Location-based anticipatory resource provisioning

US 10,216,366 B2
Filed: 11/19/2015
Issued: 02/26/2019
Est. Priority Date: 11/19/2014
Status: Active Grant

First Claim

Patent Images

1. A method of anticipatory provisioning of resources for mobile users in an institutional space, the method comprising the steps of:

providing a database storing records for a plurality of users, each of the records specifying, for one of the users, (i) data specifying a provisioning policy for the user including at least one location-based triggering event, (ii) data specifying session resources for the user, (iii) data indicative of a current location of the user, and (iv) data specifying a privilege level for the user;

in response to an electronically detected location-based triggering event of a first mobile user, the privilege level of the first user, and the provisioning policy stored in the database for the first mobile user, causing a first virtual desktop including the session resources specified for the first mobile user to be created, prior to receiving log-on credentials for the first mobile user, within a first hosted session at a server;

receiving, at a first network node, log-on credentials for the first mobile user;

upon acceptance of the log-on credentials for the first mobile user, providing network-based access for the first mobile user to the launched resources at the first network node;

receiving, at a second network node, log-on credentials for a second mobile user having a privilege level different from that of the first mobile user;

only after acceptance of the log-on credentials for the second mobile user, causing a second virtual desktop including the session resources specified for the second user to be created within a second hosted session at the server; and

providing network-based access for the second mobile user to the launched resources at the second network node.

View all claims

7 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In various embodiments, the predicted location of a user within an institutional space is associated with a node at or near that location, and a virtual desktop is prepared before a user has actually logged on and authenticated. Although users are not accorded access to applications and sensitive data until they have properly authenticated themselves, the virtual desktop and associated data are assembled and retrieved in the background in order to eliminate delay following log-on.

12 Citations

View as Search Results

26 Claims

1. A method of anticipatory provisioning of resources for mobile users in an institutional space, the method comprising the steps of:
- providing a database storing records for a plurality of users, each of the records specifying, for one of the users, (i) data specifying a provisioning policy for the user including at least one location-based triggering event, (ii) data specifying session resources for the user, (iii) data indicative of a current location of the user, and (iv) data specifying a privilege level for the user;
  
  in response to an electronically detected location-based triggering event of a first mobile user, the privilege level of the first user, and the provisioning policy stored in the database for the first mobile user, causing a first virtual desktop including the session resources specified for the first mobile user to be created, prior to receiving log-on credentials for the first mobile user, within a first hosted session at a server;
  
  receiving, at a first network node, log-on credentials for the first mobile user;
  
  upon acceptance of the log-on credentials for the first mobile user, providing network-based access for the first mobile user to the launched resources at the first network node;
  
  receiving, at a second network node, log-on credentials for a second mobile user having a privilege level different from that of the first mobile user;
  
  only after acceptance of the log-on credentials for the second mobile user, causing a second virtual desktop including the session resources specified for the second user to be created within a second hosted session at the server; and
  
  providing network-based access for the second mobile user to the launched resources at the second network node.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 15, 16, 17, 18, 19, 20, 21)
- - 2. The method of claim 1, wherein the location-based triggering event of the first mobile user is detection of presence of the first mobile user at a first location and further comprising:
    - predicting a second location for the first mobile user, the second location being based on and different from the first location;
      
      delivering a virtual desktop including the resources to a node at the second location; and
      
      providing network-based access to the virtual desktop by the first mobile user at the node at the second location following log-on of the first mobile user thereat.
  - 3. The method of claim 1, wherein location-based triggering events causing the delivery of the virtual desktop for a particular mobile user depend at least in part on an identity of the user stored in the database.
  - 4. The method of claim 3, wherein for some users, the at least one location-based triggering event is detection of the users'"'"' entry into the institutional space.
  - 5. The method of claim 1, wherein the at least one location-based triggering event in at least one of the records is log-off of a user from an existing session.
  - 6. The method of claim 1, wherein the first virtual desktop, when delivered, includes data from a previous session of the first mobile user.
  - 7. The method of claim 1, wherein at least some of the data specifying session resources for the first mobile user have been previously selected by the first mobile user.
  - 15. The method of claim 1, wherein the first virtual desktop, when delivered, includes (i) data from a previous session of the first mobile user when a default-restoration triggering event has not occurred prior to creation of the first virtual desktop, or (ii) default data for the first mobile user when the default-restoration triggering event has occurred prior to creation of the first virtual desktop.
  - 16. The method of claim 15, wherein the default-restoration triggering event comprises a log-off by the first mobile user from the previous session.
  - 17. The method of claim 15, wherein the default-restoration triggering event comprises a period of inactivity associated with the previous session of the first mobile user.
  - 18. The method of claim 15, wherein the default-restoration triggering event comprises detection of the first mobile user at the institutional space, the previous session of the first mobile user having been initiated at a second institutional space different from the institutional space.
  - 19. The method of claim 1, wherein the second virtual desktop is caused to be created only after acceptance of the log-on credentials for the second mobile user notwithstanding any electronically detected location-based triggering events of the second mobile user occurring prior to receipt of the log-on credentials for the second mobile user.
  - 20. The method of claim 1, further comprising electronically detecting a location-based triggering event of the second mobile user prior to causing the second virtual desktop to be created.
  - 21. The method of claim 20, wherein the location-based triggering event of the second mobile user is electronically detected prior to receipt of the log-on credentials for the second mobile user at the second network node.

