U.S. patent application number 12/510343 was filed with the patent office on 2010-05-13 for auto provision system and method for customer premises equipment.
This patent application is currently assigned to CHUNGHWA TELECOM CO., LTD.. Invention is credited to Hu-Chi Chen, Chien-Che Huang, Ching-Chuan Kuo, Shih-Chia Wang, Ping- Hsui Wu.
Application Number | 20100119050 12/510343 |
Document ID | / |
Family ID | 42163879 |
Filed Date | 2010-05-13 |
United States Patent
Application |
20100119050 |
Kind Code |
A1 |
Kuo; Ching-Chuan ; et
al. |
May 13, 2010 |
AUTO PROVISION SYSTEM AND METHOD FOR CUSTOMER PREMISES
EQUIPMENT
Abstract
An auto provision system and method for a customer premises
equipment (CPE) include: connecting a CPE to a provision platform
through a network; authenticating the CPE by the provision platform
and generating and transmitting a corresponding setting file to the
CPE by the provision platform; and the CPE updating the
configuration thereof by using the received setting file, thereby
saving manual costs for ISPs (Internet Service Providers), ensuring
ease of use, and enhancing information security.
Inventors: |
Kuo; Ching-Chuan; (Taipei,
TW) ; Wang; Shih-Chia; (Taipei, TW) ; Wu;
Ping- Hsui; (Taipei, TW) ; Huang; Chien-Che;
(Taipei, TW) ; Chen; Hu-Chi; (Taipei, TW) |
Correspondence
Address: |
EDWARDS ANGELL PALMER & DODGE LLP
P.O. BOX 55874
BOSTON
MA
02205
US
|
Assignee: |
CHUNGHWA TELECOM CO., LTD.
Taipei
TW
|
Family ID: |
42163879 |
Appl. No.: |
12/510343 |
Filed: |
July 28, 2009 |
Current U.S.
Class: |
379/201.12 |
Current CPC
Class: |
H05K 3/025 20130101;
Y10T 29/49165 20150115; H05K 2201/09763 20130101; H05K 2201/09509
20130101; H05K 2201/09518 20130101; Y10T 29/49126 20150115; H05K
1/162 20130101; Y10T 29/4913 20150115; H05K 3/4652 20130101; H05K
2203/0152 20130101; Y10T 29/435 20150115; H05K 3/4602 20130101;
Y10T 29/49144 20150115 |
Class at
Publication: |
379/201.12 |
International
Class: |
H04M 3/42 20060101
H04M003/42 |
Foreign Application Data
Date |
Code |
Application Number |
Nov 11, 2008 |
TW |
097143465 |
Claims
1. An auto provision system for a CPE (Customer Premises
Equipment), applicable to a network, the auto provision system
comprising: a CPE; and a provision platform connected to the CPE
through the network so as to allow the provision platform to
generate a setting file corresponding to the CPE and transmit the
setting file to the CPE for auto configuration update thereof.
2. The system of claim 1, wherein the provision platform further
comprises: a database device for storing provision data of the CPE;
an authentication device for authenticating the CPE by using the
provision data; and an auto provision device for generating the
setting file corresponding to the CPE according to an
authentication notice of the authentication device and transmitting
the setting file to the CPE, thereby allowing the CPE to update the
configuration thereof by using the setting file received.
3. The system of claim 1, wherein the network is Internet, a local
area network, a wide area network, a virtual private network, or a
combination thereof.
4. The system of claim 1, wherein the CPE is a communication
device, a connection device, a routing device, a network access
device, or a combination thereof.
5. The system of claim 2, wherein the database device further
comprises: an equipment database for storing equipment data of the
CPE, and a user database for storing application data of the
CPE.
6. The system of claim 5, wherein the equipment data is a hardware
serial number, a circuit number, a physical address, an operation
mode, a network address, or a combination thereof.
7. The system of claim 5, wherein the application data is ID, a
contact number, an account password, or a combination thereof.
8. The system of claim 2, wherein the authentication device further
comprises: a circuit information authentication module for
authenticating the circuit information of the CPE, and an equipment
information authentication module for authenticating the equipment
information of the CPE.
9. The system of claim 2, wherein the auto provision device further
comprises: a setting file generation module for generating the
setting file corresponding to the CPE, and a setting file
encryption module for encrypting the setting file.
10. The system of claim 9, wherein the auto provision device
transmits the encrypted setting file to the CPE, and the CPE
decrypts the setting file and updates the configuration thereof by
using the decrypted setting file.
