WO2025021273A1

WO2025021273A1 - Household appliance, user terminal, system, and computer-program products

Info

Publication number: WO2025021273A1
Application number: PCT/EP2023/070247
Authority: WO
Inventors: Igor PERELYGIN; Ruslan KIRICHEK; Aleksander PARAMONOV; Viktor KISEL; Yulia AVAKYAN; Vecheslav KULICK; Sergey VAKHITOV; Ekaterina KUZNETSOVA
Original assignee: Electrolux Appliances Aktiebolag
Priority date: 2023-07-21
Filing date: 2023-07-21
Publication date: 2025-01-30

Abstract

There is provided a household appliance (1), a user terminal (3), a system and computer-program products related to authenticating a household appliance (1) in a target network (8). The household appliance (1) comprises communication apparatus (4) with one or more antennas (5), the communication apparatus (4) and one or more antennas (5) configured for establishing wireless links (6, 7) with a first external device (2) providing a target access point and a different second external device (3) such as a mobile user device. The household appliance (1) further comprises an electronic processing apparatus (9) communicatively coupled to the communication apparatus (4) and configured for executing a method comprising receiving (300) from the first external device (2) via a first wireless link a first data message (12) associated with an authentication request (19) for authenticating access to the target network (8) via the first external device (2) as a target access point; processing (301) the first data message (12) and extracting from the first data message (12) data associated with the authentication request (19); generating (304) second data (14) including a request for obtaining authentication credentials (18) from the second device (3) for populating the authentication request (19); generating (304) a second data message (16) including the second data (14) and sending (305), via a second wireless link (6), the second data message (16) to the second device (3); receiving (306) from the second external device (3) via the second wireless link (7) a third data message (17) including the authentication credentials (18); populating the authentication request (19) with the authentication credentials (18) and sending (308) the populated authentication request (19) to the first external device (2) via the first wireless link (6) for use in authenticating access and connecting to the target network (8).

Description

HOUSEHOLD APPLIANCE, USER TERMINAL, SYSTEM, AND COMPUTERPROGRAM PRODUCTS

The underlying invention relates to a household appliance, a user terminal, a system, and computer-program products. The invention in particular relates to techniques and systems for providing authenticated network access to a household appliance.

BACKGROUND OF THE INVENTION

According to current technology, a variety of household appliances, such as dishwashers, washing machines, laundry dryers, cooktops, fridges, etc. do not necessarily need elaborated user interfaces, such as touch screens and touch panels suitable for browsing or accessing a network or data in a network, such as the internet.

Nevertheless, it is desirable, in terms of information technology, to provide ways for enabling household appliances, which as such, for example, have limited userinterface capabilities or even have no dedicated user-interface capabilities suitable for establishing a connection to a data network, to authenticate access or connect to a data network, e.g. a private or a public data network. Such network access may for example be used for updating soft- and/or firmware, for data up- or download, for data exchange with an external source, appliance registration, and other data exchange purposes.

SUMMARY OF THE INVENTION

In view of this, it is an objective of the invention to provide solutions for enabling household appliances with limited user interface opportunities, or even household appliances having no user interfaces suitable for authenticating in a data-network to be connected to a data-network, which may be private or public networks, e.g. the internet.

In particular, a household appliance, a user terminal, a system, and computer program products shall be provided in connection with such solutions.

The objective is solved by the features of the independent claims. Preferred embodiments are given in the dependent claims and the description below. If not explicitly indicated otherwise, embodiments of the invention, including embodiments according to independent and dependent claims, may be freely combined with each other and/or claimed on their own.

According to an aspect of the invention, access to a data-network or simply network, such as the internet, may be provided for household appliances without necessitating, on the household appliance, customized or dedicated user interfaces for establishing and authenticating network access for example via a Web browser or application running on the household appliance. On a note, the invention may be implemented even though the household appliance includes a user interface that would be suitable for establishing and authenticating network access. However, as mentioned beforehand, the invention goes without necessitating particular and specially adapted user interfaces on the household appliance. This does not mean that the household appliance as such may not require user interfaces as such - user interfaces for controlling ordinary functions of the household appliance, such as power switches, means for controlling power, for controlling operation time etc. may be present.

In an aspect of the invention, household appliances may be authorized for accessing an electronic data-network, i.e. a data-network or, in short, a network, such as the Internet, in private and/or public WLAN networks, for example at home or in public places such as airports, restaurants, etc.. A household appliance may be connected to a data network over WLAN even when the user does not have an own access point such as an own WLAN router.

For the purpose of the underlying invention, a household appliance shall relate to any appliance or device designed and provided, i.e. suitable for use in a household and adapted to perform or assist a user in performing a task related to household work or housekeeping activities work, even if also usable or used outside the household. In particular, the term "household appliance" shall relate to the functional operability (e.g. housekeeping activities etc.) it provides or type of device, irrespectively whether it is used in a household or elsewhere - performing, however, the same function. The term household appliance is meant to relate in particular to devices generally referred to as "white goods", such as major appliances like ovens, stoves, refrigerators, washing machines, dishwashers etc., and also small appliances like toasters, coffee makers, and blenders etc.. The term household appliance, however, shall not relate to so-called "brown goods" generally referring to consumer electronics such as TVs, computers, radios, games consoles etc. According to an embodiment of the invention, a household appliance for performing household work and/or for assisting a user in performing household work is provided.

The "household appliance" is referred to herein briefly as "appliance".

The appliance comprises a communication apparatus comprising one or more antennas. The communication apparatus and the one or more antennas are configured for establishing a first and a second wireless link with at least a first external device and at least a different second external device. Each wireless link is based on a wireless communication protocol, such as WLAN, WiFi®, or Bluetooth®. On a note, WiFi® and WLAN are sometimes used synonymously in literature, within the present invention, WLAN shall generally refer to any type of wireless LAN, and shall include, but not be limited to WiFi®.

The communication apparatus may comprise one or more processors or electronic units operatively coupled to the one or more antennas, for receiving and transmitting data messages received via the antennas or to be transmitted via the antennas. A data message may comprise, be split up into and/or transmitted as one or more data packages or packets, e.g. on a lower level in the software stack etc.

The first external device, such as, but not limited to, a WLAN router, is configured for providing a target access point for accessing a target network. The second external device, such as, but not limited to, a user terminal, e.g. a mobile phone, a tablet, a laptop or a personal computer, is configured for acting as a user terminal. The second external device may comprise one or more user interfaces such as screens, touch screens, keyboards, voice input terminals, etc. enabling user interaction with the second external device, for example with applications executed on the second external device.

The term "external" in the expressions "first external device" and "second external device" shall indicate that respective devices are external and separate from the household appliance. In general, such external devices are not part of the household appliance as such, but, according to the invention, may interact via wireless communication links with the communication apparatus. The first and second external devices are referred to herein also as first and second devices.

The appliance comprises an electronic processing apparatus. The electronic processing apparatus may comprise one or more processors and a non-transitory storage medium. The electronic processing apparatus may be configured for processing, generating, and/or storing data related to data messages received or transmitted via the communication apparatus. In particular, the electronic processing apparatus may include one or more processors and at least one non- transitory storage for storing instructions to be executed by at least one of the one or more processors and/or for storing data, such as data related to network authentication.

The electronic processing apparatus, briefly also referred to as processing apparatus below, is communicatively coupled to the communication apparatus, in particular for exchanging electronic signals, data, and/or data messages. The processing apparatus is configured to perform, or comprises an associated (non-transitory) memory or storage medium storing instructions that when executed by a processor of the processing apparatus cause the processing apparatus to perform a method comprising: receiving from the first external device via the first wireless link a first data message including first data associated with an authentication request for authenticating access to the target network via the target access point; in response to receiving the first data message, processing the first data message and extracting from the first data message the first data associated with the authentication request; generating, from the first data, second data including a request for obtaining authentication credentials from the second device for populating the authentication request; generating a second data message including the second data and sending, via the second wireless link, the second data message to the second device; in response to sending the second data message, receiving from the second device via the second wireless link a third data message, the third data message including the authentication credentials; and populating the authentication request with the authentication credentials and sending the populated authentication request to the first device via the first wireless link for use in authenticating access and connecting to the target network.

Receiving the first data message may be initiated or triggered by the processing apparatus as such, from an external device, such as the first or second external device, or in any other way, e.g. based on an activation on the household appliance received from a user input. A data message may include and be processed, split up into and/or transmitted as one or more data packets or data packages.

