US9271110B1 - Location awareness session management and cross application session management - Google Patents
Location awareness session management and cross application session management Download PDFInfo
- Publication number
- US9271110B1 US9271110B1 US13/544,802 US201213544802A US9271110B1 US 9271110 B1 US9271110 B1 US 9271110B1 US 201213544802 A US201213544802 A US 201213544802A US 9271110 B1 US9271110 B1 US 9271110B1
- Authority
- US
- United States
- Prior art keywords
- mobile device
- session
- token
- application level
- location
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related, expires
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W4/00—Services specially adapted for wireless communication networks; Facilities therefor
- H04W4/02—Services making use of location information
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W4/00—Services specially adapted for wireless communication networks; Facilities therefor
- H04W4/02—Services making use of location information
- H04W4/029—Location-based management or tracking services
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W64/00—Locating users or terminals or network equipment for network management purposes, e.g. mobility management
Definitions
- Tokens are often used to promote information security by providing authentication and managing secure sessions. For example, a token may be used to prove identity or to gain access to a resource.
- a location aware session token generation and validation system comprising a server system comprising at least one processor.
- the system also comprises at least one non-transitory memory.
- the system further comprises a token component stored on the at least one non-transitory memory that, when executed by the server system, receives a request to initiate an application level session from a mobile device, wherein the request includes an identification of the mobile device and a location of the mobile device, generates a token for the application level session wherein the token is time limited and location limited such that the application level session will expire at the end of a specified period of time or when the mobile device moves from the location, sends the token to the mobile device, receives a session message from the mobile device, wherein the session message includes a requested session action, a current location of the mobile device and the token, analyzes the token, performs the requested session action when the specified period of time has not expired and if the current location matches the location, and ends the application level session if the specified period of time has expired or if the current location
- a cross application session management system for a mobile device.
- the system comprises at least one processor and at least one non-transitory memory.
- the system also comprises a plurality of tokens stored on the at least one non-transitory memory, wherein each of the plurality of tokens corresponds to a respective one of a plurality of application level sessions.
- the system further comprises a global session management component stored on the at least one memory that, when executed by the at least one processor, monitors activity on the plurality of application level sessions, wherein activity on one of the plurality of application level sessions maintains the session life for the other ones of the plurality of application level sessions.
- a method for session management on a mobile device comprises receiving at an authenticating server a request for a token to authenticate an application level session with a service provider, wherein the request includes an identification of the mobile device and a location of the mobile device, generating by the authenticating server a token for the application level session wherein the token is time limited and location limited, sending the token to the mobile device, receiving at the authenticating server a session message for the application level session from the mobile device, wherein the session message includes a requested session action for the application level session, a current location of the mobile device, an activity level, and the token, and performing the requested session action when the predefined period of time has not expired and the current location does not match the location and the activity level exceeds a predefined level of activity.
- FIG. 1 is a block diagram of a system according to an embodiment of the disclosure.
- FIG. 2 is a block diagram a token component according to an embodiment of the disclosure.
- FIG. 3 a block diagram of a mobile device according to an embodiment of the disclosure.
- FIG. 4 is a flowchart of a method for generating a token according to an embodiment of the disclosure.
- FIG. 5 is a flowchart of a method for validating a token according to an embodiment of the disclosure.
- FIG. 6 is a pictorial diagram of a mobile device according to an embodiment of the disclosure.
- FIG. 7 is a block diagram of a mobile device according to an embodiment of the disclosure.
- FIG. 8A illustrates a software environment for a mobile device according to an embodiment of the disclosure.
- FIG. 8B illustrates an alternative software environment for a mobile device according to an embodiment of the disclosure.
- FIG. 9 illustrates an exemplary computer system suitable for implementing some aspects of the several embodiments of the disclosure.
- a session may be a semi-permanent application level interactive information interchange, also known as a dialogue, a conversation or a meeting, between two or more communicating devices, or between a computer and a mobile device.
- An application level session is set up or established at a certain point in time, and ended or torn down at a later point in time.
- An established application level communication session may involve more than one message in each direction.
- the present disclosure provides that an application level session is both time limited and location limited.
- the system promotes a service provider to increase the amount of time the application level session is valid above what the service provider might otherwise be comfortable with. For example, in an embodiment, as long as the mobile device is within the same location for which the application level session was initiated, the service provider may be more comfortable that the mobile device is still in possession of the user and has not been stolen allowing access to an unauthorized person. Thus, in such circumstances, the service provider may be willing to keep the application level session alive for a longer period of time.
- the application level session may end. Moving the mobile device outside of the specified location may indicate that the device may have been stolen and no longer in the possession of the authorized user. In such case, by ending the application level session, fraudulent activity may be inhibited.
- the mobile device may send an indication of its current location in each of its session messages.
- the mobile device may periodically send a distinct current location message to the service provider and/or to a session management server computer or session server.
- the location of the mobile device may be determined based on a Global Positioning System (GPS), and the indication of current location that is sent by the mobile device may comprise GPS coordinates.
- GPS Global Positioning System
- the disclosed systems and methods are not limited to GPS based location determination.
- the location of the mobile device may be determined based on an available Worldwide Interoperability for Microwave Access (WiMAX) access point, an available WiFi access point, an available femtocell access point; or other available wireless access points regardless of whether the mobile device is actually connected to the available wireless access point.
- WiMAX Worldwide Interoperability for Microwave Access
- the mobile device may receive a broadcast signal from a wireless access point that contains an identifier for the subject access point.
- the indication of current location that is sent by the mobile device may comprise an identity of one access point, identities of a plurality of access points, or other information about what wireless access points are in range of the mobile device.
- the service provider may deem that the mobile device is within an acceptable proximity of a preferred location, such as a retail store location, if the mobile device is in range of one or more predefined wireless access points, where the subject predefined wireless access points are associated with their identities.
- a preferred location such as a retail store location
- the location of the mobile device may be determined based on triangulation of the strength of signals between a plurality of available wireless access points.
- the location may be determined based on using combinations of different types of location determination methods. As such, the disclosed methods and systems are not limited to a particular method of determining the location of the mobile device.
- continuing activity or activity exceeding a predetermined threshold may prevent the application level session from being ended even though the mobile device may have moved outside of a specified location.
- the continuing activity may be taken as an indication that the mobile device is still in the possession of an authorized user and has not been stolen. Thus, continuing the session may be warranted.
- the user experience is enhanced since they do not experience the frustration of being disconnected from their session and having to reestablish their session by entering, for example, a user name and password.
- cross application session awareness may provide that activity on one application or session may be sufficient to ensure that another session is not ended.
- a bank may have enabled a session for a banking customer to access the customer's bank account information. The customer may need to check information in an e-mail as well as access confidential information on another web site through a session on the other web site. For example, the customer may need to access a web site associated with their credit card issuer to locate additional information before completing their session with their bank. Their online session with their bank may have been idle for a significant amount of time that would normally result in the session being ended.
- a trusted global session manager may monitor session and application activity across multiple sessions and/or applications.
- the customer's activity on their e-mail and on their credit card issuer's web site may be sufficient to keep their session with their bank active. Such activity may indicate that the customer has not left their mobile device and is still in possession of the device making it unlikely that unauthorized access to the customer's bank account may be granted by keeping the session alive.
- a token may be generated based on a current location of a mobile device.
- the token may be provided to the mobile device and provided with all messages transmitted from the mobile device to a session server.
- a token may be any data used to uniquely identify an individual and/or device and authenticate that individual and/or device for a session.
- a token may be a string of characters.
- a token may be a cookie, which may also be referred to as an HTTP cookie, a web cookie, or a browser cookie.
- the token is a self-expiring token that may end a session after the expiration of a specified amount of time.
- the system 100 comprises mobile devices 140 , a base transceiver station 124 , an authentication server 110 , a session server 120 , a session data store 130 , and a network 106 .
- authentication server 110 and session server 120 may be implemented on different machines or on the same machine.
- mobile device 140 may be any portable electronic device including a mobile phone, a personal digital assistant (PDA), a smart phone, a tablet computer, and a laptop computer.
- a smart phone may be a mobile device that includes not only the traditional features of a mobile phone, but also additional functionality such as, for example, providing e-mail service, web access, and still picture and video capture capability via a camera.
- a smart phone may also run applications including games and productivity applications. Examples of mobile devices include an AndroidTM enabled phone, an iPhone®, and an iPad®.