11. An auto provision method for a CPE, applicable to a network,
the auto provision method comprising the steps of: (1) connecting a
CPE to a provision platform through the network; (2) authenticating
the CPE by the provision platform; (3) generating and transmitting
a corresponding setting file by the provision platform to the CPE
through the network; and (4) the CPE updating the configuration
thereof by using the received setting file.
12. The method of claim 11, wherein the network is Internet, a
local area network, a wide area network, a virtual private network,
or a combination thereof.
13. The method of claim 11, wherein the CPE is a communication
device, a connection device, a routing device, a network access
device, or a combination thereof.
14. The method of claim 11, wherein step (2) further comprises:
(2-1) an auto provision device determining whether the CPE is a
recognized device; (2-2) the auto provision device requesting an
authentication device to authenticate the CPE; and (2-3) the
authentication device authenticating the CPE by using provision
data.
15. The method of claim 14, wherein the provision data is a
hardware serial number, a circuit number, a physical address, an
operation mode, a network address, ID, a contact number, an account
password, or a combination thereof.
16. The method of claim 11, wherein step (3) further comprises:
(3-1) the provision platform generating the setting file
corresponding to the CPE and encrypting the setting file; and (3-2)
the provision platform transmitting the encrypted setting file to
the CPE through the network.
17. The method of claim 11, wherein step (4) further comprises:
(4-1) the CPE decrypting the setting file; and (4-2) the CPE
updating the configuration thereof by using the decrypted setting
file.
Description
BACKGROUND OF THE INVENTION
[0001] 1. Field of the Invention
[0002] The present invention relates generally to auto provision
systems and methods for customer premises equipments (CPEs), and
more particularly, to a provision system and method that provide a
setting file by an installation platform to a CPE for auto
configuration update.
[0003] 2. Description of Related Art
[0004] Along with the development of network techniques,
construction of network systems is speeded up. Users can make
various activities through networks, for example, searching,
browsing, shopping or chatting.
[0005] Generally, users access the Internet through ISPs (Internet
Service Providers) that are companies or organizations offering
Internet access and network services to users. These companies buy
connection equipments and rent lines and bandwidths and provide
them to users. In order to access the Internet and use various
types value-added services provided by an ISP, a customer premises
equipment (CPE) at a user end needs to be connected to a server of
the ISP.
[0006] A CPE can be such as a modem, a router, a network phone, a
network fax and so on. Since ordinary users lack professional
provision knowledge of CPEs, the configuration of the CPEs need to
be set up by engineers from ISPs or from outsourcing companies of
the ISPs, which however has disadvantages as follows: [0007] (1)
Operation costs for the ISPs increase, because the ISPs need to
employ a large number of engineers for configuration update of the
CPEs. [0008] (2) Inconvenience in usage. Since the number of users
is far larger than that of the engineers, it is difficult for the
engineers to provide timely services to the users, thus causing
inconvenience to the users in usage of networks. [0009] (3) Risk of
data leakage. User IDs or account passwords are often required in
configuration update of the CPEs, which poses a potential risk of
data leakage.
[0010] Therefore, that is a need to provide an auto provision
system and method for a CPE such that the configuration of the CPE
can be set up with increased security, at greater convenience and
lower cost.
SUMMARY OF THE INVENTION
[0011] In view of the above disadvantages of the prior art, an
objective of the present invention is to provide an auto provision
system and method for a CPE (Customer Premises Equipment) so as to
decrease the manual cost.
[0012] Another objective of the present invention is to provide an
auto provision system and method for a CPE so as to achieve quick
configuration update of a CPE and facilitate its usage.
[0013] A further objective of the present invention is to provide
an auto provision system and method for a CPE so as to reduce the
risk of user data leakage.
[0014] In order to attain the above and other objectives, the
present invention provides an auto provision system and method for
a CPE applicable to a network. The auto provision system comprises:
a CPE; and a provision platform, wherein the CPE is connected to
the provision platform through the network such that the provision
platform generates a setting file corresponding to the CPE and
transmits the setting file to the CPE for auto configuration
update. The provision platform further comprises: a database device
for storing provision data of the CPE; an authentication device for
authenticating the CPE by using the provision data; and an auto
provision device for generating the setting file corresponding to
the CPE according to an authentication notice of the authentication
device and transmitting the setting file to the CPE such that the
CPE can update the configuration thereof by using the received
setting file.