The receiving of the first data may be preceded by the processing apparatus scanning for and identifying available target access points, wherein one of one or more identified target access points may be selected for accessing the target network. The target access point for accessing the target network may be selected by the processing apparatus, or a selection may be based on a selection from an external source, such as the second device. One or more available target access points, identified in a scan carried out by the appliance may be notified to a user, e.g. to the second device, and a selection of a selected target access point received in response to a corresponding request from the second device may be the basis for target access point selection. In embodiments, the target access point may be notified to the processing apparatus without a preceding scan carried out by the appliance, for example based on data received from the second device, e.g. an application executed on the second device, in response to a user selection on the second external device or in any different way. In this case, the scan may be performed by the second device.

The first to third data messages and the authentication request may have any data format, and the data formats may be different.

Processing the first data message and extracting the first data may include any processes executed by the processing apparatus and related to identifying the first data, i.e. the data associated with the authentication request. In particular and specifically for a first-time authentication in a target network, the household appliance, specifically the processing apparatus, may not be aware of how to populate the authentication request, and the processing may include identifying information related to the authentication. Such information may involve a determination that authentication credentials are necessary, or may involve a determination of particular input prompts, such as user email address, name, ID, phone number, and/or password, and/or any other suitable data for authenticating access, e.g. a unique identifier associated with a user.

Generating the second data including the request for obtaining authentication credentials may include generating any piece of information or data to be notified to the second device in connection with authentication. For example, the second data may include a value or parameter telling an application on the second device what information to request from the user. The value or parameter may for example be an indicator for a particular process to execute in the application, wherein the process may initiate an input prompt for manual input of a user email address, name or ID, and a password, or requiring user input at the second device. Further, the second data may explicitly relate to or comprise one or more indicators corresponding to "user credentials", such as user email address, name, ID, phone number, and/or password etc. Hereinafter embodiments refer to the user credentials as comprising an email address, and - if applicable, a password. However, it is to be understood that the email address can be replaced with any user-specific identifier suitable for, e.g. uniquely, identifying a user or user account, in particular based on a user name or other user ID, and, if applicable, a password, wherein the password may not always be requested or needed. In general, the authentication or user credentials may comprise one, two, three or more than three different data items respectively specific for a user and selected from the group comprising: email address, user name, user ID, phone number, password, pin, registered user account associated with an online service provider (e.g. email provider) etc..

In embodiments, the method performed by the electronic processing apparatus may comprise a one, two, or multiple factor authentication. In case of a two or multiple factor authentication, the method steps discussed in connection with claim 1 may at least in part be repeated for each factor of the multiple factor authentication. At least, the method may be performed at least one for a first factor of the two or multiple factor authentication. A second or further factor may be exchanged and requested according to the suggested method or the second or further factor may be directly provided to the first external device or authenticating authority, for example, by the second external device, by a further external device, or by an online entity or system suitable for confirming or validating the email address, user name, user ID, phone number, user account etc. as a valid first factor. Such an online entity or system may for example be or relate to a user account registered in a social networking system, such as Facebook® etc., an online service provider, e.g. an online email provider such as Google® etc..

As an example, an inquiry related to a first factor of a two-factor authentication may be based on the method according to claim 1 and as discussed above. Once the first factor of the two factor authentication is communicated or sent to the first external device, the first external device may request a second factor, which request may include, at least in part, the steps according to claim 1 with the authentication request relating to the second factor. As mentioned above, the second factor may be transferred to the first external device or to the authenticating authority associated with the first external device in a different way without using the suggested method or all of the suggested method steps, e.g. by direct wireless transmission, e.g. via an application installed on the second wireless device or other type of authentication. In embodiments, in response to the appliance sending a first factor, e.g. an email address or an identifier associated with an online account, of a two factor authentication to the first external device, the second external device may receive a message, e.g. an SMS message, including a second factor, such as a PIN, for transmittal to the first external device or directly to an associated authenticating entity or authority. The second factor, e.g. the SMS message or PIN, may be communicated to the first external device using the steps of the suggested method, or the second factor may be communicated or notified to the first external device or associated authenticating entity or authority differently, e.g. directly by wireless transmission.

In an embodiment, the second external device or a further external device may receive a second factor. The second factor may then be requested based on a method according to the steps of claim 1, with the second factor being received at the household appliance from the second external device. The second external device may prompt a user to input data associated with the second factor for generating further third data suitable for generating a further third data message related to the second factor. In an embodiment, the second external device or the further external device associated with the second factor authentication may automatically or in response to a user confirmation send a third data message including the second factor of the second factor authentication to the household appliance, the third data message including authentication credentials for the second factor of the second factor authentication. The household appliance may then send the third data message to the first external device for authentication based on the first and second factor. In view of this, the method as suggested in claim 1 may be performed for the first factor and in full or at least in part for the second factor for finally authenticating access.

In embodiments, which do not involve a multi-factor authentication, the authentication credentials may include two data items, i.e. a first data item related to a user specific string, such as an email address, a name, an ID etc. and a second data item such as a password. In this case, the method steps according to claim 1 may be carried out once covering both data items, and the authentication may be carried out based on the two data items in a single authentication procedure.

In embodiments, the populating of the authentication request may include populating a user email address field and, if required, a password field, based on the information included in the third data message. The populating may include extracting information from the third data such as user email address, and password and completing the authentication request with the extracted data for use in authenticating access to the target network. The expression "for use in authenticating access" shall mean that respective data may be sufficient for authentication (e.g. email address and password) or that respective data represent an essential part for authentication, e.g. an email address, and further parts, such as a second factor in a multiple-factor authentication, may be required for authentication. The further parts or additional factors may be provided as discussed herein in connection with embodiments.

After successful authentication, which may be notified or signaled from the first device to the appliance, the household appliance may disconnect or terminate the second wireless link while keeping the first wireless link.

Similarly, an unsuccessful or failed authentication may be notified or signaled from the first device to the appliance. In this case, the appliance may proceed with resending a second data message to the second device, the second data including a further request for authentication credentials, and, optionally, the appliance may notify unsuccessful authentication to the second device.

After one or more unsuccessful authentication attempts, the appliance may send a failure notice to the second device.

In embodiments, the appliance may detect available first devices as possible target access points suitable for establishing a first wireless connection for authenticating access to a target network, and send a notification to the second device including a list of available first devices together with a selection request for selecting one of the possible target access points. Upon receiving a selection from the second device, the appliance may proceed with the method described above for authenticating access to the target network using the selected target access point.

According to embodiments, if authenticating access with a target access point fails, the appliance may notify to the second device one or more available target access points different from the target access point associated with the failed authentication, and request, from the second device, a selection of a different target access point. After receiving a respective selection, the appliance may proceed with the method described above using the selected target access point.

In embodiments, which may be claimed independently from other embodiments, the appliance may perform the steps set out in claim 1, wherein in such embodiments, the first data have a data format that is different from the second data format. In other words, the first data have a first data format, and the second data have a second data format, wherein the data formats are different. For example, the first data may relate to a captive portal associated with the first device or, generally, to webpage information/messages, whereas the second data may relate to or include other content/information. Specifically, the second data may relate to or comprise application-specific data, i.e. data specific for being processed or handled by an application executing or to be executed on the second device. The second data may for example may include a value or indicator notifying an application to be executed or executed on the second device, what information to request from the user. In this case, the application on the second device may, in response to receiving the value or indicator, generate an input prompt on a user interface of the second device, the input prompt requesting authentication credentials from the user for authenticating the target network. The value or indicator may for example include or relate to a particular process to execute in the application and trigger execution of the process in the application. The process to be carried out in the application may for example generate on a user interface of the application an input prompt for inputting authentication credentials in the user interface of the application. In another example, the value or indicator as such may include an input prompt to be displayed on the second device, e.g. in the application, for inputting user credentials.

In embodiments, the second data may in embodiments include or be in an application specific format, such as an application specific proprietary data format for an application to be executed on the second device, the application on the second device being adapted for communication with the household appliance via the second wireless link. Specifically, this application may be different from a web browser application, i.e. a non-webbrowser application, but this application may relate to or be an application designed for, and provided for the dedicated purpose of setting up, provisioning and/or registering the appliance and/or remotely monitoring, managing and/or controlling the appliance. The application may be provided for installation and execution on the second external device.

In embodiments, the first data may be webpage data, in a web browser readable format, and the second data may be in a different format. The different format may be a non-webbrowser readable format, i.e. a format different from formats readable by webbrowser technology. Specifically, the second data may not be a webpage or in a webpage format.