- the base transceiver station 124 may be any of a cellular wireless base station, for example a Code Division Multiple Access (CDMA), a Global System for Mobile Communications (GSM), a Universal Mobile Communications System (UMTS), and/or Long-term Evolution (LTE) cellular wireless base station; a Worldwide Interoperability for Microwave Access (WiMAX) base station; a WiFi access point; a femtocell; or other wireless access devices. While FIG. 1 depicts only one base transceiver station 124 , in an embodiment a plurality of base transceiver stations 124 may be existent and in operation.
- CDMA Code Division Multiple Access
- GSM Global System for Mobile Communications
- UMTS Universal Mobile Communications System
- LTE Long-term Evolution
- WiMAX Worldwide Interoperability for Microwave Access
- WiFi access point a femtocell
- FIG. 1 depicts only one base transceiver station 124 , in an embodiment a plurality of base transceiver stations 124 may be existent
- the network 106 promotes communication between the components of the system 100 .
- the network 106 may be any communication network including a public data network (PDN), a public switched telephone network (PSTN), a private network, a local area network (LAN), a wide area network (WAN), an intranet, the Internet and/or a combination of networks.
- PDN public data network
- PSTN public switched telephone network
- LAN local area network
- WAN wide area network
- intranet the Internet and/or a combination of networks.
- Authentication server 110 authenticates mobile device 140 to session server 120 .
- Authentication server 110 includes a token component 112 which generates a token which is transmitted to mobile device 140 to use to authenticate itself to a session.
- token component 112 receives an indication of the location of mobile device 140 .
- Token component 112 may use the location information from the mobile device 140 to create a token.
- Mobile device 140 sends a request for a token to authentication server 110 .
- the request may include location information about the mobile device 140 .
- Mobile device 140 receives the token from authentication server 110 .
- the token may be time and location limited. Additional details concerning time limited tokens may be found in U.S. patent application Ser. No. 13/042,015 to V. Cherukumudi, et al. filed Mar. 7, 2011 and entitled “Password Generation and Validation Method” which is incorporated herein by reference.
- Mobile device 140 may initiate an application level session with session server 120 . Examples of application level sessions may include logging into a bank's web site to check bank account information, checking e-mail through a web site, and performing work related activities on an employer's confidential web site.
- An application level session is a temporary interactive secure information exchange between collaborating application entities such as an application client and an application server during which the entities may transmit and receive requests and transmit and receive responses in the context of a previously completed authentication and authorization.
- An application level session is intended to preserve and protect access to and modification of secured information by authorized users and exclude unauthorized users.
- an application level session should not be confused with other types of sessions occurring at other layers in an Open Systems Interconnection (OSI) model or in another layered communication stack model where a layer serves the layer above it and is served by the layer below it.
- OSI Open Systems Interconnection
- an application level session should not be confused with activities that occur at the physical layer, the data link layer, the network layer, the transport layer, the session layer, or the presentation layer.
- references to a “session” mean an application level session as defined above.
- the token may be communicated directly to the authentication server 110 which may then provide an indication to the session server 120 of whether the token is valid and whether the session activity may be continued. If the token is valid, the session server 120 may perform session activities requested by the mobile device 140 . In an embodiment, the session server 120 may retrieve, store, or modify data in session data store 130 . For example, the data in session data store 130 may be account balance information for a bank account belonging to the user of mobile device 140 .
- the mobile device 140 transmits current location information along with the token to the authentication server 110 .
- the authentication server 110 determines whether the location for which the token was granted matches the current location information. If the current location of the mobile device 140 does not match the location information associated with the token, then the session is terminated.
- the current location of the mobile device 140 matches the location associated with the token if the mobile device 140 is within an area 150 defined with reference to the location associated with the token.
- the area 150 may be specified or defined as a specific or predefined radius extending from a point of a radio transceiver with which the location associated with the token corresponds.
- the area 150 may be defined as within the specified building, such as a store location.
- the area 150 may be specified as the area within which the mobile device 140 is able to communicate with a specified or predefined transceiver or radio source or one of a plurality of specified or predefined transceivers or radio sources.
- mobile device 140 may transmit session activity information, current location information, the token, and the session message to the authentication server 110 and/or session server 120 .
- the session may be maintained even though the mobile device 140 may be outside of the location specified by the token. For example, if there has been continuing session activity while the mobile device 140 was moved from the location associated with the token to a new location, this activity may be used to infer that the mobile device 140 has not been stolen or otherwise compromised thereby minimizing the risk of unauthorized session activity.
- sufficient activity will maintain the session outside of a first area 150 , but only so long as the mobile device remains within a second area 160 .
- the second area 160 may be defined in a similar manner to that of first area 150 .
- lack of sufficient activity by the mobile device 140 on the session will cause the session to terminate at an earlier time than would otherwise be the case.
- This same concept may be expressed in terms of extending the life of the session if a sufficient amount of activity on the mobile device 140 is detected. In both cases, the session life span is different depending on the level of activity on the mobile device 140 .
- the mobile device 140 may include a global session manager that monitors activity on several sessions. Activity on one session may provide the sufficient activity necessary to maintain or extend the session on the mobile device 140 .
- the token component 112 may comprise an encryption component 202 and may perform one or more steps for processing a plurality of inputs to generate a token 220 .
- the plurality of inputs comprises a time input 214 a , a private data input 214 b , and a public data input 214 c which includes a location input 214 d .
- the time input 214 a may be provided by a clock 212 located on the authentication server 110 .
- the clock 212 may be a system clock.
- the time input 214 a is in DDDHHMM format where DDD is the day of the year, HH is the hour, and MM is the minute. Having the time input 214 a in DDDHHMM format rather than some other longer time format helps to reduce the size of the unencrypted token 216 .
- time input 214 a could alternatively be in YYMMDDHHMM format where YYMMDD is year, month, and day, HH is the hour, and MM is the minute or some other time format.
- the time input 214 a could be a number of seconds elapsed in a predefined epoch, for example seconds elapsed since Jan. 1, 1970.
- the time input could be represented and/or processed in accordance with a different time keeping convention.
- the time input 214 a may be determined by rounding a current time to the nearest predefined time interval. For example, if the predefined time interval is selected to be 5 minutes and the current time is Jan. 17, 2011 at 9:32:23 am, the time input 214 a in DDDHHMM format would be 0170930.
- the predefined time interval may be selected to be any interval of time. For instance, the predefined time interval may be 60 minutes, 30 minutes, 15 minutes, 5 minutes, 1 minute, or some other time interval. For the sake of simplicity, it may be beneficial to select a time interval that can be evenly divided into 60.
- the time rounded to the nearest predefined time interval to determine the time input 214 a may depend upon whether the token component 112 is generating a token 220 or validating a received token. For example, if the token component 112 is generating a token 220 , the time that may be rounded to the nearest predefined time interval may be the time that the mobile device 140 invoked the application program interface. In another example, if the token component 112 is validating a received token, the time that may be rounded to the nearest predefined time interval may be the time that the received token was received by the token component 112 .
- the private data input 214 b may be a secret key or phrase.
- the private data input 214 b is stored on the authentication server 110 in a data store or on some other server accessible to the token component 112 .
- the private data input 214 b may be private in that it is accessible to the token component 112 , but not to the mobile device 140 and/or session server 120 .
- the private data input 214 b may be changed by an administrator or some other personnel regularly such as at some periodic time interval or irregularly.
- the public data input 214 c may be data that is known to a user of the mobile device 140 .
- the public data input 214 c may include a location input 214 d indicating the location of mobile device 140 .
- the public data input 214 c may vary depending upon the context in which the token generation and validation system and methods disclosed herein are applied. For example, in a retail setting where authentication of an employee is sought, the public data input 214 c may be a consumer ID, a user name, a store ID, a store location, and/or some other data know to the user of the mobile device 140 . In an embodiment, the store location may be determined from the store ID. To increase the strength of the generated token, two or more pieces of data can be included in the public data input 214 c .
- the public data input 214 c may be provided to the token component 112 from the mobile device 140 when the mobile device requests generation of a token 220 or by session server 120 when the session server 120 requests validation of a received token.
- an unencrypted token 216 may be formed from a plurality of inputs.
- the unencrypted token 216 may be formed from the time input 214 a , the private data input 214 b , and the public data input 214 c , including the location data 214 d .