[0015] The auto provision method for a CPE according to the present
invention comprises the following steps: (1) connecting a CPE to a
provision platform through the network; (2) authenticating the CPE
by the provision platform; (3) generating and transmitting a
corresponding setting file by the provision platform to the CPE
through the network; and (4) the CPE updating the configuration
thereof by using the received setting file.
[0016] In a preferred embodiment, step (2) further comprises: (2-1)
an auto provision device determining the CPE is a recognized
device; (2-2) the auto provision device requesting an
authentication device to authenticate the CPE; and (2-3) the
authentication device authenticating the CPE by using provision
data.
[0017] In another preferred embodiment, step (3) further comprises:
(3-1) the provision platform generating the setting file
corresponding to the CPE and encrypting the setting file; and (3-2)
the provision platform transmitting the encrypted setting file to
the CPE through the network. Step (4) further comprises: (4-1) the
CPE decrypting the setting file; and (4-2) the CPE updating the
configuration thereof by using the decrypted setting file.
[0018] Compared with prior art, the present invention authenticates
a CPE through a provision platform and in the case the
authentication is successful, the provision platform generates a
setting file corresponding to the CPE and transmits the setting
file to the CPE such that the CPE can update the configuration
thereof by using the received setting file, thereby saving the
manual cost, increasing convenience in usage and data security.
BRIEF DESCRIPTION OF DRAWINGS
[0019] FIG. 1 is a diagram of an auto provision system for a
customer premises equipment (CPE) according to the present
invention;
[0020] FIG. 2 is a diagram of the auto provision system for the CPE
according to a preferred embodiment of the present invention;
[0021] FIG. 3 is a diagram of the auto provision system for the CPE
according to another preferred embodiment of the present
invention;
[0022] FIG. 4 is a flow chart of an auto provision method for a
customer premises equipment (CPE) according to the present
invention; and
[0023] FIG. 5 is a flow chart of the auto provision method for the
CPE according to a preferred embodiment of the present
invention.
DETAILED DESCRIPTION OF PREFERRED EMBODIMENTS
[0024] The following illustrative embodiments are provided to
illustrate the disclosure of the present invention, these and other
advantages and effects can be apparent to those skilled in the art
after reading the disclosure of this specification.
[0025] FIG. 1 is a diagram of an auto provision system for a
customer premises equipment (CPE) according to the present
invention. As shown in the drawing, the system comprises a CPE 10,
a network 11, and a provision platform 12.
[0026] The CPE 10 can be any equipment disposed at a user end and
having specific functions. In the present invention, the CPE 10 is
an electronic device capable of connecting the network 11, such as
a communication device, a connection device, a routing device, a
network access device, or a combination thereof.
[0027] The network 11 is a medium for data transmission, which can
be a wired network or a wireless network. The wired network is, for
example, the Internet, a local area network, a wide area network, a
virtual private network, or a combination thereof. The wireless
network is, for example, a wireless local area network, a cellular
communication network, a worldwide interoperability for microwave
access (WiMAX), or a combination thereof.
[0028] The CPE 10 is connected to the provision platform 12 through
the network 11 such that the provision platform 12 generates a
setting file corresponding to the CPE 10 and transmits the setting
file to the CPE 10 for auto configuration update of the CPE 10 and
firmware upgrade. For example, a provision server at an ISP
(Internet Service Provider) end is capable of generating
configuration-specific setting files corresponding to a plurality
of CPEs 10 for remote configuration update of the CPEs 10,
respectively. The provision platform 12 further comprises: a
database device 120, an authentication device 121 and an auto
provision device 122.
[0029] The database device 120 is configured for storing provision
data of the CPE 10. The provision data may be a hardware serial
number of the equipment, a connection circuit number, a physical
address of the equipment, an operation mode of the equipment, a
network address of the user end, a user ID, a user contact number,
an account password, or a combination thereof.
[0030] The authentication device 121 authenticates the CPE 10
through the above-described provision data, thereby avoiding the
use of unauthenticated CPEs by users.
[0031] The auto provision device 122 generates the setting file
corresponding to the CPE 10 according to an authentication notice
of the authentication device 121 and transmitting the setting file
to the CPE 10 for auto configuration update and firmware upgrade.
Since various configuration-specific setting data of various
devices at the user end, such as network addresses, network areas
and account passwords, is stored in the provision platform 12, the
auto provision device 122 can conveniently generate a
configuration-specific setting file corresponding to the CPE 10 for
auto configuration update.