In embodiments, generating the second data from the first data may include extracting selected information from webpage data corresponding to the first data and including that selected information as the value, parameter or indicator mentioned above or choosing the value, parameter or indicator mentioned above based on the selected information and including the chosen value, parameter or indicator in the second data.

The advantage of different data formats, specifically simple values or indicators, mentioned beforehand is that the household device need not transmit or forward to the second device all data related to an authentication prompt of the target access point or target network, such as data associated with a captive portal or webpage information/messages. By this, data exchange between the household appliance and the second device over the second wireless link may be simplified, for example in that the amount of data to be transmitted from the household appliance to the second device may be reduced. This may enable using, for the second wireless link, wireless protocols with reduced data transfer opportunities or capabilities. For example, Bluetooth® may be used for the second wireless link. Another advantage is that the data format, and the second data, may be selected taking into account constraints existing at or on the second device, such as UI constraints of the second device and/or wireless communication constraints of a wireless communication channel of the second device. For example, instead of an entire webpage being transferred, sent to, and shown on the second device, the second device may use or provide a simplified user interface (UI) providing just the input fields for specific information needed. As an example, just one or more input fields for the authentication credentials, may be shown or presented on the UI or display of the second device, which may require a reduced amount of data to be transmitted and exchanged as compared to presenting and exchanging the content of whole webpages related to authentication. Reduced data amounts may be advantageous for faster data transfer, in particular for wireless technology having reduced data transfer restrictions, such as restrictions in maximal data package/message size. Additionally, by not simply forwarding all data related to the authentication prompt of the target network, the suggested method mitigates any security concerns associated with untrusted data from the access point.

Further, receiving the authentication credentials at the appliance together with the third data message may be advantageous with regard to subsequent or future authentications of the appliance in the target network. For example, the appliance may store the authentication credentials in a storage apparatus, such as a memory, of the appliance and use the stored authentication credentials in subsequent or future processes for authenticating access to the target network, in particular without requiring the appliance to request the authentication credentials from the user via the second device again.

In this connection, the method as proposed herein and performed by the household appliance may include a step of checking, by the appliance, whether authentication credentials for authenticating access to the target network are stored or available at the appliance, and if the appliance determines that respective authentication credentials are available, the appliance may authenticate access to the target network using the stored authentication credentials in a self-contained manner, i.e. without involvement of the second device.

In an embodiment, which may be claimed independently from other embodiments, the first and second wireless links are based on a WLAN technology. In particular, embodiments, the first and second wireless links may be Wi-Fi® communication links.

In embodiments, in which the first and second wireless links are based on WLAN or WiFi, a Network Address Translation Service (NAT) may be implemented on the processing apparatus for translating network addresses between the first and second wireless links.

In embodiments, in which the first and second wireless links are based on WLAN or WiFi, a HTTP Proxy Server (HTTP Proxy) may be implemented on the communication apparatus for mediating HTTP/HTTPS communications between the first and second devices via the first and second wireless links.

In embodiments, the processing apparatus may comprise one or more processors, such as microcontrollers (MCU). In embodiments, the same MCU that deals with generating the second data from the first data, i.e. transforming the first data into the second data, may also deal with the NAT and HTTP Proxy.

In embodiments, the processing apparatus may comprise a network interface unit or network interface card comprising a number of MCUs. One of the MCUs may be implemented as an application MCU for transforming the first data into the second data and for handling the NAT or HTTP Proxy. A different MCU from the number of MCUs may be implemented as a connectivity MCU for handling the wireless communication, in particular for handling data received by the application MCU to send it over wireless link channels, for ensuring data integrity etc..

Further, a general appliance CPU may be provided, which may be implemented for handling a user interface part of the appliance, for example, a user interface provided and enabling user-based control and setting of operational modes of the appliance.

In embodiments, the first wireless link may be based on a WLAN, and the second wireless link may be based on a WPAN communication protocol. In particular, in embodiments, the first wireless link may be a Wi-Fi communication link and the second wireless link may be a Bluetooth communication link enabling, for example, IPv6 data traffic. As a specific example, the Bluetooth communication link may be a Bluetooth Low Energy, BLE, communication link.

In embodiments, in which the first and second wireless link is based on WLAN and the second wireless link is based on WPAN, such as Bluetooth, a Network Address Translation Service (NAT) associated with the WLAN, and an Internet Protocol Support Service (IPSP) associated with the WPAN may be implemented on the processing apparatus. Similar as described above, the NAT or IPSP may be implemented on the same MCU, e.g. an application MCU, dealing also with the transforming of the first data into the second data, and a connectivity MCU may be provided for handling the wireless communication.

In embodiments, the first wireless link may be based on a Wi-Fi, communication protocol, and the second wireless link may be based on a Bluetooth communication protocol, wherein a Bluetooth HTTP Proxy Service (HPS) profile may be implemented on the processing apparatus for mediating communications between the first and second devices via the first and second wireless links. Similar as described above, the HPS may be implemented on the same MCU, e.g. an application MCU, dealing also with the transforming of the first data into the second data, and a connectivity MCU may be provided for handling the wireless communication.

As can be seen, the underlying invention enables flexibility with regard to the types that can be used for the first and second wireless links. In particular, both wireless links may be WLAN, or the first wireless link may be WLAN and the second wireless link may be WPAN. In embodiments, the appliance may be configured for implementing both use-cases, i.e. WLAN-WLAN and WLAN-WPAN wireless links for the first and second wireless links, and the wireless link to be used may be requested from the second device. In embodiments, the appliance may be configured for implementing only one of the use cases. WLAN and WPAN are available with many existing access points and second devices, such as user terminals or user terminal devices, for example smart phones, tablets etc.

According to embodiments, the authentication may be related to or the authentication request may include a captive portal. According to the invention, information for populating the captive portal, such as user email address, and password, are requested by the appliance from the second device based on the second data or second data message. In embodiments, the electronic processing apparatus may be further configured or programmed, or the memory may store further instructions that when executed by the processor cause the processing apparatus to execute the steps: before sending the second data message to the second external device, sending, via the second wireless link, a message to the second device, the message including information on the availability of the authentication request for retrieval by the second external device, and responsive to receiving a return message from the second external device via the second wireless link, the return message including a retrieval request related to the authentication request, sending the second data message to the second external device.

This means, the appliance may first send an indication to the second device, the indication related to the possibility of authenticating the household appliance in the target network. The appliance may only then proceed to authenticating in the target network if the return message is received, which may be considered as a kind of approval for proceeding with authentication.

In embodiments, the processing apparatus may be configured for receiving a cancellation notification from the second device, the cancellation notification indicating to the appliance to cancel a current authentication procedure. Such a cancellation notification may for example be received from an application executing or configured to execute on the second device in response to a user selecting or activating a cancellation option displayed on a user interface of the application.

In embodiments, the electronic processing apparatus may further be configured or programmed, or the memory may store further instructions that when executed by the processor cause the processing apparatus to execute the steps: storing an identifier, such as an SSID (Service Set Identifier), of the target network on the memory, and using the stored identifier in a subsequent process for connecting to the target network, after disconnection from the target network.

Storing the identifier for subsequent use may facilitate authenticating the appliance in the target network.

In embodiments, the electronic processing apparatus may further be configured or programmed, or the memory may store further instructions that when executed by the processor cause the processing apparatus to execute the steps: storing an identifier (SSID) of the target network together with the authentication credentials of the target network in a memory of the household appliance after successful authentication and connection to the target network.

In a further step, the stored identifier and the stored authentication credentials may be used by the processing apparatus for authenticating access and connecting to the network in a subsequent authentication process after a previous disconnection from the target network.

By this, subsequent authentications in the target network after disconnection from the target network may be executed substantially autonomously or self-contained by the household appliance without requiring input from the second device.

In embodiments, the household appliance may transmit a request to the second device whether autonomous authentication by the appliance shall be enabled or disabled. The appliance may, in response to such request, receive a corresponding notification from the second device including a value or indicator indicating autonomous authentication to be enabled or disabled. The processing apparatus may store the value or indicator for use in connection with subsequent authentication processes. For example, if autonomous authentication is enabled, the appliance may authenticate in the target network without requiring information from the second device. If, and as long as autonomous authentication is disabled, the appliance may request authentication and/or authentication credentials from the second device each time a process carried out on the appliance or by the processing apparatus requires accessing a network.

In embodiments, the electronic processing apparatus may further be configured or programmed, or the memory may store further instructions that when executed by the processor cause the processing apparatus to execute the following steps prior to receiving the first data message: establishing the second wireless link, e.g. a corresponding first wireless connection, to the second external device; and establishing the first wireless link, e.g. a corresponding second wireless connection, to the first device.