- the unencrypted token 216 may be a string of characters.
- the encryption component 202 may alter the unencrypted token 216 by applying a one-way hashing algorithm to the unencrypted token 216 .
- applying a one-way hashing algorithm to the unencrypted token 216 produces a hashed string of characters that is not easily, if at all, able to be reversed back into the plurality of inputs used to create the unencrypted token 216 .
- the encryption component 202 may apply a one-way hashing algorithm such as SHA-1, MD5, or another hashing algorithm.
- the hashed string of characters that results from the encryption component 202 is the token 220 .
- Such an embodiment may be, for example, when the mobile device 140 communicates a token directly to the session server 120 .
- Other encryption techniques other than or in addition to hashing may also be utilized in generating the token 220 .
- Mobile device 140 may include token 1 302 , token 2 304 , token 3 306 , a location determination component 308 , and a global session manager 310 .
- the location determination component 308 may determine the location of the mobile device 140 and provide that information to the authentication server 110 .
- the location determination component 308 may comprise a Global Positioning System (GPS) component to determine the location of the mobile device 140 based on GPS coordinates.
- GPS Global Positioning System
- the location determination component 308 determines the location of the mobile device 140 based on signal strength from one or more radio transceivers.
- the location determination component 308 determines the location of the mobile device 140 based on the identity of a transceiver with which the mobile device 140 is in communication.
- Global session manager 310 may monitor activity on multiple sessions associated with tokens 302 , 304 , 306 .
- Global Session Manager 310 may be acquired from a source that is trusted by the originators of the tokens 302 , 304 , 306 .
- the sessions associated with each of tokens 302 , 304 , 306 may be time limited and be set to expire unless a sufficient level of activity is maintained within a specified period of time on the mobile device 140 .
- the global session manager 310 may be trusted by the sessions associated with tokens 302 , 304 , 306 , rather than prematurely ending one session due to lack of activity on the mobile device 140 , the session may be maintained if sufficient activity occurs on one of the other sessions associated with one of the other tokens 302 , 304 , 306 .
- the mobile device 140 may also transmit the corresponding token, the current location of the mobile device 140 , and the session activity as determined by the global session manager 310 .
- Method 400 begins at block 410 where the authentication server 110 receives a plurality of inputs from the mobile device 140 where the inputs include a device location and a first time. At block 412 , the authentication server 110 generates a string of characters from at least some of the plurality of inputs, wherein the inputs include at least the mobile device location and the first time. At block 414 , the authentication server 110 hashes the string of characters. At block 416 , the authentication server 110 may encode the hashed string of characters, after which the method 400 may end.
- Method 500 begins at block 510 where the authentication server 110 receives a current location of the mobile device 140 , an activity level of the mobile device 140 , and a token from the mobile device 140 or from the session server 120 .
- the authentication server 110 determines whether the token is valid. If the token is not valid, the method 500 proceeds to block 524 where the session is ended at which point method 500 may end. If the authentication server 110 determines that the token is valid at block 512 , then the method 500 proceeds to block 514 where the authentication server 110 determines whether the current location matches a location for which the token is valid.
- the method 500 proceeds to block 516 or alternatively, the method 500 may proceed to block 524 where the session is ended and the method 500 may end.
- the authentication server 110 determines whether there has been sufficient continuing activity on the session (or alternatively on the mobile device 140 generally) to warrant allowing the session to continue although the mobile device 140 is outside the location where the token is valid. If, at block 516 , sufficient continuing activity has not been maintained on the session or the mobile device 140 , then method 500 proceeds to block 524 where the session is ended at which point the method 500 may end.
- the method 500 proceeds to block 518 .
- the authentication server 110 determines whether the predefined time limit for which the token is valid has expired. If, at block 518 , the authentication server 110 determines that the predefined time limit has not expired, then the method 500 proceeds to block 522 where the token is authenticated allowing the session to continue. Once the token has been authenticated at block 522 , the method 500 may end.
- the method 500 proceeds to block 520 .
- the method 500 may proceed to block 524 if the authentication server 110 determines that the time limit has expired.
- the authentication server 110 determines whether there has been sufficient activity within a predetermined time period to allow the session to be extended. If, at block 520 , the authentication server 110 determines that there has been insufficient activity, then the method 500 proceeds to block 524 after which method 500 may end. If, at block 520 , the authentication server 110 determines that there has been sufficient activity, then the method 500 may proceed to block 522 where the token is authenticated. Once the token has been authenticated at block 522 , the method 500 may end.
- the activity level may be based solely on the activity level in the session corresponding to the token to be authenticated. However, in an embodiment, also discussed above, the activity level may be based on activity on other sessions not corresponding to the token to be authenticated.
- the decision diamonds illustrated in FIG. 5 may be reordered in several ways to implement the checks described therein. For example, in an embodiment, a time limit associated with the token may be checked before the current location is checked against a location associated with the token. In an embodiment, the sufficient continuing activity criteria may be checked before either the current location criteria or the time limit criteria is checked.
- FIG. 6 shows a wireless communications system including the mobile device 600 .
- FIG. 6 depicts the mobile device 600 , which is operable for implementing aspects of the present disclosure, but the present disclosure should not be limited to these implementations.
- the mobile device 600 may take various forms including a wireless handset, a pager, a personal digital assistant (PDA), a gaming device, or a media player.
- the mobile device 600 includes a display 602 and a touch-sensitive surface and/or keys 604 for input by a user.
- the mobile device 600 may present options for the user to select, controls for the user to actuate, and/or cursors or other indicators for the user to direct.
- the mobile device 600 may further accept data entry from the user, including numbers to dial or various parameter values for configuring the operation of the handset.
- the mobile device 600 may further execute one or more software or firmware applications in response to user commands. These applications may configure the mobile device 600 to perform various customized functions in response to user interaction.
- the mobile device 600 may be programmed and/or configured over-the-air, for example from a wireless base station, a wireless access point, or a peer mobile device 600 .
- the mobile device 600 may execute a web browser application which enables the display 602 to show a web page.
- the web page may be obtained via wireless communications with a base transceiver station, a wireless network access node, a peer mobile device 600 or any other wireless communication network or system.
- FIG. 7 shows a block diagram of the mobile device 600 . While a variety of known components of handsets are depicted, in an embodiment a subset of the listed components and/or additional components not listed may be included in the mobile device 600 .
- the mobile device 600 includes a digital signal processor (DSP) 702 and a memory 704 .
- DSP digital signal processor
- the mobile device 600 may further include an antenna and front end unit 706 , a radio frequency (RF) transceiver 708 , a baseband processing unit 710 , an input/output interface 718 , a removable memory card 720 , a universal serial bus (USB) port 722 , an infrared port 724 , a vibrator 726 , a keypad 728 , a touch screen liquid crystal display (LCD) with a touch sensitive surface 730 , a touch screen/LCD controller 732 , a camera 734 , a camera controller 736 , a global positioning system (GPS) receiver 738 , and a sensor 740 .
- RF radio frequency
- the mobile device 600 may include another kind of display that does not provide a touch sensitive screen.
- the DSP 702 may communicate directly with the memory 704 without passing through the input/output interface 718 .
- the mobile device 600 may comprise other peripheral devices that provide other functionality.
- the DSP 702 or some other form of controller or central processing unit operates to control the various components of the mobile device 600 in accordance with embedded software or firmware stored in memory 704 or stored in memory contained within the DSP 702 itself.
- the DSP 702 may execute other applications stored in the memory 704 or made available via information carrier media such as portable data storage media like the removable memory card 720 or via wired or wireless network communications.
- the application software may comprise a compiled set of machine-readable instructions that configure the DSP 702 to provide the desired functionality, or the application software may be high-level software instructions to be processed by an interpreter or compiler to indirectly configure the DSP 702 .
- the DSP 702 may communicate with a wireless network via the analog baseband processing unit 710 .
- the communication may provide Internet connectivity, enabling a user to gain access to content on the Internet and to send and receive e-mail or text messages.
- the input/output interface 718 interconnects the DSP 702 and various memories and interfaces.
- the memory 704 and the removable memory card 720 may provide software and data to configure the operation of the DSP 702 .
- the interfaces may be the USB port 722 and the infrared port 724 .
- the USB port 722 may enable the mobile device 600 to function as a peripheral device to exchange information with a personal computer or other computer system.