[0032] In practice, the CPE 10 is connected to the provision
platform 12 through the network 11 by a predetermined connection
method so as for the auto provision device 122 to determine whether
the CPE 10 is a recognized device. Then, the auto provision device
122 requests the authentication device 121 to authenticate the CPE
10. The authentication device 121 authenticates the CPE 10
according to the provision data in the database device 120.
Finally, the auto provision device 122 generates a setting file
corresponding to the CPE 10 and transmits the setting file to the
CPE 10 for auto configuration update and firmware upgrade.
[0033] FIG. 2 is a diagram of the auto provision system for the CPE
according to a preferred embodiment of the present invention. As
shown in the drawing, the system comprises a CPE 20, a network 21
and a provision platform 22.
[0034] Compared with FIG. 1, the provision platform 22 of the
present embodiment further comprises an equipment database 220, a
user database 221, an equipment information authentication module
222, a circuit information authentication module 223, a setting
file generation module 224 and a setting file encryption module
225.
[0035] The equipment database 220 stores related setting and
configuration data of the CPE 20. Base on the data, the provision
platform 22 can determine whether the CPE 20 is a recognized device
and the setting file generation module 224 can automatically
generate the setting file.
[0036] The user database 221 stores application data of the user.
When the user applies to an ISP for a network connection service,
the ISP stores the application data of the user, such as a physical
address, a circuit information, or a network address in the user
database 221. Based on these data, the system can authenticate the
CPE 20 and the setting file generation module 224 can automatically
generate the setting file.
[0037] The equipment information authentication module 222
authenticates the equipment information of the CPE 20. When the CPE
20 is connected to the provision platform 22 through the network
21, the equipment information authentication module 222 accesses
data from the equipment database 220 so as to determine whether the
equipment information of the CPE 20 is recognized by the provision
platform 22.
[0038] The circuit information authentication module 223
authenticates the circuit information of the CPE 20. After the
provision platform 22 determines that the CPE 20 is a recognized
device, the circuit information authentication module 223 accesses
application data from the user database 221 so as to determine
whether the network connection data of the CPE 20 is
recognized.
[0039] The setting file generation module 224 generates a setting
file corresponding to the CPE 20. Since different CPEs have
different configurations and modes of setting, the provision
platform 22 authenticates the CPE 20 through the equipment database
220 and the user database 221 so as to generate the corresponding
provision setting file required for timely update and proper
operation of the CPE 20.
[0040] The setting file encryption module 225 encrypts the setting
file. The setting file is encrypted before being transmitted to the
CPE 20 so as to reduce the risk of data leakage during
transmission.
[0041] In practice, the CPE 20 is connected to the provision
platform 22 through the network 21, and the equipment information
authentication module 222 accesses the equipment data from the
equipment database 220 so as to determine whether the CPE 20 is a
recognized device. Then, the circuit information authentication
module 223 accesses the application data from the user database 221
so as to authenticate the CPE 20. Upon successful authentication,
the setting file generation module 224 generates the setting file
corresponding to the CPE 20, and the setting file encryption module
225 encrypts the setting file. Finally, the encrypted setting file
is transmitted to the CPE 20, and the CPE 20 decrypts the setting
file, so as to enable configuration update of the CPE 20 to take
place.
[0042] In a preferred embodiment, the equipment data is a hardware
serial number, a circuit number, a physical address, an operation
mode, a network address, or a combination thereof. The application
data is ID, a contact number, an account password, or a combination
thereof.
[0043] FIG. 3 is a diagram of the auto provision system for the CPE
according to another embodiment of the present invention. As shown
in the drawing, the system comprises a connection modem 30,
Internet 31, an auto provision platform 32, and service websites
33.
[0044] In the present embodiment, when the user applies to an ISP
for an Internet connection service, the user obtains a connection
modem 30. After the connection modem 30 has connected the user's PC
(wherein the connection between the connection modem 30 and the
user's PC is effectuated by a cable line) and a network interface,
configuration of the connection modem 30 has to be set up for
Internet connection service. In this case, the connection modem 30
can be connected to the auto provision platform 32 through the
Internet 31 by a predetermined connection method, and the
predetermined connection method may be limited such that only the
auto provision platform 32 is available for connection with the
connection modem 30. An authentication server 322 authenticates the
connection modem 30 through an equipment database 320 and a user
database 321. After the authentication, an auto provision server
323 generates a configuration-specific setting file corresponding
to the connection modem 30 and transmits the setting file to the
connection modem 30 for configuration update. Upon completion of
configuration update, the connection modem 30 can work properly
with its new configuration, and thus the user's PC can be connected
to various service websites 33 through the connection modem 30.
