiment of the invention, an AP 120 may execute one or more software programs that allow it to act as an AP for each of a plurality of WSPs. Thus, each AP 120 may be capable of broadcasting or recognizing any of a plurality of SIDS, and maintaining associations between the SIDS and the subscribers of the respective WSPs. The physical AP may further behave appropriately for different SIDS that are received from PCDs of users, providing network services to each user through that user's corresponding WSP.

[0095] In one embodiment, at least one of the APs 120 may include software that enables the single physical AP 120 to implement a plurality of virtual APs, where a virtual AP may comprise access point functionality implemented in software that appears as a physical AP to a PCD. The plurality of virtual APs or “software” APs may be implemented on one or more physical APs, e.g., on a common set of physical APs. Each instance of a virtual AP executes a complete 802.11 protocol stack, and is indistinguishable from a hardware AP to any wireless network client(s). Each virtual AP or “software” AP may include its own ESSID (e.g., an ESSID as specified in IEEE 802.11) and may be uniquely associated with a corresponding WSP. Thus, each WSP that uses a virtual AP solution would enjoy the illusion that there was a complete wireless infrastructure available for its exclusive use.

[0096] In another embodiment, at least one of the APs 120 may include software that enables the single physical AP 120 to behave appropriately for each of a plurality of WSPs. For example, instead of implementing a plurality of virtual APs, i.e., instead of storing and executing a plurality of virtual AP software program instantiations, a single software instantiation may enable this operation. In the embodiment above, each virtual AP may entail one or more software programs, and each instantiation of a virtual AP may utilize a separate instantiation or replication of these one or more software programs. In this “super access point” embodiment, a single instantiation of one or more software programs may enable the physical AP 120 to behave appropriately for each of a plurality of WSPs. These one or more software programs may execute to cause the AP 120 to: broadcast and recognize a plurality of different SIDs corresponding to each of a plurality of different WSPs, maintain associations between SIDs and WSPs, maintain SID and VLAN tag mappings, and perform other operations necessary to enable the single physical AP 120 to behave appropriately for each of a plurality of WSPs.

[0097] In the virtual AP embodiment described above, as noted, for one or more of the access points 120 , each physical access point 120 may include a plurality of virtual APs implemented in software that are comprised on the single physical access point 120 . As described above, each of these virtual APs may be used for servicing a respective WSP, i.e., for providing network access services to a respective WSP. According to the current IEEE 802.11 standard, each physical AP has a BSSID (Basis Service Set ID). The BSSID is typically the MAC ID of the network interface device comprised in the physical AP 120 .

[0098] However, when multiple virtual APs are comprised on or implemented on a single physical AP, it may not be possible to use the same MAC ID of the physical AP as the BSSID of each of the virtual APs on that physical AP. In other words, using this approach, each of the virtual APs may not receive a unique BSSID, as they each would have the MAC ID of the physical AP. If it is desired or required for each of the virtual APs to have a unique BSSID, then various alternative methods may be used. In one embodiment of the invention, the MAC ID of the single physical AP is simply used for all virtual APs, i.e., is used as the BSSID for all virtual APs on that physical AP. Thus, in this embodiment, each of the virtual APs on a single physical AP has the same BSSID. It is currently not believed that this will impact the operation of each of the virtual APs in any way. In an alternate embodiment, where it is desired that each of the virtual APs has a different respective BSSID, then the “local to network” MAC ID address bits which are defined by IEEE are adjusted for each of the respective virtual APs to produce a unique MAC ID for each of the virtual APs.

[0099] In yet another alternate embodiment, the physical AP is initially assigned a pool of MAC ID addresses and each of the virtual APs is assigned a unique MAC ID from this pool, thus providing each virtual AP with a unique MAC ID address, i.e., a unique BSSID. One drawback to this implementation is the need for a larger number of MAC ID addresses than the methods previously described.

[0100] In one embodiment, a single physical AP may support both Infrastructure Network mode (BSS) and Ad Hoc Network mode (Independent BSS, or IBSS). In Ad Hoc mode, each AP is just another peer on the network. This may be accomplished by configuring one or more virtual APs for BSS, as described above, and one or more other virtual APs (also on the same physical AP) for IBSS, or Ad Hoc Network mode.