- the infrared port 724 and other optional ports such as a Bluetooth® interface or an IEEE 702.11 compliant wireless interface may enable the mobile device 600 to communicate wirelessly with other nearby handsets and/or wireless base stations.
- the keypad 728 couples to the DSP 702 via the interface 718 to provide one mechanism for the user to make selections, enter information, and otherwise provide input to the mobile device 600 .
- Another input mechanism may be the touch screen LCD 730 , which may also display text and/or graphics to the user.
- the touch screen LCD controller 732 couples the DSP 702 to the touch screen LCD 730 .
- the GPS receiver 738 is coupled to the DSP 702 to decode global positioning system signals, thereby enabling the mobile device 600 to determine its position.
- Sensor 740 couples to the DSP 702 via the interface 718 to provide a mechanism to determine movement and/or relative orientation of the mobile device 600 .
- the sensor 740 may provide information to DSP 702 indicating the orientation that the mobile device 600 is being held (e.g., face up, face down, face perpendicular to the ground).
- Sensor 740 may also provide information indicating whether the mobile device 600 is being moved (e.g., right to left, up to down) and indicate sudden accelerations and/or decelerations. Sudden decelerations may indicate that the mobile device 600 has been dropped.
- Sensor 740 may include an accelerometer to measure various motions and orientations of the mobile device 600 . Measurements from sensor 740 may be provided to DSP 702 which may record the measurement and a time stamp in a log file stored, for example, in memory 704 .
- sensor 740 may include other sensors, such as, for example, a temperature sensor and/or a current meter for measuring current flow from the mobile device's 600 battery.
- the temperature sensor may detect the temperature of the mobile device 600 or various components of the mobile device 600 to indicate whether a component (e.g., an RF circuit) may be over heating.
- the mobile device 600 may comprise other sensors that provide other functionality.
- FIG. 8A illustrates a software environment 802 that may be implemented by the DSP 702 .
- the DSP 702 executes operating system software 804 that provides a platform from which the rest of the software operates.
- the operating system software 804 may provide a variety of drivers for the handset hardware with standardized interfaces that are accessible to application software.
- the operating system software 804 may be coupled to and interact with application management services (AMS) 806 that transfer control between applications running on the mobile device 600 .
- AMS application management services
- FIG. 8A Also shown in FIG. 8A are a web browser application 808 , a media player application 810 , JAVA applets 812 , and a global session manager (GSM) 814 .
- GSM global session manager
- the web browser application 808 may be executed by the mobile device 600 to browse content and/or the Internet, for example when the mobile device 600 is coupled to a network via a wireless link.
- the web browser application 808 may permit a user to enter information into forms and select links to retrieve and view web pages.
- the media player application 810 may be executed by the mobile device 600 to play audio or audiovisual media.
- the JAVA applets 812 may be executed by the mobile device 600 to provide a variety of functionality including games, utilities, and other functionality.
- the GSM 814 may be executed by the mobile device 600 to manage one or more sessions on the mobile device 600 .
- the GSM may monitor session activity on multiple sessions and provide the session activity to other sessions so that a session does not prematurely end due to lack of activity on that particular session when there is still sufficient activity on another session to warrant keeping the particular session alive.
- FIG. 8B illustrates an alternative software environment 820 that may be implemented by the DSP 702 .
- the DSP 702 executes operating system software 828 and an execution runtime 830 .
- the DSP 702 executes applications 822 that may execute in the execution runtime 830 and may rely upon services provided by the application framework 824 .
- Applications 822 and the application framework 824 may rely upon functionality provided via the libraries 826 .
- FIG. 9 illustrates a computer system 980 suitable for implementing one or more embodiments disclosed herein.
- the computer system 980 includes a processor 982 (which may be referred to as a central processor unit or CPU) that is in communication with memory devices including secondary storage 984 , read only memory (ROM) 986 , random access memory (RAM) 988 , input/output (I/O) devices 990 , and network connectivity devices 992 .
- the processor 982 may be implemented as one or more CPU chips.
- a design that is still subject to frequent change may be preferred to be implemented in software, because re-spinning a hardware implementation is more expensive than re-spinning a software design.
- a design that is stable that will be produced in large volume may be preferred to be implemented in hardware, for example in an application specific integrated circuit (ASIC), because for large production runs the hardware implementation may be less expensive than the software implementation.
- ASIC application specific integrated circuit
- a design may be developed and tested in a software form and later transformed, by well known design rules, to an equivalent hardware implementation in an application specific integrated circuit that hardwires the instructions of the software.
- a machine controlled by a new ASIC is a particular machine or apparatus, likewise a computer that has been programmed and/or loaded with executable instructions may be viewed as a particular machine or apparatus.
- the secondary storage 984 is typically comprised of one or more disk drives or tape drives and is used for non-volatile storage of data and as an over-flow data storage device if RAM 988 is not large enough to hold all working data. Secondary storage 984 may be used to store programs which are loaded into RAM 988 when such programs are selected for execution.
- the ROM 986 is used to store instructions and perhaps data which are read during program execution. ROM 986 is a non-volatile memory device which typically has a small memory capacity relative to the larger memory capacity of secondary storage 984 .
- the RAM 988 is used to store volatile data and perhaps to store instructions. Access to both ROM 986 and RAM 988 is typically faster than to secondary storage 984 .
- the secondary storage 984 , the RAM 988 , and/or the ROM 986 may be referred to in some contexts as computer readable storage media and/or non-transitory computer readable media.
- I/O devices 990 may include printers, video monitors, liquid crystal displays (LCDs), touch screen displays, keyboards, keypads, switches, dials, mice, track balls, voice recognizers, card readers, paper tape readers, or other well-known input devices.
- LCDs liquid crystal displays
- touch screen displays keyboards, keypads, switches, dials, mice, track balls, voice recognizers, card readers, paper tape readers, or other well-known input devices.
- the network connectivity devices 992 may take the form of modems, modem banks, Ethernet cards, universal serial bus (USB) interface cards, serial interfaces, token ring cards, fiber distributed data interface (FDDI) cards, wireless local area network (WLAN) cards, radio transceiver cards such as code division multiple access (CDMA), global system for mobile communications (GSM), long-term evolution (LTE), worldwide interoperability for microwave access (WiMAX), and/or other air interface protocol radio transceiver cards, and other well-known network devices. These network connectivity devices 992 may enable the processor 982 to communicate with the Internet or one or more intranets.
- USB universal serial bus
- FDDI fiber distributed data interface
- WLAN wireless local area network
- radio transceiver cards such as code division multiple access (CDMA), global system for mobile communications (GSM), long-term evolution (LTE), worldwide interoperability for microwave access (WiMAX), and/or other air interface protocol radio transceiver cards, and other well-known network devices.
- CDMA code
- processor 982 might receive information from the network, or might output information to the network in the course of performing the above-described method steps. Such information, which is often represented as a sequence of instructions to be executed using processor 982 , may be received from and outputted to the network, for example, in the form of a computer data signal embodied in a carrier wave.
- Such information may be received from and outputted to the network, for example, in the form of a computer data baseband signal or signal embodied in a carrier wave.
- the baseband signal or signal embedded in the carrier wave may be generated according to several methods well known to one skilled in the art.
- the baseband signal and/or signal embedded in the carrier wave may be referred to in some contexts as a transitory signal.
- the processor 982 executes instructions, codes, computer programs, scripts which it accesses from hard disk, floppy disk, optical disk (these various disk based systems may all be considered secondary storage 984 ), ROM 986 , RAM 988 , or the network connectivity devices 992 . While only one processor 982 is shown, multiple processors may be present. Thus, while instructions may be discussed as executed by a processor, the instructions may be executed simultaneously, serially, or otherwise executed by one or multiple processors.
- Instructions, codes, computer programs, scripts, and/or data that may be accessed from the secondary storage 984 for example, hard drives, floppy disks, optical disks, and/or other device, the ROM 986 , and/or the RAM 988 may be referred to in some contexts as non-transitory instructions and/or non-transitory information.
- the computer system 980 may comprise two or more computers in communication with each other that collaborate to perform a task.
- an application may be partitioned in such a way as to permit concurrent and/or parallel processing of the instructions of the application.
- the data processed by the application may be partitioned in such a way as to permit concurrent and/or parallel processing of different portions of a data set by the two or more computers.