[0045] FIG. 4 is a flow chart of an auto provision method for a CPE
according to the present invention. As shown in the drawing, the
auto provision method comprises the following steps.
[0046] At step S40, a CPE is connected to a provision platform
through a network by using a predetermined connection method,
wherein the network is the Internet, a local area network, a wide
area network, a virtual private network, or a combination thereof.
The CPE is a communication device, a connection device, a routing
device, a network access device, or a combination thereof. Then, go
to step S41.
[0047] At step S41, the provision platform authenticates the CPE so
as to determine whether the CPE is a recognized equipment and
whether the user data in the database coincides with the connected
user information (for example, the physical address and circuit
information). Then, go to step S42.
[0048] At step S42, the provision platform generates a setting file
corresponding to the CPE and transmits the setting file to the CPE.
Then, go to step S43.
[0049] At step S43, the CPE updates the configuration thereof by
using the received setting file.
[0050] In a preferred embodiment, step S41 further comprises: the
provision platform determining the CPE is a recognized device and
the provision platform requests the authentication device to
authenticate the CPE, the authentication device authenticating the
CPE by using provision data.
[0051] In another preferred embodiment, the provision data is a
hardware serial number, a circuit number, a physical address, an
operation mode, a network address, ID, a contact number, an account
password, or a combination thereof.
[0052] In another preferred embodiment, step S42 further comprises:
the provision platform generating the setting file corresponding to
the CPE and encrypting the setting file and transmitting the
encrypted setting file to the CPE. Step S43 further comprises: the
CPE decrypting the setting file and updating the configuration
thereof by using the decrypted setting file.
[0053] FIG. 5 is a flow chart of the auto provision method
according to a preferred embodiment of the present invention. As
shown in the drawing, the auto provision method comprises the
following steps.
[0054] At step S50, a CPE is connected to an auto provision server
by using a predetermined account, and the physical address, product
type and network address of the CPE are provided to the auto
provision server. Then, go to step S51.
[0055] At step S51, the auto provision server obtains a physical
address and product type from an equipment database and compares
them with those from the CPE so as to determine whether the CPE is
a recognized device. Then, go to step S52.
[0056] At step S52, the auto provision server requests the
authentication server to determine whether the equipment
information of the CPE coincides with the equipment information of
the application data in the database. Then, go to step S53.
[0057] At step S53, the authentication server finds the circuit
information of the user according to the network address so as to
determine the user ID and determine whether the physical address of
the CPE is owned by the user. Then, go to step S54.
[0058] At step S54, upon successful authentication, the
authentication server transmits the authentication result and
provision data to the auto provision server. Then, go to step
S55.
[0059] At step S55, the auto provision server writes the provision
data to the equipment database and generates a corresponding
configuration-specific setting file according to the provision
data. Then, go to step S56.
[0060] At step S56, the auto provision server encrypts the setting
file and transmits the encrypted setting file to the CPE. Then, go
to step S57.
[0061] At step S57, the CPE decrypts the setting file and updates
the configuration thereof by using the decrypted setting file.
After the update, the CPE operates under the new configuration.
[0062] According to the present embodiment, a CPE can be remotely
authenticated by a provision platform and updated by using a
configuration-specific setting file generated by the provision
platform, thereby achieving auto configuration update of the CPE.
Therefore, the CPE can be conveniently used in a plug-and-play
manner, and further the manual cost for ISPs is saved and risk of
the user data leakage is avoided.
[0063] Therefore, the auto provision system and method for a CPE
according to the present invention achieve the following effects:
[0064] (1) Ease of use of CPEs. The present invention eliminates
the need of additional settings for CPEs. Instead, CPEs only need
to be connected to a provision platform for auto configuration
update. Therefore, even a non-professional person can conveniently
use CPEs. [0065] (2) Reduced operation costs for ISPs. Given the
present invention, ISPs do not need to assign engineers to
locations of CPEs for configuration update, thereby reducing the
operation cost. [0066] (3) Prevention of leakage of user data.
Since update and setting of CPEs require user application data or
equipment data, if these data are known by provision engineers,
there exists a potential risk of leakage of user data. The present
invention eliminates the need of manual update of the CPEs, thereby
greatly reducing the risk of data leakage.
[0067] The above-described descriptions of the detailed embodiments
are only to illustrate the preferred implementation according to
the present invention, and it is not to limit the scope of the
present invention. Accordingly, all modifications and variations
completed by those with ordinary skill in the art should fall
within the scope of present invention defined by the appended
claims.
* * * * *