[0101] The term “memory medium” is intended to include various types of memory or storage, including an installation medium, e.g., a CD-ROM, or floppy disks 104 , a random access memory or computer system memory such as DRAM, SRAM, EDO RAM, Rambus RAM, EPROM, EEPROM, flash memory etc., or a non-volatile memory such as a magnetic media, e.g., a hard drive, or optical storage. The memory medium may comprise other types of memory as well, or combinations thereof. In addition, the memory medium may be located in a first computer in which the programs are executed, or may be located in a second different computer which connects to the first computer over a network. In the latter instance, the second computer provides the program instructions to the first computer for execution. The memory medium may also be a distributed memory medium, e.g., for security reasons, where a portion of the data is stored on one memory medium and the remaining portion of the data may be stored on a different memory medium. Also, the memory medium may be one of the networks to which the current network is coupled, e.g., a SAN (Storage Area Network).

[0102] Also, each of the systems described above may take various forms, including a personal computer system, mainframe computer system, workstation, network appliance, Internet appliance, personal digital assistant (PDA), television system or other device. In general, the term “computer system” can be broadly defined to encompass any device having a processor which executes instructions from a memory medium.

[0103] The memory medium in one or more of the above systems thus may store a software program or data for performing or enabling roaming or selective network resource access within a network system 100 . A CPU or processing unit in one or more of the above systems executing code and data from a memory medium comprises a means for executing the software program according to the methods or flowcharts described below.

[0104] Various embodiments further include receiving or storing instructions and/or data implemented in accordance with the present description upon a carrier medium. Suitable carrier media include memory media as described above, as well as signals such as electrical, electromagnetic, or other forms of analog or digital signals, conveyed via a communication medium such as networks and/or a wireless link.

[0105] FIGS. 2 and 3 : Block Diagrams of the System of FIG. 1

[0106] FIG. 2 is a more detailed block diagram illustrating a portion of the wireless network system of FIG. 1 . FIG. 2 illustrates an embodiment having three access points 120 (A-C) which couple to respective VLANs, labeled VLAN1, VLAN2 and VLAN3. VLAN1, VLAN2 and VLAN3 in turn couple to respective routers 160 , labeled router A, router B and router C, which are provided by wireless service providers A, B and C respectively. These routers in turn couple to the Internet 170 . As shown, one or more access controllers, e.g., computer systems configured to determine or control network service access, may be provided for each of the wireless service providers. The access controllers operate to verify user or subscriber access to the respective provider's network. FIG. 2 illustrates access controller A, access controller B and access controller C. As shown, access controllers A and B are coupled to router A and router B respectively. However, the access controller may be located outside of the local network 130 , e.g., may be comprised on any of various locations on the Internet, as shown with respect to access controller C.

[0107] In this embodiment, the data structure may store an identification information/VLAN tag mapping, e.g., an SD I VLAN tag mapping, which operates to map the user to the appropriate VLAN of the user's wireless service provider. Thus, on the wired network to which the access points 120 are connected, the use of a different VLAN for each wireless service provider operates to separate data traffic on the wired network for each of the wireless service providers. It should be noted that one or more of the access points 120 may include software which implements a plurality of virtual access points, described above, each of which may correspond to a particular wireless service provider or VLAN.

[0108] As shown, each of VLAN1, VLAN2 and VLAN3 may be supported by one or more Ethernet switches which support tagged VLANs IEEE 802.1q). In addition, each switch may also support IEEE 802.1p, which provides for various quality of service (QoS) metrics. This enables the switches to enforce certain predefined quality of service metrics for any given port or virtual port contained within the network. As shown in FIG. 3 , it is also noted that a router may be present on more than one VLAN. As shown, FIG. 3 includes an 802.1q switch which couples to three access points referred to as access point 1 (AP1), access point 2 (AP2), and access point 3 (AP3). As shown, a router labeled Router C may be coupled to two or more VLANs as shown.

[0109] Using VLANs, each access point 120 preferably has the ability to transmit/receive on one or more VLAN IPs to one or more wireless service providers. This permits, but does not require, that each wireless service provider use its own network numbering plan. At most, each wireless service provider may have an access controller and a router at each coverage location. As shown in FIGS. 2 and 3 , the access controller is not required to be physically located at the coverage location, but rather may be located anywhere.