- virtualization software may be employed by the computer system 980 to provide the functionality of a number of servers that is not directly bound to the number of computers in the computer system 980 .
- virtualization software may provide twenty virtual servers on four physical computers.
- Cloud computing may comprise providing computing services via a network connection using dynamically scalable computing resources.
- Cloud computing may be supported, at least in part, by virtualization software.
- a cloud computing environment may be established by an enterprise and/or may be hired on an as-needed basis from a third party provider.
- Some cloud computing environments may comprise cloud computing resources owned and operated by the enterprise as well as cloud computing resources hired and/or leased from a third party provider.
- the computer program product may comprise one or more computer readable storage medium having computer usable program code embodied therein to implement the functionality disclosed above.
- the computer program product may comprise data structures, executable instructions, and other computer usable program code.
- the computer program product may be embodied in removable computer storage media and/or non-removable computer storage media.
- the removable computer readable storage medium may comprise, without limitation, a paper tape, a magnetic tape, magnetic disk, an optical disk, a solid state memory chip, for example analog magnetic tape, compact disk read only memory (CD-ROM) disks, floppy disks, jump drives, digital cards, multimedia cards, and others.
- the computer program product may be suitable for loading, by the computer system 980 , at least portions of the contents of the computer program product to the secondary storage 984 , to the ROM 986 , to the RAM 988 , and/or to other non-volatile memory and volatile memory of the computer system 980 .
- the processor 982 may process the executable instructions and/or data structures in part by directly accessing the computer program product, for example by reading from a CD-ROM disk inserted into a disk drive peripheral of the computer system 980 .
- the processor 982 may process the executable instructions and/or data structures by remotely accessing the computer program product, for example by downloading the executable instructions and/or data structures from a remote server through the network connectivity devices 992 .
- the computer program product may comprise instructions that promote the loading and/or copying of data, data structures, files, and/or executable instructions to the secondary storage 984 , to the ROM 986 , to the RAM 988 , and/or to other non-volatile memory and volatile memory of the computer system 980 .
- the secondary storage 984 , the ROM 986 , and the RAM 988 may be referred to as a non-transitory computer readable medium or a computer readable storage media.
- a dynamic RAM embodiment of the RAM 988 likewise, may be referred to as a non-transitory computer readable medium in that while the dynamic RAM receives electrical power and is operated in accordance with its design, for example during a period of time during which the computer 980 is turned on and operational, the dynamic RAM stores information that is written to it.
- the processor 982 may comprise an internal RAM, an internal ROM, a cache memory, and/or other internal non-transitory storage blocks, sections, or components that may be referred to in some contexts as non-transitory computer readable media or computer readable storage media.
Abstract
Description
Claims (20)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US13/544,802 US9271110B1 (en) | 2012-07-09 | 2012-07-09 | Location awareness session management and cross application session management |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US13/544,802 US9271110B1 (en) | 2012-07-09 | 2012-07-09 | Location awareness session management and cross application session management |
Publications (1)
Publication Number | Publication Date |
---|---|
US9271110B1 true US9271110B1 (en) | 2016-02-23 |
Family
ID=55314831
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US13/544,802 Expired - Fee Related US9271110B1 (en) | 2012-07-09 | 2012-07-09 | Location awareness session management and cross application session management |
Country Status (1)
Country | Link |
---|---|
US (1) | US9271110B1 (en) |
Cited By (21)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US9355233B1 (en) | 2014-01-27 | 2016-05-31 | Sprint Communications Company L.P. | Password reset using hash functions |
US9374363B1 (en) | 2013-03-15 | 2016-06-21 | Sprint Communications Company L.P. | Restricting access of a portable communication device to confidential data or applications via a remote network based on event triggers generated by the portable communication device |
US20160182506A1 (en) * | 2013-05-13 | 2016-06-23 | Hoyos Labs Ip Ltd. | System and method for generating a biometric identifier |
US20170221059A1 (en) * | 2014-05-29 | 2017-08-03 | Ranvir Sethi | System and method for generating a location specific token |
US10304047B2 (en) * | 2012-12-07 | 2019-05-28 | Visa International Service Association | Token generating component |
EP3660718A1 (en) * | 2019-07-18 | 2020-06-03 | CyberArk Software Ltd. | Agentless management and control of network sessions |
US10717264B2 (en) | 2015-09-30 | 2020-07-21 | Sigma Labs, Inc. | Systems and methods for additive manufacturing operations |
US10922396B2 (en) * | 2019-04-22 | 2021-02-16 | Bank Of America Corporation | Signals-based authentication |
US11135654B2 (en) | 2014-08-22 | 2021-10-05 | Sigma Labs, Inc. | Method and system for monitoring additive manufacturing processes |
US20220022041A1 (en) * | 2020-07-17 | 2022-01-20 | Sensia Llc | Systems and methods for security of a hydrocarbon system |
US11267047B2 (en) | 2015-01-13 | 2022-03-08 | Sigma Labs, Inc. | Material qualification system and methodology |
US20220141215A1 (en) * | 2020-11-05 | 2022-05-05 | Capital One Services, Llc | Systems utilizing secure offline limited-use tokens for temporary electronic activity authentication and methods of use thereof |
US11340965B2 (en) * | 2019-04-01 | 2022-05-24 | BoomerSurf, LLC | Method and system for performing voice activated tasks |
US11354375B2 (en) * | 2018-05-31 | 2022-06-07 | Capital One Services, Llc | Methods and systems for providing authenticated one-click access to a customized user interaction-specific web page |
US11398908B2 (en) * | 2019-08-21 | 2022-07-26 | Mcafee, Llc | Methods and apparatus to deconflict malware or content remediation |
US11405397B2 (en) | 2019-08-21 | 2022-08-02 | Mcafee, Llc | Methods and apparatus to deconflict malware or content remediation |
US11468158B2 (en) | 2019-04-10 | 2022-10-11 | At&T Intellectual Property I, L.P. | Authentication for functions as a service |
US11478854B2 (en) | 2014-11-18 | 2022-10-25 | Sigma Labs, Inc. | Multi-sensor quality inference and control for additive manufacturing processes |
WO2023065308A1 (en) * | 2021-10-22 | 2023-04-27 | 北京小米移动软件有限公司 | Communication method and communication apparatus for wireless local area network sensing measurement |
US11743256B1 (en) * | 2019-11-05 | 2023-08-29 | Shape Security, Inc. | Security measures for extended sessions using multi-domain data |
US11868754B2 (en) | 2020-07-17 | 2024-01-09 | Sensia Llc | Systems and methods for edge device management |
Citations (39)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US4800590A (en) | 1985-01-14 | 1989-01-24 | Willis E. Higgins | Computer key and computer lock system |
US5588056A (en) | 1994-10-25 | 1996-12-24 | Bell Atlantic Network Services, Inc. | Method and system for generating pronounceable security passwords |
US5592553A (en) | 1993-07-30 | 1997-01-07 | International Business Machines Corporation | Authentication system using one-time passwords |