Establishing the first wireless connection may include: sending a fourth data message to the second external device, the fourth data message including one or more network identifiers, the network identifiers identifying one or more available networks available at the household appliance and suitable for connection with the communication unit to provide the first wireless link, the fourth data message further including a selection request for selecting one of the one or more available networks as the target network; in response to sending the fourth data message, receiving, via the second wireless link from the second external device, a fifth data message including a selection of one of the one or more available networks as the target network.

In this embodiment, the appliance is configured for requesting from the second device which of one or more available and suitable networks and/or access points to use for accessing a target network. This may be advantageous if several possible access points and networks are available and can be detected by the appliance for establishing a wireless link. Wireless links are nowadays common for many locations. In particular, a target network or access point may be selected for which the user has or knows authentication credentials and/or which is most suitable, for example with regard to signal strength etc.

In an alternative, establishing the first wireless connection may include: receiving, via the second wireless link from the second external device, a fifth data message including a selection or indication of one of the one or more available networks as the target network.

In the alternative, the target network is selected via the second device without requiring the appliance to scan and report available networks. Scanning available networks by the appliance may be advantageous with regard to identifying possible target networks compatible with the communication and communication protocols implemented on the appliance.

Both alternatives described beforehand, may comprise: in response to receiving the fifth data message, sending a sixth data message including a connection request to the first external device, providing an access point, in the network selected as the target network to establish the first wireless link; the first data message received after sending the sixth data message, meaning that after the sixth data message, the appliance may proceed with the authentication procedure described above. It should be noted that between the sixth and the first data message, further intermediate messages may be exchanged.

In embodiments, the electronic processing apparatus may further be configured or programmed, or the memory may store further instructions that when executed by the processor cause the processing apparatus to execute the step: disabling the second wireless link after successfully authenticating access and connecting to the target network while maintaining the first wireless link to the target network, in particular for self-contained data exchange with the target network.

Accordingly, after successful authentication of the appliance in the target network, the second wireless link, which has been established for obtaining authentication credentials, may not be needed any more, for example, if the appliance is configured for self-contained, i.e. autonomous data exchange with the target network. As indicated above, the appliance may stay connected and authenticated in the target network. It is also possible that the appliance disconnects from the target network after data exchange and/or after a predetermined period of time. If disconnected, the appliance may autonomously authenticate in the target network as described above, or re-execute the authentication process involving the second device as suggested herein.

In embodiments, the electronic processing apparatus may be further configured or programmed, or the memory may store further instructions that when executed by the processor cause the processing apparatus to execute the step: accessing the target network for data exchange in a self-contained manner after successful authenticating access and connecting to the target network based on a unique network identifier assigned to the household appliance (e.g. a media access control - MAC).

The data exchange in a self-contained manner shall relate to exchanging data with the target network without requiring interaction or data exchange with the second device. Self-contained or autonomous data exchange may relate to the exchange of any data including but not limited to authentication data. In particular, the processing apparatus may be configured, after successful authentication, to be prepared or able to exchange data with the target network, e.g. by uploading and/or downloading data, in an autonomous manner without requiring the second device. For example, the processing apparatus may be configured, to upload use data or operational data or other data to a server in an autonomous manner without requiring additional user-input or user-interaction from the second device. Further, the processing apparatus may be configured, to download software, firmware, or other data, e.g. related to appliance operation, in an autonomous manner without requiring additional user-input or user-interaction for authenticating data exchange via the second device. Yet further, the processing apparatus may be configured and enable data exchange in connection with maintenance and remote services. A self- contained data exchange may simplify all processes related to network data exchange.

In embodiments, in which the first and second wireless links are WLAN or WiFi, the electronic processing apparatus may further be configured or programmed, or the memory may store further instructions that when executed by the processor of the processing apparatus cause the household appliance to: operate in an access point mode for communications over the second wireless link, and operate in a station mode (STA) for communications and data exchange over the first wireless link.

In case that the first and second wireless links are WLAN or WiFi, the processing apparatus may, in the access point mode, scan available WLAN or WiFi networks and send data about found available networks to the second device. The processing apparatus may, subsequent to sending the available networks, receive from the second device a selection of a particular network, e.g. SSID, for use by the appliance. In case of the first and second wireless links being Wi-Fi, the processing apparatus may use softAP for the access point mode. Once the appliance is connected to the target network, the processing apparatus may stop the access point mode, and proceed with operation in station mode, in particular for self- contained or autonomous data exchange based on the first wireless link with the target network.

In embodiments, in which the first wireless link is WLAN or WiFi and the second wireless link is WPAN, in particular Bluetooth, the electronic processing apparatus may further be configured or programmed, or the memory may store further instructions that when executed by the processor of the processing apparatus cause the household appliance to operate in a peripheral mode relative to the second device, with the appliance acting as the peripheral, secondary or slave device and the second device acting as the central, primary or master for establishing the WPAN or Bluetooth communication link.

According to embodiments, a user terminal is provided, in particular a portable user terminal such as a smartphone, tablet computer, or laptop, etc.. The user terminal comprises a user interface, a wireless communication apparatus configured for establishing a wireless connection with the household appliance according to any of the household appliances described herein in connection with the invention over the second wireless link. The user terminal is configured for operating as the second external device. The wireless communication apparatus of the user terminal is operatively coupled to an electronic processing apparatus of the user terminal having an associated memory storing instructions that, when executed by the electronic processing apparatus of the user terminal, cause the user terminal to perform at least one of the following: establishing the second wireless link to the household appliance; receiving the second data message including the second data, and extracting the second data from the second data message; in response to receiving the second data message and extracting the second data, generating a first input prompt on the user interface requesting a user to input authentication credentials as requested by the second data, receiving an input via the user interface, the input comprising authentication credentials input by a user, generating the third data message including the authentication credentials, and sending the third data message via the second wireless link to the household appliance.

In embodiments, the memory stores further instructions that, when executed by the electronic processing apparatus of the user terminal, cause the user terminal to perform the following step: before receiving the second data message, receiving a message including information on the availability of the authentication request at the household appliance, in response to the message, sending a retrieval request via the second wireless link to the household appliance, and responsive to the retrieval request receiving the second data message;

In embodiments, the memory stores further instructions that, when executed by the electronic processing apparatus of the user terminal, cause the user terminal to perform the following step: receiving the fourth data message including one or more network identifiers, the network identifiers identifying one or more available networks available at the appliance and suitable for connection with the communication apparatus via the first wireless connection, and including a selection request for selecting a target network amongst the one or more available networks; responsive to the fourth data message, generating a second input prompt on the user terminal, e.g. a user interface, together with a list of the network identifiers or associated network names of the one or more available networks, the second input prompt prompting a selection of one of the one or more available networks, responsive to the second input prompt, receiving a selection of one or the one or more networks as a target network from a user, and generating the fifth data message and sending the fifth data message to the household appliance via the second wireless link.

According to the invention, the method steps disclosed to be performed by the appliance and the user terminal shall be considered as complementing each other, meaning that in a system including both the appliance and the second device, the authentication as described may be performed. The processes performed by the appliance and device are kind of reversed in that if the appliance sends data, the second device receives corresponding data etc.

In embodiments, a system is provided the system, comprising a household appliance according to any embodiment described herein in connection with the invention and a user terminal according to any embodiment described herein in connection with the invention.

In embodiments, a computer-program product including computer-readable instructions that, when executed by the electronic processing apparatus of the household appliance according to any embodiment described herein in connection with the invention, cause the household appliance or processing apparatus to perform a method comprising the following steps: receiving from the first external device via the first wireless link a first data message including first data associated with an authentication request for authenticating access to the target network via the target access point; in response to receiving the first data message, processing the first data message and extracting from the first data message the first data associated with the authentication request; generating, from the first data, second data including a request for obtaining authentication credentials from the second device for populating the authentication request; generating a second data message including the second data and sending, via the second wireless link, the second data message to the second device; in response to sending the second data message, receiving from the second external device via the second wireless link a third data message, the third data message including the authentication credentials; populating the authentication request with the authentication credentials and sending the populated authentication request to the first external device via the first wireless link for use in authenticating access and connection to the network; and, optionally, responsive to receiving a positive authentication message from the first external device, establishing a connection to the network for data exchange with the target network, and/or disabling the second wireless connection.

The operation and steps disclosed in connection with embodiments of the household appliance above may be implemented with the computer-program product and vice versa.