[0110] FIG. 4 —Multiple WSP Network Access

[0111] FIG. 4 is a flowchart diagram illustrating a method of allowing roaming access and/or selective access to a wireless network system. In one embodiment, as described above, the PCD 110 includes wireless service provider identification information (called “identification information” herein), preferably comprising a System ID, stored in the memory of the PCD 110 . The identification information may include information which identifies one (or more) wireless service providers to which the user of PCD 110 is a subscriber. As noted above, the System ID may be an IEEE 802.11 SSID or ESSID. The wireless service identification information may also be an IP address in a Bluetooth wireless network.

[0112] The network access method of the present invention may be operable to receive and use the identification information to facilitate roaming, e.g., to allow a particular wireless service of a plurality of possible wireless services to be selected and used for a user operating on the network. As discussed further below, the identification information may also store access level information which may be used to indicate a network access or privilege level. This stored access level information may be used to selectively allow user access to different parts of the network.

[0113] As shown, in step 402 the user connects to the network (e.g., to an access point of the network). For example, the user may be walking in an airport with a portable computing device and may connect in a wireless fashion to an access point located at the airport. In another scenario, the user may enter a hotel room and connect in a wireless fashion to an Ethernet port in his/her room which is connected to the network. In another scenario, the user may enter an office of a business, such as a law firm or corporation, and may connect in a wireless fashion to an access point located in that office. Thus, the user may connect to the network or an access point of the network in any of various locations in a wireless fashion.

[0114] In step 404 the personal computing device (PCD) 110 of the user may transmit wireless service provider (WSP) identification information (ID information) to an access point (AP) 120 of the network. The identification information may take any of various forms. In one embodiment, the identification information comprises a System ID (SID), e.g., an ESSID, according to IEEE 802.11. As discussed above, IEEE 802.11 (wireless Ethernet) is designed to support multiple overlapping wireless LANs in a given coverage area. IEEE 802.11 uses the System ID (SID), or ESSID, to “select” which LAN to use, and thus the access point with which to associate. In this embodiment each System ID may be uniquely associated with a respective wireless service provider, and thus the user may configure the System ID on his/her PCD 110 to uniquely identify the wireless service provider which the user has selected or to which the user has subscribed. The identification information may also or instead be a MAC (media access controller) ID which is comprised on a wireless Ethernet card of the personal computing device used by the user. The MAC ID may perform a similar purpose in selecting the wireless service provider. As noted above, the identification information may take various forms. For example, the identification information may simply comprise the name of the respective provider and the appropriate access information, which may be contained in a digital certificate. In various embodimentS, the identification information may comprise other types of wireless service provider identification as desired.

[0115] In prior art systems, access points are only able to “listen for” one System ID which corresponds to one wireless service provider. According to one embodiment of the invention, each access point 120 may be operable to “listen for” or “detect” a plurality of different sets of identification information, e.g., a plurality of different System IDs, which may correspond to a plurality of different possible wireless service providers, or which may correspond to unknown wireless service providers. Thus, each AP may be set up to “listen” for all types of identification information, e.g., listen for all SIDs, and to answer all queries from PCDs 110 , even if the identification information or SID is not recognized by the particular AP 120 . Alternatively, each of the access points may be operable to broadcast requests for identification information. For example, each of the access points may periodically broadcast requests for SIDs. Alternatively, each of the access points may periodically broadcast recognized System IDs to the PCDs, i.e., broadcast the sets of SIDs the access point supports, wherein the PCDs may respond to this broadcast by providing the identification information.

[0116] In step 406 the access point 120 to which the user has connected may transmit known geographic location information to the network (e.g., to a wireless service provider on the network). This known geographic location information may originate from the AP 120 or from the PCD 110 of the user. As discussed further below, this known geographic location information may be used in various ways. For example, the geographic location information may be used in selecting among two or more possible wireless service providers to which the user has previously subscribed, or may be used in selecting the default provider.