US6161185A (en) | 1998-03-06 | 2000-12-12 | Mci Communications Corporation | Personal authentication system and method for multiple computer platform |
US6178508B1 (en) | 1995-12-28 | 2001-01-23 | International Business Machines Corp. | System for controlling access to encrypted data files by a plurality of users |
US6470454B1 (en) | 1998-03-31 | 2002-10-22 | International Business Machines Corporation | Method and apparatus for establishing computer configuration protection passwords for protecting computer configurations |
US20020178370A1 (en) | 1999-12-30 | 2002-11-28 | Gurevich Michael N. | Method and apparatus for secure authentication and sensitive data management |
US6496937B1 (en) | 1998-01-13 | 2002-12-17 | Nec Corp. | Password updating apparatus and recording medium used therefor |
US6601175B1 (en) | 1999-03-16 | 2003-07-29 | International Business Machines Corporation | Method and system for providing limited-life machine-specific passwords for data processing systems |
US20030216143A1 (en) | 2002-03-01 | 2003-11-20 | Roese John J. | Location discovery in a data network |
US6731731B1 (en) | 1999-07-30 | 2004-05-04 | Comsquare Co., Ltd. | Authentication method, authentication system and recording medium |
US20050015601A1 (en) | 2003-07-17 | 2005-01-20 | International Business Machines Corporation | Methods, systems, and media to authenticate a user |
US20050239481A1 (en) | 2004-04-01 | 2005-10-27 | Seligmann Doree D | Location-based command execution for mobile telecommunications terminals |
US20050268345A1 (en) | 2004-05-29 | 2005-12-01 | Harrison Robert B | Method and apparatus for providing temporary access to a network device |
US20050272445A1 (en) | 2000-12-19 | 2005-12-08 | Bellsouth Intellectual Property Corporation | Location-based security rules |
US20060212589A1 (en) * | 2005-03-18 | 2006-09-21 | Sap Aktiengesellschaft | Session manager for web-based applications |
US20090047923A1 (en) | 2007-08-06 | 2009-02-19 | Telcordia Technologies, Inc. | Method and System for Using Cellular/Wireless Phones and Devices for Retrieving Emergency Related Personal Data |
US20100077487A1 (en) | 2003-06-17 | 2010-03-25 | Cerner Innovation, Inc. | Computerized method and system for restricting access to patient protected health information |
US7836407B2 (en) | 2007-05-02 | 2010-11-16 | Yahoo! Inc. | Smart fields |
US20110072492A1 (en) | 2009-09-21 | 2011-03-24 | Avaya Inc. | Screen icon manipulation by context and frequency of use |
US20110166883A1 (en) | 2009-09-01 | 2011-07-07 | Palmer Robert D | Systems and Methods for Modeling Healthcare Costs, Predicting Same, and Targeting Improved Healthcare Quality and Profitability |
US20110208797A1 (en) | 2010-02-22 | 2011-08-25 | Full Armor Corporation | Geolocation-Based Management of Virtual Applications |
US20120136572A1 (en) | 2010-06-17 | 2012-05-31 | Norton Kenneth S | Distance and Location-Aware Reminders in a Calendar System |
US20120154413A1 (en) | 2010-12-21 | 2012-06-21 | Dongwoo Kim | Mobile terminal and method of controlling a mode switching therein |
US8331337B2 (en) * | 2008-04-18 | 2012-12-11 | Nec Corporation | Session management apparatus, communication system, and session clear-out method |
US20130074067A1 (en) | 2011-08-15 | 2013-03-21 | Empire Technology Development Llc | Multimodal computing device |
US20130097657A1 (en) | 2011-10-17 | 2013-04-18 | Daniel Cardamore | Dynamically Generating Perimeters |
US20130124583A1 (en) | 2011-11-11 | 2013-05-16 | Geordon Thomas Ferguson | Presenting Metadata From Multiple Perimeters |
US8484482B1 (en) | 2011-03-07 | 2013-07-09 | Sprint Communications Company L.P. | Password generation and validation system and method |
US20130252583A1 (en) * | 2012-03-22 | 2013-09-26 | Research In Motion Limited | Authentication server and methods for granting tokens comprising location data |
US20130290709A1 (en) | 2012-04-26 | 2013-10-31 | International Business Machines Corporation | Policy-based dynamic information flow control on mobile devices |
US8583091B1 (en) | 2010-09-06 | 2013-11-12 | Sprint Communications Company L.P. | Dynamic loading, unloading, and caching of alternate complete interfaces |
US8588749B1 (en) | 2011-09-01 | 2013-11-19 | Cellco Partnership | Data segmentation profiles |
US20140007222A1 (en) | 2011-10-11 | 2014-01-02 | Zenprise, Inc. | Secure execution of enterprise applications on mobile devices |
US20140059642A1 (en) | 2012-08-24 | 2014-02-27 | Vmware, Inc. | Method and system for facilitating isolated workspace for applications |
US20140074508A1 (en) | 2001-02-02 | 2014-03-13 | Truven Health Analytics Inc. | Method and System for Extracting Medical Information for Presentation to Medical Providers on Mobile Terminals |
US8737965B2 (en) * | 2007-05-07 | 2014-05-27 | Battelle Energy Alliance, Llc | Wireless device monitoring systems and monitoring devices, and associated methods |
US20140173747A1 (en) | 2012-12-13 | 2014-06-19 | Apple Inc. | Disabling access to applications and content in a privacy mode |
US8775820B1 (en) | 2006-06-02 | 2014-07-08 | Sprint Communications Company L.P. | System and method of enterprise administrative password generation and control |
-
2012
- 2012-07-09 US US13/544,802 patent/US9271110B1/en not_active Expired - Fee Related
Patent Citations (41)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US4800590A (en) | 1985-01-14 | 1989-01-24 | Willis E. Higgins | Computer key and computer lock system |
US5592553A (en) | 1993-07-30 | 1997-01-07 | International Business Machines Corporation | Authentication system using one-time passwords |
US5661807A (en) | 1993-07-30 | 1997-08-26 | International Business Machines Corporation | Authentication system using one-time passwords |
US5588056A (en) | 1994-10-25 | 1996-12-24 | Bell Atlantic Network Services, Inc. | Method and system for generating pronounceable security passwords |
US6178508B1 (en) | 1995-12-28 | 2001-01-23 | International Business Machines Corp. | System for controlling access to encrypted data files by a plurality of users |
US6496937B1 (en) | 1998-01-13 | 2002-12-17 | Nec Corp. | Password updating apparatus and recording medium used therefor |
US6161185A (en) | 1998-03-06 | 2000-12-12 | Mci Communications Corporation | Personal authentication system and method for multiple computer platform |
US6470454B1 (en) | 1998-03-31 | 2002-10-22 | International Business Machines Corporation | Method and apparatus for establishing computer configuration protection passwords for protecting computer configurations |
US6601175B1 (en) | 1999-03-16 | 2003-07-29 | International Business Machines Corporation | Method and system for providing limited-life machine-specific passwords for data processing systems |
US6731731B1 (en) | 1999-07-30 | 2004-05-04 | Comsquare Co., Ltd. | Authentication method, authentication system and recording medium |
US20020178370A1 (en) | 1999-12-30 | 2002-11-28 | Gurevich Michael N. | Method and apparatus for secure authentication and sensitive data management |
US20050272445A1 (en) | 2000-12-19 | 2005-12-08 | Bellsouth Intellectual Property Corporation | Location-based security rules |
US20140074508A1 (en) | 2001-02-02 | 2014-03-13 | Truven Health Analytics Inc. | Method and System for Extracting Medical Information for Presentation to Medical Providers on Mobile Terminals |
US20030216143A1 (en) | 2002-03-01 | 2003-11-20 | Roese John J. | Location discovery in a data network |
US20100077487A1 (en) | 2003-06-17 | 2010-03-25 | Cerner Innovation, Inc. | Computerized method and system for restricting access to patient protected health information |
US20050015601A1 (en) | 2003-07-17 | 2005-01-20 | International Business Machines Corporation | Methods, systems, and media to authenticate a user |
US20050239481A1 (en) | 2004-04-01 | 2005-10-27 | Seligmann Doree D | Location-based command execution for mobile telecommunications terminals |