In embodiments, a computer-program product including computer-readable instructions that, when executed by the electronic processing apparatus of the user terminal according to any embodiment described herein in connection with the invention, cause the user terminal or the electronic processing apparatus to perform a method comprising at least one of the following steps: establishing the second wireless link to the household appliance; and in response to receiving the second data message and extracting the second data, generating a first input prompt on the user interface requesting a user to input authentication credentials requested by the second data, receiving an input via the user interface, the input comprising authentication credentials, generating the third data message including the authentication credentials, and sending the third data message via the second wireless link to the household appliance.

The method performed may in embodiments also comprise before receiving the second data message, receiving a message including information on the availability of the authentication request at the household appliance, in response to the message, sending a retrieval request via the second wireless link to the household appliance, and responsive to the retrieval request receiving the second data message including the second data, and extracting the second data from the second data message.

The operation and steps disclosed in connection with embodiments of the user terminal above may be implemented with the computer-program product and vice versa.

DETAILED DESCRIPTION OF PREFERRED EMBODIMENTS

Exemplary embodiments of the invention will now be described in connection with the annexed figures. In the figures, like elements or components will be denoted with like reference signs, unless otherwise indicated.

In the figures:

FIG. 1 shows an exemplary arrangement of a household appliance, a first external device, and a second external device;

FIG. 2 schematically shows a household appliance and components thereof;

FIG. 3 illustrates method steps for authenticating the household appliance in a target network;

FIG. 4 shows a first example for a possible setup for wireless communication;

FIG. 5 shows a second example for a possible setup for wireless communication;

FIG. 6 shows a third example for a possible setup for wireless communication;

FIG. 7 illustrates optional steps that may be carried out in connection with the method described in connection with FIG. 3; and

FIG. 8 illustrates further optional steps that may be carried out in connection with the method described in connection with FIG. 3.

FIG. 1 shows an exemplary system and arrangement of a household appliance 1, a first external device 2, and a second external device 3. The household appliance 1 may be any appliance as defined further above, such as ovens, cookers, dishwashers, washing machines, refrigerators etc. The first external device 2 may for example be an access point such as a WLAN router or similar device. The second external device 3 is shown as a mobile phone, but may be any other user terminal or user communications terminal as indicated further above.

Components of the household appliance 1 involved in operations according to the underlying invention are schematically shown in FIG. 2. Other components or elements related to the household work to be performed by or with the household appliance 1 are not shown.

The household appliance 1 comprises a communication apparatus 4, i.e. an apparatus that is suitable for wireless communication based for example on WLAN and/or WPAN, and one or more antennas 5. On a note, FIG. 2 shows only one antenna, but there may be provided two, three, or more antennas according to respective needs, such as one or more WLAN antennas and one or more WPAN antennas etc.

The one or more antennas 5 are configured for establishing a first wireless link 6 with the first external device 2, and for establishing and a second wireless link 7 with the second external device 3.

Each wireless link 6 and 7 is based on a wireless communication protocol. For example the following combinations are possible: i) both wireless links 6, 7 are WLAN, such as WiFi, or ii) the first wireless link 6 is WLAN, in particular WiFi, and the second wireless link 7 is WPAN, such as Bluetooth.

The first external device 2 is configured for providing a target access point for accessing a target network 8, for example the Internet. The first external device 2 is configured for providing access to the target network 8.

The household appliance 1 comprises an electronic processing apparatus 9 communicatively coupled, e.g. via data lines 10 or otherwise, to the communication apparatus 4. Albeit the electronic processing apparatus 9 and communication apparatus 4 are depicted as two different entities, they may be implemented as a single entity and/or integral entity, or they may include more than two entities. The electronic processing apparatus 9 may include one or more processors and/or microprocessors (not explicitly shown in the figures).

The electronic processing apparatus 9 is configured to perform, as illustrated in FIG. 3, a method comprising: receiving 300 from the first external device 2 via the first wireless link 6 a first data message 12 including first data 13 associated with an authentication request for authenticating access to the target network 8 via the target access point provided by the first external device 2; in response to receiving 300 the first data message 12, processing 301 the first data message 12 and extracting 302 from the first data message 12 the first data 13 associated with the authentication request; generating 303, from the first data 13, second data 14 including a request 15 for obtaining authentication credentials from the second device 3 for populating the authentication request; generating 304 a second data message 16 including the second data 14 and sending 305, via the second wireless link 7, the second data message 16 to the second device 3; in response to the sending 305 the second data message 16, receiving 306 from the second external device 3 via the second wireless link 7 a third data message 17, the third data message 17 including the authentication credentials 18; populating 307 the authentication request 18 with the authentication credentials 18 and sending 308 the populated authentication request 19 to the first external device 2 via the first wireless link 6 for use in authenticating access and connecting to the target network 8. Authentication in the network or access to data available in the network may, for example, involve a network access server 20.

If the authentication credentials 18 are correct, the first external device 2 or a network access server 20 associated with the target network 8 grants access 309 to the target network 8.

The electronic processing apparatus 9 being configured to perform the method may be implemented by the electronic processing apparatus 9 comprising an associated memory 11 storing instructions that when executed by a processor of the electronic processing apparatus 9 cause the electronic processing apparatus 9 to perform the method.

The authentication request 19 may for example involve or be associated with a captive portal. In accordance with the suggested method, it is not required to pass all data and content associated with the captive portal through to the second external device 3. Rather, a simple value or instruction may be sent from the household appliance 1 to the second external device 3. In preferred embodiments, the first data 13 may have a different data format than the second data 14. For example, the second data 14 may comprise or consist just of a value, parameter, or instruction telling an application installed on the second external device 4 what information to request from the user, e.g. user email address and password etc., whereas the first data may include webbrowser readable data, including code, web-page content, captive portal data etc. Specifically, the second data may not comprise a webform or other code readable by a web browser. Instead it may comprise data in a format readable by a non-webbrowser application on the second external device 4. More specifically, the first data may be in a webbrowser readable language such as HTML, CSS or Javascript and the second data may be in a different language or format. As an example, the value or instruction may be or include an indicator for a particular process to execute in the application, or it could be an indicator corresponding to a requirement for a user to enter authentication or user credentials on the second device 3. As can be seen, the second data 14 and correspondingly the second data message 15 do not necessitate transmitting large data messages from the household appliance 1 to the second external device 3. Similarly, requesting authentication credentials from the second external device 3 does not require large data messages, and may be mediated through the household appliance without the second device 3 being required to access the target network, which is suitable for making opaque involvement of the second device 3. In particular, the data exchange for authentication may be simplified.

As described further above, the first and second wireless links 6, 7 and the operation and setup of the household appliance 1 for data transmission via the wireless links have some flexibility for implementation.

FIG. 4 shows a first example for a possible setup of the household appliance 1, the first and second external devices 2, 3, and the first and second wireless links 6, 7. Specifically, in the first example, the first and second wireless links 6, 7 are based on WiFi. In the configuration shown in FIG. 4, the second wireless device 3 may be connected to the household appliance 1, with the household appliance 1 working or operating in a WiFi softAP (AP) mode. A user may select a name of the household appliance 1 based on SSID (Service Set Identifier) and the second external device 3 may connect to the household appliance 1 based on the selection. Thereafter the household appliance 1 may be connected to the first external device 2, acting as a target WiFi access point. The target WiFi access point may be a public WiFi network with captive portal for authorization of Internet connection, for example. In other implementations, the household appliance may first connect to the target WiFi access point and only after receiving the first data message, establish the second wireless link with the second external device 3 in order to authenticate access to the target network. For interaction with the target network 8, the household appliance 1 features the Network Address Translation (NAT) functions, which allow to handle and pass required data for authorization in the target network 8 from the second external device 3 through the household appliance 1. This may make opaque involvement of the second external device 3 in authentication of the household appliance 1 in the target network 8. The household appliance 1 may establish a combined operational mode in which the household appliance 1 operates in an access point (AP) mode with respect to the second wireless device 3 and a station (STA) mode with respect to the target WiFi access point. In other implementations, it may operate in station mode with respect to both external devices. In these modes, the household appliance 1 may scan available WiFi networks and may send data about found networks to the second wireless device 3 via the WiFi connection established with the household appliance 1. In response, the user may select on the second external device 3, e.g. in an application executing on the second external device 3, a target network 8, based on WiFi SSID for example, for connection. The target network 8 may incorporate a network access server 20 or authentication server, with a captive portal incorporated. Once the target network 8 is selected, the household appliance 1 may be authenticated in the target network 8 according to the method described above.