[0117] The geographic location information may also be used in determining the network services or access privileges of the user, or used in determining charging aspects of the use. For example, this known geographic location information may be used to determine whether a third party pays for the network access of the user. As one example, an employer of the user (employee) may have previously directed that the employer will pay for network access of the employee if the employee is located in an airport or hotel, but not if the employee is located, for example, in a bar. The known geographic location may also be used to determine a charge rate, based on various incentive or sponsorship programs of which the user is a member. For example, the user may receive a discount if he/she uses network access from certain locations, such as a certain business, a certain airport club, etc. The known geographic location information may also be used to selectively provide different access or privilege levels based on the geographic location, e.g., a user may have greater privilege/access levels at a first geographic location than from a second different geographic location. This known geographic location information may further be used to provide services to the user which are dependent upon the geographic location of the user. For more information on the use of geographic location information for providing geographic based services, please see U.S. Pat. No. 5,835,061, referenced above.

[0118] In step 412 the wireless service provider may examine the received identification information, e.g., the System ID, or other identification information and determine whether the received identification information is known or recognized. In step 412 the method may also determine if other id information is valid. If the identification information is determined to not be known, e.g., the System ID is unknown, then in step 422 the method may perform processing to account for the unknown identification information. Step 422 may also involve performing processing for an unknown or incorrect digital certificate or other unknown information.

[0119] In step 422 , where the identification information is determined to not be known or recognized, the method may select a default wireless service provider for the user for network access. The default wireless service provider may be the provider who maintains the wireless network system being used, or may be a randomly selected provider. In step 423 the user may be required to register with this provider to gain network access. This provider may then arrange for ad hoc billing of the user, such as by credit card. For example, the provider may present a web page on the user's PCD 110 requesting the user to enter credit card information for access to the network. Operation then proceeds to step 432 .

[0120] Also, if the identification information is determined to not be known, the access or privilege level of the user may be set to the lowest possible level. This, for example, may allow the user to only have access to certain limited local resources, but no external access, e.g., to the Internet. Thus, for example, where the APs 120 are located in an airport, the user having a low access level, e.g., the user whose identification information is not known, may be granted access to certain local resources, such as coffee shops, bookstores, and advertising on the local LAN at the airport, but may not be provided with Internet access. Access to local resources may be allowed since this does not require the use of external facilities and hence does not consume off-property bandwidth, and thus is relatively inexpensive to provide. Alternatively, if the identification information of a user is determined to not be known, the system may provide some form of external access, which may be billed separately by an external Internet provider, without the user being able to view or use any local network resources.

[0121] If known identification information is determined to be received in step 412 , then in step 416 the method may determine the wireless service provider which corresponds to the identification information (e.g., the System ID). In the preferred embodiment, a data structure comprising wireless service provider information is stored in each of the access points 120 . In this embodiment, the respective access point with which the user is communicating receives the identification information and uses the identification information to obtain the appropriate or corresponding wireless service provider to which the user of the PCD 110 is subscribed. In step 418 the respective access point 120 may also access the data structure to determine the appropriate access method or access level for providing data or packets to the respective wireless service provider. For example, the respective access point 120 may access the data structure to analyze the respective SID/VLAN tag to determine the VLAN tag to use for the respective wireless service provider. In one embodiment, the respective access point 120 may instead access this information from a separate data structure stored in MIB 150 .

[0122] In an alternate embodiment, the PCD 110 of the user may provide all of this information to the access point 120 . In this embodiment, the data structure containing the wireless service provider data and access information may not be required to be stored in the access points 120 or on the network. Alternatively, data may be stored on the network 130 , e.g., in the access points 120 or in the MIB 150 , which is used only to validate this information received from the user.

[0123] As discussed above, the data structure is preferably a table comprising a plurality of three-tuples wherein each tuple stores a set of identification information, the corresponding wireless service provider associated with that identification information, and access information associated with that wireless service provider and/or the user. An example of this data structure is shown in FIG. 5 . The data structure shown in FIG. 5 includes five different sets of three-tuples. It is noted that the data structure may take any of various forms.

[0124] The access information may include an access method, possibly including a destination address, or other method by which data packets are routed to/from the respective site of the wireless service provider, or other method which directs that network access be provided by that wireless service provider. The access information may also include a SID/wired transport mechanism mapping, such as a SID/VLAN tag mapping. The access information may also include an access level or privilege level that indicates which network resources that the user may access, e.g., whether the user is only allowed access to resources on the local network 130 , or is only or in addition allowed external access, such as Internet access.

[0125] Thus, when the access point 120 receives the identification information, the access point may simply use the identification information to index into a table containing this information to dete