US20050268345A1 (en) | 2004-05-29 | 2005-12-01 | Harrison Robert B | Method and apparatus for providing temporary access to a network device |
US20060212589A1 (en) * | 2005-03-18 | 2006-09-21 | Sap Aktiengesellschaft | Session manager for web-based applications |
US8775820B1 (en) | 2006-06-02 | 2014-07-08 | Sprint Communications Company L.P. | System and method of enterprise administrative password generation and control |
US7836407B2 (en) | 2007-05-02 | 2010-11-16 | Yahoo! Inc. | Smart fields |
US8737965B2 (en) * | 2007-05-07 | 2014-05-27 | Battelle Energy Alliance, Llc | Wireless device monitoring systems and monitoring devices, and associated methods |
US20090047923A1 (en) | 2007-08-06 | 2009-02-19 | Telcordia Technologies, Inc. | Method and System for Using Cellular/Wireless Phones and Devices for Retrieving Emergency Related Personal Data |
US8331337B2 (en) * | 2008-04-18 | 2012-12-11 | Nec Corporation | Session management apparatus, communication system, and session clear-out method |
US20110166883A1 (en) | 2009-09-01 | 2011-07-07 | Palmer Robert D | Systems and Methods for Modeling Healthcare Costs, Predicting Same, and Targeting Improved Healthcare Quality and Profitability |
US20110072492A1 (en) | 2009-09-21 | 2011-03-24 | Avaya Inc. | Screen icon manipulation by context and frequency of use |
US20110208797A1 (en) | 2010-02-22 | 2011-08-25 | Full Armor Corporation | Geolocation-Based Management of Virtual Applications |
US20120136572A1 (en) | 2010-06-17 | 2012-05-31 | Norton Kenneth S | Distance and Location-Aware Reminders in a Calendar System |
US8583091B1 (en) | 2010-09-06 | 2013-11-12 | Sprint Communications Company L.P. | Dynamic loading, unloading, and caching of alternate complete interfaces |
US20120154413A1 (en) | 2010-12-21 | 2012-06-21 | Dongwoo Kim | Mobile terminal and method of controlling a mode switching therein |
US8484482B1 (en) | 2011-03-07 | 2013-07-09 | Sprint Communications Company L.P. | Password generation and validation system and method |
US20130074067A1 (en) | 2011-08-15 | 2013-03-21 | Empire Technology Development Llc | Multimodal computing device |
US8588749B1 (en) | 2011-09-01 | 2013-11-19 | Cellco Partnership | Data segmentation profiles |
US20140007222A1 (en) | 2011-10-11 | 2014-01-02 | Zenprise, Inc. | Secure execution of enterprise applications on mobile devices |
US8886925B2 (en) | 2011-10-11 | 2014-11-11 | Citrix Systems, Inc. | Protecting enterprise data through policy-based encryption of message attachments |
US20130097657A1 (en) | 2011-10-17 | 2013-04-18 | Daniel Cardamore | Dynamically Generating Perimeters |
US20130124583A1 (en) | 2011-11-11 | 2013-05-16 | Geordon Thomas Ferguson | Presenting Metadata From Multiple Perimeters |
US20130252583A1 (en) * | 2012-03-22 | 2013-09-26 | Research In Motion Limited | Authentication server and methods for granting tokens comprising location data |
US20130290709A1 (en) | 2012-04-26 | 2013-10-31 | International Business Machines Corporation | Policy-based dynamic information flow control on mobile devices |
US20140059642A1 (en) | 2012-08-24 | 2014-02-27 | Vmware, Inc. | Method and system for facilitating isolated workspace for applications |
US20140173747A1 (en) | 2012-12-13 | 2014-06-19 | Apple Inc. | Disabling access to applications and content in a privacy mode |
Non-Patent Citations (15)
Title |
---|
Advisory Action dated Feb. 16, 2010, U.S. Appl. No. 11/446,284, filed Jun. 2, 2006. |
Advisory Action dated Jun. 10, 2015, U.S. Appl. No. 13/844,282, filed Mar. 15, 2013. |
Examiner's Answer dated Feb. 24, 2011, U.S. Appl. No. 11/446,284, filed Jun. 2, 2006. |
FAIPP Pre-Interview Communication dated Jan. 2, 2013, U.S. Appl. No. 13/042,015, filed Mar. 7, 2011. |
FAIPP Pre-Interview Communication dated Oct. 29, 2014, U.S. Appl. No. 13/844,282, filed Mar. 15, 2013. |
Final Office Action dated Aug. 19, 2010, U.S. Appl. No. 11/446,284, filed Jun. 2, 2006. |
Final Office Action dated Dec. 1, 2009, U.S. Appl. No. 11/446,284, filed Jun. 2, 2006. |
Final Office Action dated Mar. 24, 2015, U.S. Appl. No. 13/844,282, filed Mar. 15, 2013. |
Notice of Allowance dated Feb. 24, 2014, U.S. Appl. No. 11/446,284, filed Jun. 2, 2006. |
Notice of Allowance dated Mar. 4, 2013, U.S. Appl. No. 13/042,015, filed Mar. 7, 2011. |
Office Action dated Apr. 20, 2010, U.S. Appl. No. 11/446,284, filed Jun. 2, 2006. |
Office Action dated Aug. 24, 2015, U.S. Appl. No. 13/844,282, filed Mar. 15, 2013. |
Office Action dated Jun. 18, 2009, U.S. Appl. No. 11/446,284, filed Jun. 2, 2006. |
Paczkowski, Lyle W., et al., "Restricting Access of a Portable Communication Device to Confidential Data or Applications via a Remote Network Based on Event Triggers Generated by the Portable Communication Device", filed Mar. 15, 2013, U.S. Appl. No. 13/844,282. |
Patent Board Decision, Examiner Reversed dated Nov. 22, 2013, U.S. Appl. No. 11/446,284, filed Jun. 2, 2006. |
Cited By (29)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US10304047B2 (en) * | 2012-12-07 | 2019-05-28 | Visa International Service Association | Token generating component |
US11176536B2 (en) | 2012-12-07 | 2021-11-16 | Visa International Service Association | Token generating component |
US9374363B1 (en) | 2013-03-15 | 2016-06-21 | Sprint Communications Company L.P. | Restricting access of a portable communication device to confidential data or applications via a remote network based on event triggers generated by the portable communication device |
US20160182506A1 (en) * | 2013-05-13 | 2016-06-23 | Hoyos Labs Ip Ltd. | System and method for generating a biometric identifier |
US9355233B1 (en) | 2014-01-27 | 2016-05-31 | Sprint Communications Company L.P. | Password reset using hash functions |
US20170221059A1 (en) * | 2014-05-29 | 2017-08-03 | Ranvir Sethi | System and method for generating a location specific token |
US11607875B2 (en) | 2014-08-22 | 2023-03-21 | Sigma Additive Solutions, Inc. | Method and system for monitoring additive manufacturing processes |
US11858207B2 (en) | 2014-08-22 | 2024-01-02 | Sigma Additive Solutions, Inc. | Defect detection for additive manufacturing systems |
US11135654B2 (en) | 2014-08-22 | 2021-10-05 | Sigma Labs, Inc. | Method and system for monitoring additive manufacturing processes |
US11931956B2 (en) | 2014-11-18 | 2024-03-19 | Divergent Technologies, Inc. | Multi-sensor quality inference and control for additive manufacturing processes |
US11478854B2 (en) | 2014-11-18 | 2022-10-25 | Sigma Labs, Inc. | Multi-sensor quality inference and control for additive manufacturing processes |
US11267047B2 (en) | 2015-01-13 | 2022-03-08 | Sigma Labs, Inc. | Material qualification system and methodology |
US11674904B2 (en) | 2015-09-30 | 2023-06-13 | Sigma Additive Solutions, Inc. | Systems and methods for additive manufacturing operations |
US10717264B2 (en) | 2015-09-30 | 2020-07-21 | Sigma Labs, Inc. | Systems and methods for additive manufacturing operations |
US11354375B2 (en) * | 2018-05-31 | 2022-06-07 | Capital One Services, Llc | Methods and systems for providing authenticated one-click access to a customized user interaction-specific web page |
US11340965B2 (en) * | 2019-04-01 | 2022-05-24 | BoomerSurf, LLC | Method and system for performing voice activated tasks |
US11468158B2 (en) | 2019-04-10 | 2022-10-11 | At&T Intellectual Property I, L.P. | Authentication for functions as a service |
US10922396B2 (en) * | 2019-04-22 | 2021-02-16 | Bank Of America Corporation | Signals-based authentication |
US10749885B1 (en) | 2019-07-18 | 2020-08-18 | Cyberark Software Ltd. | Agentless management and control of network sessions |
US10931701B2 (en) | 2019-07-18 | 2021-02-23 | Cyberark Software Ltd. | Agentless management and control of network sessions |
EP3660718A1 (en) * | 2019-07-18 | 2020-06-03 | CyberArk Software Ltd. | Agentless management and control of network sessions |