In particular, the user may be prompted, e.g. by an application executing on the second external device, to input authentication credentials 18, e.g. user email address or a password, for connecting the household appliance to the target network 8.

After receiving the authentication credentials 18 from the second external device 3, the household appliance 1 may connect to the target network 8 by using the authentication credentials. After successful authentication, which may be signalled to the household appliance 1, the household appliance 1 may send a corresponding information or notification of successful authentication to the second external device 3, e.g. for display to the user in a user interface. After successful authentication, the household appliance 1 may disable the second wireless link 7.

With this approach, the user, e.g. based on an application executed on the second external device 3, is involved for authenticating the household appliance 1 in the target network 8, e.g. based on an authentication server involving a captive portal, with the user inputting the authentication credentials 18 for accessing the target network 8 or for accessing resources available in or through the target network 8, e.g. the Internet. The authentication includes a wireless transmission chain including the second device 3, the household appliance 1, and the first device 2. By means of NAT featured in the household appliance 1 all data for authentication and, e.g. Internet access, can be inputted into the second external device 3 and forwarded through the household appliance 1 to the target network 8 for authentication and granting access.

If authentication is positive, a notification may be provided in a user interface of the second external device 3. Further, in case of successful authentication and connection to the target network 8, such as the Internet, the data inputted by the user, i.e. the authentication credentials 18, may be stored in the memory 11 of the household appliance 1, which data may be associated with the selected target network, e.g. in form of a target WiFi SSID, in particular if personal data such as login and password, are required for authentication.

If authentication involves a two-factor authentication, e.g. via SMS or a call through a cellular network, respective one-time keycodes obtained by SMS or the call may not be saved or stored in the memory 11 of the household appliance 1. In this case, only the selected target network SSID may be stored in the memory 11.

Once the household appliance 1 is authenticated in the target network 8, the household appliance 1 may proceed with a self-contained operation with regard to communications between the household appliance 1 and the target network 8, i.e. an operation without requiring mediation from or involvement of the second external device 3. This operational mode may start after receiving a confirmation on successful authentication and/or connection to the target network 8. The household appliance 1 may then disable the own access point mode (SoftAP) and proceed in station mode (STA), in which the household appliance 1 remains connected to the target network 8 for data access and/or data exchange, while the second external device 3 gets disconnected from SoftAP of the household appliance 1.

Captive portals, e.g. of public WiFi networks, quite often register a MAC address of devices authorized for Internet access. As the household appliance 1 was exposed to the target network 8 during authentication, the MAC address of the household appliance 1 may be registered in the target network 8 for subsequently accessing the target network, e.g. the Internet, in a self-contained manner, i.e. without mediation through or involvement of the second external device. 3.

Featuring NAT in the household appliance 1 allows passing the authentication procedure even without extensive user interfaces, such as a Web browser, for transferring personal access data into Web pages of the captive portal at the household appliance 1. The user interface used for authentication is a user interface provided by and used in the second external device 3. As can be seen, the process for authenticating the household appliance 1 in the target network 8, such as the Internet, can be performed without requiring dedicated user interfaces at the household appliance 1. In particular, Web-based authorization for household appliance 1 identification and authorization in a target network, such as a public WiFi network existing for example in a block of flats, in a holiday home, in student residences, at airports, in restaurants, etc., may be carried out without requiring dedicated user interfaces at the household appliance 1. Further, a household appliance 1 may even be authenticated in a target network, e.g. for WiFi Internet access, where the user does not have an own network access point, such as an own WiFi router.

User identification may involve different kinds of sources, such as cell-phone number, ID document number, linked social network account(s), etc., if required for example by local legislation or a billing system, for network access.

The suggested method(s) enable enhanced and simplified user experience use cases and engagement in connection with authenticating a household appliance 1 in a target network 8 for data access and exchange. This may result in reduced cost for users, e.g. for internet access, for example for connectivity maintenance of household appliances 1. The method(s) also support technologies related to connected or interconnected appliances and appliance registration even for users that to not have a private network access.

FIG. 5 shows a second example for a possible setup of the household appliance 1, the first and second external devices 2, 3, and the first and second wireless links 6, 7. Specifically, in this solution, the first wireless link is WiFi, and the second wireless link is Bluetooth. This means that, as compared to the first example, the wireless connection between the household appliance 1 and the second external device 3 is substituted from WIFI onto Bluetooth. The communication between second external device 3 and the household appliance 1 may be established in Bluetooth media through Internet Protocol Support Profile (IPSP - standard Bluetooth Generic Attribute Profile) by means of IPv6 packets exchange, for example. In embodiments, the household appliance and the second external device will exchange messages in an inquiry process and the user interface of the second external device will show the appliance as available for connecting to using Bluetooth. A user may select the name of the household appliance 1 on the user interface of the second external device 3 and the second external device 3 may pair with the household appliance 1 based on the selection. The second external device may take the central role and the appliance the peripheral role, or vice versa. In this operational mode, similar to the first example, the second external device 3 reaches and passes data through a Network Address Translation (NAT) component deployed or implemented at the household appliance 1 to cooperate with the first external device 2, such as a target WIFI access point (AP). Network authentication, e.g. via a captive portal, may be provided for the household appliance 1 mediated through the second external device 3. In this operational mode, NAT may be used in concert with IPv6 traffic over Bluetooth engaging an IPSP (Bluetooth specific) protocol, profile, or method.

FIG. 6 shows a third example for a possible setup of the household appliance 1, the first and second external devices 2, 3, and the first and second wireless links 6, 7. Specifically, as compared with the first example, in the third example, the communication technology between the second external device 3 and the household appliance 1 is substituted from WIFI to Bluetooth, which is similar to the second example. As described in the second example, a user may select a name of the household appliance 1 on the user interface of the second external device 3 and the second external device 3 may pair with the household appliance 1 based on the selection. The second external device may take the central role and the appliance the peripheral role, or vice versa. The second wireless link 7 is based on Bluetooth, and the household appliance 1, instead of engaging Network Address Translation (NAT) like in the first example, engages a Bluetooth HTTP Proxy Service (HPS - standard Bluetooth Generic Attribute Profile). The reminder of the components may be similar to the first and second example.

In the third embodiment, the HPS plays a similar role as NAT in a sense that the second external device 3 may take control over appliance configuration and/or connection to the or a target network 8 by means of an application, e.g. a webbrowser like application, executing on the second external device 3. The applicaton on the second external device 3 acts on behalf of the household appliance 1 for authentication, in particular for providing authentication credentials, needed, for example, for populating a captive portal.

In the examples of both FIG. 5 and FIG. 6, where the communication technology between the second external device 3 and the household appliance 1 is Bluetooth, the third data message may, in some implementations, be formatted according to a first protocol and encapsulated according to the relevant Bluetooth profile or protocol, e.g. IPSP or HPS as indicated above. The first protocol may be a protocol compatible with communication over the Internet such as HTTP or HTTPs. By formatting data, in the second external device, according to a first protocol supported by the first external device, processing in the household device can be reduced.

Returning now to FIG. 3, FIG. 7 illustrates optional steps that may be carried out in connection with the method shown in FIG. 3. With the method steps according to FIG. 7, the household appliance 1 may, after a determination that connection to the target network 8 is associated with an authentication request, and before sending 305 the second data message 16 to the second external device 3, send 310 via the second wireless link 7 a message 21 to the second external device 3. The message 21 may include information or a notification on the availability of an authentication request, and that such a request may be retrieved by the second external device 3.

In response to receiving 311 a return message 22 from the second external device 3 via the second wireless link 7, i.e. in response to the second external device 3 sending the return message 22, the household appliance 1 may proceed with sending 305 the second data message 16 to the second external device 3.

The return message 22 may include a retrieval request or similar related to the authentication request and may act as a confirmation from the second external device 3 that the household appliance shall send 305 the second data message 17. The steps 310 and 311 are associated in FIG. 3 and FIG. 7 by an encircled "A" and dashed lines indicating that these steps are optional. Further, the encircled "A" and curly brackets indicate the location of the additional steps within the steps of FIG.

3.

In particular, steps 310 and 311 may be carried out any time after the receiving 300 the first data message 12 and before the sending 305 of the second data message 16.

In embodiments, the second data message 16 may include an option for cancelling authorization or interrupting the communications between the household appliance 1 and second external device 3 in connection with obtaining the authentication credentials. The option to cancel or interrupt respective communications may, in embodiments, be implemented as a user selectable option in the application executed on the second external device 3.