8. A system for anticipatory provisioning of resources for mobile users in an institutional space, the system comprising:
- a plurality of devices at different locations in the institutional space;
  
  a location server in operative communication with the devices via a network and including computer storage defining a user location database that itself includes records for a plurality of users, each of the records including, for one of the users, (i) data specifying a provisioning policy for the user including at least one location-based triggering event, (ii) data indicative of a current location of the user, and (iv) data specifying a privilege level for the user;
  
  a desktop server in operative communication with the devices and the location server via the network, the desktop server including (i) a user desktop database that itself includes records for a plurality of users, each of the records specifying, for one of the users, session resources for the user and data indicative of a state of a user'"'"'s previous session on one of the devices, (ii) a virtualization module for creating a virtual desktop including the session resources at the desktop server for remote session access and use at one of the devices via the network; and
  
  an authentication server for receiving user log-on credentials,wherein, the desktop server is configured to, upon detection by the location server of a location-based triggering event for a first user having a first privilege level, (i) responsively create the virtual desktop specified in the user desktop database for the first user, and (ii) thereafter, responsive to authentication of the first user to the authentication server via a first one of the devices, provide network-based access to the virtual desktop of the first user at the first device, andwherein the desktop server is configured to, only after authentication of a second user having a second privilege level different from the first privilege level to the authentication server via a second one of the devices, (i) responsively create the virtual desktop specified in the user desktop database for the second user, and (ii) provide network-based access to the virtual desktop of the second user at the second device.
- View Dependent Claims (9, 10, 11, 12, 13, 14, 22, 23, 24, 25, 26)
- - 9. The system of claim 8, wherein:
    - the location-based triggering event for the first user is detection of presence of the first user at a first location, the location server being configured to predict a second location for the first user, the second location being based on and different from the first location; and
      
      the desktop server is configured to deliver the virtual desktop of the first user to a device at the second location.
  - 10. The system of claim 8, wherein location-based triggering events to which the desktop server is responsive depend at least in part on an identity of the user stored in the user location database.
  - 11. The system of claim 8, wherein for some users, the at least one location-based triggering event is detection of the users'"'"' entry into the institutional space.
  - 12. The system of claim 8, wherein the at least one location-based triggering event in at least one of the records is log-off of a user from an existing session.
  - 13. The system of claim 8, wherein the desktop server comprises storage for storing data from a user session and is configured to create a new virtual desktop based on the stored data.
  - 14. The system of claim 8, wherein the devices comprise a desktop agent for receiving user selections of session resources and providing these, via the network, to the desktop server for inclusion in the user'"'"'s record thereon.
  - 22. The system of claim 8, wherein the desktop server is configured to include, within the virtual desktop specified for the first user, (i) data from a previous session of the first user when a default-restoration triggering event has not occurred prior to creation of the virtual desktop specified for the first user, or (ii) default data for the first user when the default-restoration triggering event has occurred prior to creation of the virtual desktop specified for the first user.
  - 23. The system of claim 22, wherein the default-restoration triggering event comprises a log-off by the first user from the previous session.
  - 24. The system of claim 22, wherein the default-restoration triggering event comprises a period of inactivity associated with the previous session of the first user.
  - 25. The system of claim 22, wherein the default-restoration triggering event comprises detection of the first user at the institutional space, the previous session of the first user having been initiated at a second institutional space different from the institutional space.
  - 26. The system of claim 8, wherein the desktop server is configured to (i) responsively create the virtual desktop specified in the user desktop database for the second user, and (ii) provide network-based access to the virtual desktop of the second user at the second device, notwithstanding any detection by the location server of any location-based triggering events for the second user occurring prior to authentication of the second user.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Imprivata Incorporated
Original Assignee
Imprivata Incorporated
Inventors
Ullrich, Meinhard Dieter
Primary Examiner(s)
Cheema, Umar
Assistant Examiner(s)
Tolchinsky, Gregory P

Application Number

US14/945,658
Publication Number

US 20160142497A1
Time in Patent Office

1,195 Days
Field of Search

None
US Class Current
CPC Class Codes

G06F 3/0482   Interaction with lists of s...

G16H 10/60   for patient-specific data, ...

G16H 40/20   for the management or admin...

G16H 40/67   for remote operation

G16Z 99/00   Subject matter not provided...

H04L 63/08   for authentication of entit...

H04L 67/12   specially adapted for propr...

H04L 67/52   specially adapted for the l...

H04L 67/535   Tracking the activity of th...

H04W 12/06   Authentication

H04W 12/63   Location-dependent; Proximi...

H04W 4/023   using mutual or relative lo...

H04W 4/029   Location-based management o...

H04W 4/33   for indoor environments, e....

H04W 60/04   using triggered events

H04W 64/00   Locating users or terminals...

Location-based anticipatory resource provisioning

First Claim

7 Assignments

0 Petitions

Accused Products

Abstract

12 Citations

26 Claims

Specification

Solutions

Use Cases

Quick Links

Location-based anticipatory resource provisioning

First Claim

7 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

12 Citations

26 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links