US11405397B2 (en) | 2019-08-21 | 2022-08-02 | Mcafee, Llc | Methods and apparatus to deconflict malware or content remediation |
US11398908B2 (en) * | 2019-08-21 | 2022-07-26 | Mcafee, Llc | Methods and apparatus to deconflict malware or content remediation |
US11743256B1 (en) * | 2019-11-05 | 2023-08-29 | Shape Security, Inc. | Security measures for extended sessions using multi-domain data |
US20220022041A1 (en) * | 2020-07-17 | 2022-01-20 | Sensia Llc | Systems and methods for security of a hydrocarbon system |
US11825308B2 (en) * | 2020-07-17 | 2023-11-21 | Sensia Llc | Systems and methods for security of a hydrocarbon system |
US11868754B2 (en) | 2020-07-17 | 2024-01-09 | Sensia Llc | Systems and methods for edge device management |
US20220141215A1 (en) * | 2020-11-05 | 2022-05-05 | Capital One Services, Llc | Systems utilizing secure offline limited-use tokens for temporary electronic activity authentication and methods of use thereof |
WO2023065308A1 (en) * | 2021-10-22 | 2023-04-27 | 北京小米移动软件有限公司 | Communication method and communication apparatus for wireless local area network sensing measurement |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US9271110B1 (en) | Location awareness session management and cross application session management | |
JP7043701B2 (en) | Systems and methods to first establish and regularly check the trust of software applications | |
US8745401B1 (en) | Authorizing actions performed by an online service provider | |
US10097350B2 (en) | Privacy enhanced key management for a web service provider using a converged security engine | |
TWI586196B (en) | Method to provide network communications, and method to access a network | |
US9301140B1 (en) | Behavioral authentication system using a secure element, a behaviometric server and cryptographic servers to authenticate users | |
US8881977B1 (en) | Point-of-sale and automated teller machine transactions using trusted mobile access device | |
US10135805B2 (en) | Connected authentication device using mobile single sign on credentials | |
US10028139B2 (en) | Leveraging mobile devices to enforce restricted area security | |
AU2016259459B2 (en) | Method for phone authentication in e-business transactions and computer-readable recording medium having program for phone authentication in e-business transactions recorded thereon | |
CN109600223A (en) | Verification method, Activiation method, device, equipment and storage medium | |
US20160219021A1 (en) | Demand Based Encryption and Key Generation and Distribution Systems and Methods | |
CN108886518A (en) | The binding of Transport Layer Security token and trusted signature | |
US20120266220A1 (en) | System and Method for Controlling Access to a Third-Party Application with Passwords Stored in a Secure Element | |
TW201220794A (en) | System of multiple domains and domain ownership | |
CA2835349A1 (en) | System and method for identity management for mobile devices | |
KR20170069271A (en) | Method, device, terminal, and server for verifying security of service operation | |
US20160286034A1 (en) | Leveraging mobile devices to enforce restricted area security | |
US20240089107A1 (en) | Proxy-based identity and access management for web applications | |
CN109075966B (en) | Communication security system and method | |
CN105379176B (en) | System and method for verifying the request of SCEP certificate registration | |
US10939297B1 (en) | Secure unlock of mobile phone | |
JP5993908B2 (en) | Terminal device, verification method, and verification program | |
JP2014228962A (en) | Information data migration method, information data migration system, and terminal | |
Abd Jalil et al. | Multiple trusted devices authentication protocol for ubiquitous computing applications |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AS | Assignment |
Owner name: SPRINT COMMUNICATIONS COMPANY L.P., KANSAS Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:FULTZ, DAVID K.;VIJAYAKIRTHI, VICTOR ANEND;SIGNING DATES FROM 20120601 TO 20120703;REEL/FRAME:028518/0555 |
|
STCF | Information on status: patent grant |
Free format text: PATENTED CASE |
|
AS | Assignment |
Owner name: DEUTSCHE BANK TRUST COMPANY AMERICAS, NEW YORK Free format text: GRANT OF FIRST PRIORITY AND JUNIOR PRIORITY SECURITY INTEREST IN PATENT RIGHTS;ASSIGNOR:SPRINT COMMUNICATIONS COMPANY L.P.;REEL/FRAME:041895/0210 Effective date: 20170203 |
|
FEPP | Fee payment procedure |
Free format text: MAINTENANCE FEE REMINDER MAILED (ORIGINAL EVENT CODE: REM.); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY |
|
LAPS | Lapse for failure to pay maintenance fees |
Free format text: PATENT EXPIRED FOR FAILURE TO PAY MAINTENANCE FEES (ORIGINAL EVENT CODE: EXP.); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY |
|
STCH | Information on status: patent discontinuation |
Free format text: PATENT EXPIRED DUE TO NONPAYMENT OF MAINTENANCE FEES UNDER 37 CFR 1.362 |
|
AS | Assignment |
Owner name: SPRINT COMMUNICATIONS COMPANY L.P., KANSAS Free format text: TERMINATION AND RELEASE OF FIRST PRIORITY AND JUNIOR PRIORITY SECURITY INTEREST IN PATENT RIGHTS;ASSIGNOR:DEUTSCHE BANK TRUST COMPANY AMERICAS;REEL/FRAME:052969/0475 Effective date: 20200401 Owner name: DEUTSCHE BANK TRUST COMPANY AMERICAS, NEW YORK Free format text: SECURITY AGREEMENT;ASSIGNORS:T-MOBILE USA, INC.;ISBV LLC;T-MOBILE CENTRAL LLC;AND OTHERS;REEL/FRAME:053182/0001 Effective date: 20200401 |
|
FP | Lapsed due to failure to pay maintenance fee |
Effective date: 20200223 |
|
AS | Assignment |
Owner name: SPRINT SPECTRUM LLC, KANSAS Free format text: RELEASE BY SECURED PARTY;ASSIGNOR:DEUTSCHE BANK TRUST COMPANY AMERICAS;REEL/FRAME:062595/0001 Effective date: 20220822 Owner name: SPRINT INTERNATIONAL INCORPORATED, KANSAS Free format text: RELEASE BY SECURED PARTY;ASSIGNOR:DEUTSCHE BANK TRUST COMPANY AMERICAS;REEL/FRAME:062595/0001 Effective date: 20220822 Owner name: SPRINT COMMUNICATIONS COMPANY L.P., KANSAS Free format text: RELEASE BY SECURED PARTY;ASSIGNOR:DEUTSCHE BANK TRUST COMPANY AMERICAS;REEL/FRAME:062595/0001 Effective date: 20220822 Owner name: SPRINTCOM LLC, KANSAS Free format text: RELEASE BY SECURED PARTY;ASSIGNOR:DEUTSCHE BANK TRUST COMPANY AMERICAS;REEL/FRAME:062595/0001 Effective date: 20220822 Owner name: CLEARWIRE IP HOLDINGS LLC, KANSAS Free format text: RELEASE BY SECURED PARTY;ASSIGNOR:DEUTSCHE BANK TRUST COMPANY AMERICAS;REEL/FRAME:062595/0001 Effective date: 20220822 Owner name: CLEARWIRE COMMUNICATIONS LLC, KANSAS Free format text: RELEASE BY SECURED PARTY;ASSIGNOR:DEUTSCHE BANK TRUST COMPANY AMERICAS;REEL/FRAME:062595/0001 Effective date: 20220822 Owner name: BOOST WORLDWIDE, LLC, KANSAS Free format text: RELEASE BY SECURED PARTY;ASSIGNOR:DEUTSCHE BANK TRUST COMPANY AMERICAS;REEL/FRAME:062595/0001 Effective date: 20220822 Owner name: ASSURANCE WIRELESS USA, L.P., KANSAS Free format text: RELEASE BY SECURED PARTY;ASSIGNOR:DEUTSCHE BANK TRUST COMPANY AMERICAS;REEL/FRAME:062595/0001 Effective date: 20220822 Owner name: T-MOBILE USA, INC., WASHINGTON Free format text: RELEASE BY SECURED PARTY;ASSIGNOR:DEUTSCHE BANK TRUST COMPANY AMERICAS;REEL/FRAME:062595/0001 Effective date: 20220822 Owner name: T-MOBILE CENTRAL LLC, WASHINGTON Free format text: RELEASE BY SECURED PARTY;ASSIGNOR:DEUTSCHE BANK TRUST COMPANY AMERICAS;REEL/FRAME:062595/0001 Effective date: 20220822 Owner name: PUSHSPRING, LLC, WASHINGTON Free format text: RELEASE BY SECURED PARTY;ASSIGNOR:DEUTSCHE BANK TRUST COMPANY AMERICAS;REEL/FRAME:062595/0001 Effective date: 20220822 Owner name: LAYER3 TV, LLC, WASHINGTON Free format text: RELEASE BY SECURED PARTY;ASSIGNOR:DEUTSCHE BANK TRUST COMPANY AMERICAS;REEL/FRAME:062595/0001 Effective date: 20220822 Owner name: IBSV LLC, WASHINGTON Free format text: RELEASE BY SECURED PARTY;ASSIGNOR:DEUTSCHE BANK TRUST COMPANY AMERICAS;REEL/FRAME:062595/0001 Effective date: 20220822 |