In embodiments, an identifier, such as an SSID identifier, of the target network 8 may be stored in the memory 11 of the household appliance 1, and the target network 8 associated with the identifier may be used in subsequent authorizations in the target network 8.

In embodiments, the identifier of the target network 8 may be stored together with the authentication credentials 18 received from the second external device 3 in the memory 11 of the household appliance. In this case, the household appliance 1 may authenticate access to the target network 8, e.g. in subsequent authorizations after an initial authentication, without new involvement of the second external device 3. With reference to FIG. 3, Fig. 8 illustrates further optional steps that may be carried out in connection with the method described in connection with FIG. 3. These further steps relate to establishing the first and/or second wireless connections 6 and 7, i.e. these steps may relate to a situation in which the first and/or second wireless connection 6, 7 have not been established yet.

In step 312, the second wireless device 3 and the household appliance 1 may mediate and exchange data related to establishing the second wireless connection 7. For example, one of the antennas 5 of the household appliance 1 may be active or be activated and the second external device 3, e.g. the application executed on the second external device 3, may detect respective signals and a possible wireless link for establishing a wireless connection with the household appliance 1. The wireless link may be notified in the application for user selection, and upon user selection, the wireless link may be established. If the wireless link is WiFi, the appliance may act as an access point, with regard to the second wireless link, and the second external device may act as a station, or vice versa. If the wireless link is a Bluetooth link, the second wireless device 3 acts as the central or primary unit, while the household appliance 1, with regard to the second wireless link 7, acts as a peripheral or secondary unit, or vice versa.

Specifically, in the case of WiFi, an application executed on the second external device 3 may display an SSID associated with an available WLAN or WiFi of the household appliance 1, and in response to a selection of a WLAN or WiFi by a user in the application, the second external device 3 and the household appliance 1 may establish a corresponding WLAN or WiFi link. Further, Bluetooth links may be established based on GAP (Generic Access Protocol).

After mediation in step 312, the second external device 3 and household appliance 1 may proceed with establishing 313 the second wireless connection 7.

Once the second wireless link 7 is established, the household appliance 1 may proceed with sending 314 a fourth data message 23 to the second external device 3, the fourth data message 23 including one or more network identifiers 24, such as SSID identifiers, each network identifier 24 identifying a network or access point, such as a router, available at or for the household appliance 1, and suitable for establishing a wireless connection with the communication apparatus 4 via a first wireless link or first wireless connection 6. The fourth data message 23 may further include a selection request for selecting one of the one or more available networks as the target network 8. The selection request may for example relate to a prompt or invitation for a user of the second external device 3 to select a network or access point in a user interface of the second external device 3, in particular a user interface of the application. A respective prompt or invitation may be signalled to the user in the application executed on the second external device 3.

In response to the sending 314 of the fourth data message 23, the household appliance 1 may receive 315, via the second wireless link 7 from the second external device 3, a fifth data message 25 including a selection of a selected identifier 26 of an available network or target access point as the target network 8. The selected identifier 26 may be selected by the user of the second external device 3 in an application executing on the second external device 3.

The household appliance 1, in response to receiving 315 the fifth data message 25, may initiate establishment 317 of the first wireless link 6, including, for example, sending 316 a sixth data message 27 to the first external device 2 using for example WLAN or WiFi technology. The sixth data message 27 may be associated with the target access point according to selected identifier 26. Further, the sixth data message 27 may include a connection request 28 for establishing the first wireless link 6. Based on the connection request 28 the method may proceed with establishing 317 the first wireless link 6 between the household appliance 1 and the first external device 2.

In an alternative, the household appliance 1 may receive, via the second wireless link 7, from the second external device 3, the fifth data message 25 without requiring a fourth data message 23 to be transmitted from the household appliance 1 to the second wireless device 3 beforehand. This fifth data message 25 may include a selection of a selected identifier 26 of an available network or target access point for connecting to the target network 8. The target access point or network according to the selected identifier 26 may then be used for establishing the first wireless link 6.

After the steps 312 to 317, the first and second wireless links 6 and 7 are established, and the household appliance 1, specifically the electronic processing apparatus 9 and communication apparatus 4, may proceed with method steps 300 to 309 as described above for authenticating the household appliance 1 in the target network 8. This means that the first data message 12 referred to in connection with step 300 may be received at the household appliance 1 in response to or after the sixth data message 27 and the establishing 317 of the first wireless link 6.

After the household appliance 1 is authenticated in the target network 8, the second wireless link 7 may be disabled, and the household appliance 1 may exchange data with the target network 8 in a self-contained manner, e.g. without requiring involvement of the second external device 3. The method and method steps described in connection with FIG. 3, FIG. 7, and FIG. 8 have been described from the perspective of the household appliance 1. In one aspect of the invention, a user terminal, such as the second external device 3, which may be a mobile user device or similar, is provided. Regarding such a user terminal, the method steps and processes carried out according to the steps from the perspective of the household appliance 1 may be reversed and mirror the perspective of the user terminal. For example, the sending of data from the household appliance 1 translates into receiving, at the user terminal, respective data from the household appliance 1. Similarly, the receiving of data at the household appliance translates into the sending respective data from the user terminal to the household appliance. For the sake of brevity, the method to be executed by the user device including the "reversed" method steps will not be described separately. The skilled person in the art is considered able to infer in a direct and unambiguous manner respective reversed steps, i.e. by substituting "sending" and "receiving" etc. by "receiving" and "sending". Reversed steps have been described further above, wherein all steps described in connection with the household appliance 1 may be translated, if appropriate, into corresponding steps of a user terminal.

In an aspect of the invention, a system may be provided comprising at least the household appliance 1 and the second external device 3, which are configured to execute a method as described above, including for example, user interaction, processing, exchange of data and/or authentication.

In a further aspect of the invention, a computer-program product may be provided, including computer-readable instructions that, when executed by the electronic processing apparatus 9 of the household appliance 1 may perform method steps described in connection with and from the perspective of the household appliance 1 above.

In yet a further aspect of the invention, a computer-program product may be provided, such as an application for execution on the user terminal, e.g. the second external device 3, the computer-program product comprising computer-readable instructions that, when executed by an electronic processing apparatus of the user terminal, e.g. the second external device 3, may perform method steps as indicated above in accordance with the perspective of the user terminal.

In all, the underlying invention provides a possibility to authenticate a household appliance to a target network without requiring a dedicated user interface on the household appliance for handling authentication, e.g. for inputting a user name, email address or user ID, and password, a selection of available target access points etc.. Further, moving or relocating processes for authentication to the second external device or a corresponding application for installation on and execution by the second external device, such as a user mobile device, may contribute to reduced complexity, e.g. regarding the electronic processing apparatus implemented on household appliance. In particular, providing an application for installation and execution on the second external device, such as mobile user devices like smartphones or tablets, which are widely available for users nowadays, may result in reduced effort and cost, in particular because household appliances that do not necessarily require a dedicated user interface or that are, in view of design and structure, not suitable for implementing dedicated user interfaces for use in network authentication, may nevertheless be authenticated in a target network.

Although it has been described above that the invention provides a possibility to authenticate a household appliance to a target network, the methods described can be used to authenticate any kind of device to a target network and this disclosure includes any such method and any kind of device not limited to household appliances. Moreover, although it has been described that the authentication of the household appliance includes providing a password in addition to information identifying the user, for some networks, passwords are not required and the authentication may not include providing a password. Further, and as explained above, the email address of the user used in connection with exemplary embodiments shall not be limiting, but, instead of the email address, any other specific data item may be used.

LIST OF REFERENCE NUMERALS

1 household appliance

2 first external device

3 second external device

4 communication apparatus

5 antenna

6 first wireless link

7 second wireless link

8 target network

9 electronic processing apparatus

10 data line

11 memory

12 first data message

13 first data

14 second data

15 request

16 second data message

17 third data message

18 authentication credentials

19 authentication request

20 network access server

21 message

22 return message

23 fourth data message

24 identifier

25 fifth data message

26 selected identifier

27 sixth data message

28 connection request

300 - 317 method steps

Claims

1. A household appliance for performing household work and/or for assisting a user in performing household work comprising, communication apparatus comprising one or more antennas, the communication apparatus and one or more antennas configured for establishing a first and a second wireless link with at least a first external device and a different second external device, each wireless link based on a wireless communication protocol, wherein the first external device is configured for providing a target access point for accessing a target network, and the second external device configured for acting as a user terminal; electronic processing apparatus communicatively coupled to the communication apparatus and configured to perform, or comprising an associated memory storing instructions that when executed by a processor of the electronic processing apparatus cause the electronic processing apparatus to perform a method comprising: receiving from the first external device via the first wireless link a first data message including first data associated with an authentication request for authenticating access to the target network via the target access point; in response to receiving the first data message, processing the first data message and extracting from the first data message the first data associated with the authentication request; generating, from the first data, second data including a request for obtaining authentication credentials from the second external device for populating the authentication request; generating a second data message including the second data and sending, via the second wireless link, the second data message to the second external device; in response to sending the second data message, receiving from the second external device via the second wireless link a third data message, the third data message including the authentication credentials; and populating the authentication request with the authentication credentials and sending the populated authentication request to the first external device via the first wireless link for use in authenticating access and connecting to the target network.

2. The household appliance according to claim 1, wherein the first data have a different data format than the second data, wherein, optionally, the second data are application-specific data for an application to be executed on the second external device and/or include a proprietary data format.

3. The household appliance of claim 1 or 2, wherein the first and second wireless links are based on a WLAN technology.

4. The household appliance of claim 3, wherein the first and second wireless links are Wi-Fi communication links.

5. The household appliance according to at least one of claims 3 and 4, wherein a Network Address Translation Service (NAT) is implemented on the electronic processing apparatus for translating network addresses between the first and second wireless links.

6. The household appliance according to at least one of claims 3 and 4, wherein a HTTP Proxy Server is implemented on the communication apparatus for mediating HTTP communications between the first and second external devices via the first and second wireless links.

7. The household appliance of claim 1, wherein the first wireless link is based on a WLAN, and the second wireless link is based on a WPAN communication protocol.

8. The household appliance according to claim 7, wherein the first wireless link is a Wi-Fi communication link and the second wireless link is a Bluetooth communication link enabling IPv6 data traffic.

9. The household appliance according to claim 7 or claim 8, wherein a Network Address Translation Service (NAT) associated with the WLAN and an Internet Protocol Support Service (IPSP) associated with the WPAN are implemented on the electronic processing apparatus.

10. The household appliance of claim 1 or 2, wherein the first wireless link is based on a Wi-Fi, communication protocol, and the second wireless link is based on a Bluetooth communication protocol; and a Bluetooth HTTP Proxy Service (HPS) profile is implemented on the electronic processing apparatus for mediating communications between the first and second external devices via the first and second wireless links.

11. The household appliance according to any of claims 1 to 10 wherein the authentication request includes a captive portal.

12. The household appliance according to any of claims 1 to 11, wherein the electronic processing apparatus is further configured or programmed, or the memory stores further instructions that when executed by the processor cause the electronic processing apparatus to execute the steps: before sending the second data message to the second external device, sending, via the second wireless link, a message to the second external device, the message including information on the availability of the authentication request for retrieval by the second external device, and responsive to receiving a return message from the second external device via the second wireless link, the return message including a retrieval request related to the authentication request, sending the second data message to the second external device.

13. The household appliance according to any of claims 1 to 12, wherein the electronic processing apparatus is further configured or programmed, or the memory stores further instructions that when executed by the processor cause the electronic processing apparatus to execute the steps: storing an identifier (SSID) of the target network on the memory, and using the stored identifier in a subsequent process for connecting to the target network after disconnection from the target network.

14. The household appliance according to any of claims 1 to 13, wherein the electronic processing apparatus is further configured or programmed, or the memory stores further instructions that when executed by the processor cause the electronic processing apparatus to execute the steps: storing an identifier (SSID) of the target network together with the authentication credentials of the target network in a memory of the household appliance after successful authentication and connection to the target network; and, optionally, using the stored identifier and the stored authentication credentials for authenticating access and connecting to the target network in a subsequent authentication process after disconnection from the target network.

15. The household appliance according to any of claims 1 to 14, wherein the electronic processing apparatus is further configured or programmed, or the memory stores further instructions that when executed by the processor cause the electronic processing apparatus to execute the following steps prior to receiving the first data message: establishing the second wireless link to the second external device; and establishing the first wireless connection to the first external device by: sending a fourth data message to the second external device, the fourth data message including one or more network identifiers, the network identifiers identifying one or more networks available to the household appliance and suitable for connection with the communication apparatus to provide the first wireless link, the fourth data message further including a selection request for selecting one of the one or more available networks as the target network; and in response to sending the fourth data message, receiving, via the second wireless link from the second external device, a fifth data message including a selection of one of the one or more available networks as the target network; or by receiving, via the second wireless link from the second external device, a fifth data message including a selection of one of the one or more available networks as the target network; and in response to receiving the fifth data message, sending a sixth data message including a connection request to the first external device, providing an access point, in the network selected as the target network to establish the first wireless link; the first data message received after the sixth data message.

16. The household appliance according to any of claims 1 to 15, wherein the electronic processing apparatus is further configured or programmed, or the memory stores further instructions that when executed by the processor cause the electronic processing apparatus to execute the step: disabling the second wireless link after successfully authenticating access and connecting to the target network while maintaining the first wireless link to the target network, in particular for self-contained data exchange with the target network.

17. The household appliance according to any of claims 1 to 16, wherein the electronic processing apparatus is further configured or programmed, or the memory stores further instructions that when executed by the processor cause the electronic processing apparatus to execute the step: accessing the target network for data exchange in a self-contained manner after successful authenticating access and connecting to the target network based on a unique network identifier assigned to the household appliance (MAC).

18. The household appliance according to claim 3 or 4, wherein the electronic processing apparatus is further configured or programmed, or the memory stores further instructions that when executed by the processor of the electronic processing apparatus cause the household appliance to: operate in an access point mode for communications over the second wireless link, and operate in a station mode (STA) for communications and data exchange over the first wireless link.

19. The household appliance according to claim 7 or 8, wherein the electronic processing apparatus is further configured or programmed, or the memory stores further instructions that when executed by the processor of the electronic processing apparatus cause the household appliance to operate in a peripheral mode relative to the second external device, with the household appliance acting as the peripheral device and the second external device acting as the central device for establishing the WPAN or Bluetooth communication link.

20. A user terminal comprising a user interface, a wireless communication apparatus of the user terminal configured for establishing a wireless connection with the household appliance of any of claims 1 to 19 over the second wireless link, and configured for operating as the second external device, the wireless communication apparatus of the user terminal operatively coupled to an electronic processing apparatus of the user terminal, having an associated memory storing instructions that, when executed by the electronic processing apparatus of the user terminal, cause the user terminal to perform at least one of the following: establishing the second wireless link to the household appliance; receiving the second data message including the second data, and extracting the second data from the second data message; in response to receiving the second data message and extracting the second data, generating a first input prompt on the user interface requesting a user to input authentication credentials as requested by the second data, receiving an input via the user interface, the input comprising authentication credentials input by a user, generating the third data message including the authentication credentials, and sending the third data message via the second wireless link to the household appliance.

21. A system, comprising a household appliance according to any of claims 1 to 19 and a user terminal according to claim 20.

22. A computer-program product including computer-readable instructions that, when executed by the electronic processing apparatus of the household appliance according to any of claims 1 to 19 cause the household appliance to perform a method comprising the following steps: receiving from the first external device via the first wireless link a first data message including first data associated with an authentication request for authenticating access to the target network via the target access point; in response to receiving the first data message, processing the first data message and extracting from the first data message the first data associated with the authentication request; generating, from the first data, second data including a request for obtaining authentication credentials from the second external device for populating the authentication request; generating a second data message including the second data and sending, via the second wireless link, the second data message to the second external device; in response to sending the second data message, receiving from the second external device via the second wireless link a third data message, the third data message including the authentication credentials; populating the authentication request with the authentication credentials and sending the populated authentication request to the first external device via the first wireless link for use in authenticating access and connection to the network; and, optionally, responsive to receiving a positive authentication message from the first external device, establishing a connection to the target network for data exchange with the target network, and/or disabling the second wireless connection.

23. A computer-program product including computer-readable instructions that, when executed by the electronic processing apparatus of the user terminal of claim 20 cause the user terminal to perform a method comprising at least one of the following steps: establishing the second wireless link to the household appliance; receiving the second data message including the second data, and extracting the second data from the second data message; in response to receiving the second data message and extracting the second data, generating a first input prompt on the user interface requesting a user to input authentication credentials requested by the second data, receiving an input via the user interface, the input comprising authentication credentials, generating the third data message including the authentication credentials, and sending the third data message via the second wireless link to the household appliance.