Secure dynamic link allocation system for mobile data communication
First Claim
1. A method for layered secure communications involving at least one mobile unit, the mobile unit hosting at least one application program and the application program sending a message having associated with it a source application, a destination application and a message type, the method comprising the steps of:
- establishing a base privilege control table comprising a series of entries, each entry in the table indicating a permitted class of messages corresponding to a predetermined combination of a selected sending application, a selected destination application and a selected message type;
providing a series of content labels;
associating each of the content labels to at least one entry in the privilege control table;
examining the message to determine the type of the message without reading the payload of the message;
determining whether the message is permitted or not by reference to the privilege control table; and
if the message is permitted by the privilege control table, adding the associated content label to the message and approving the message for transmission to the destination application.
7 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods are disclosed for layered, secure data communications with a mobile unit over a variety of different communication links, such as in-band signalling, SMS, CDPD etc. A privilege control table determines permitted classes of messages. Content labeling is used to further manage communications without reading the payload of the message. The invention adds additional layers of security by varying content labels based on secure session key exchange seeded algorithms. The system also includes isolating the application program by providing a protocol manager for exclusive receipt of a communication service request from the application program; the protocol manager implementing a plurality of different message protocols. Another aspect of the invention includes link choose logic for effecting loosely-coupled, network loop communications to enable broadband delivery to a mobile unit, and can include parallel transmission of segmented messages over plural communication links.
-
Citations
29 Claims
-
1. A method for layered secure communications involving at least one mobile unit, the mobile unit hosting at least one application program and the application program sending a message having associated with it a source application, a destination application and a message type, the method comprising the steps of:
-
establishing a base privilege control table comprising a series of entries, each entry in the table indicating a permitted class of messages corresponding to a predetermined combination of a selected sending application, a selected destination application and a selected message type;
providing a series of content labels;
associating each of the content labels to at least one entry in the privilege control table;
examining the message to determine the type of the message without reading the payload of the message;
determining whether the message is permitted or not by reference to the privilege control table; and
if the message is permitted by the privilege control table, adding the associated content label to the message and approving the message for transmission to the destination application. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A loosely-coupled, ad hoc network loop communications method for broadband delivery to a mobile unit comprising the steps of:
-
providing a mobile unit with wireless communications capability;
transmitting a first wireless message from the mobile unit to a base station via a first link, the first message including indicia requesting selected data for transfer to the mobile unit, and the first link having a predetermined data transfer rate;
at the base station, receiving the first message, and forming a second message responsive to the first message, the second message including an identifier of the mobile unit;
transmitting the second message from the base station to a selected information server over a second link, the second link having a data transfer rate greater than the first link;
at the selected information server, receiving the second message and, responsive to the second message, initiating transmission of the selected data to the requesting mobile unit via a broadband wireless broadcast link having a data transfer rate greater than the second link; and
In the mobile unit, receiving the selected information over a receive-only channel adapted to receive data from a broadband wireless broadcast, whereby the mobile unit receives the requested data at a higher transfer rate than the transfer rate of the first link on which the first message was sent requesting the selected data. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18, 19)
-
-
20. A loosely-coupled network loop communications method for broadband delivery to a mobile unit comprising the steps of:
-
providing the mobile unit with wireless communications capability and GPS location capability;
transmitting a first wireless message from the mobile unit to a base station via a first link, the first message including indicia requesting selected data for transfer to the mobile unit and further including indicia of a present location of the mobile unit, and the first link having a predetermined data transfer rate;
at the base station, receiving the first message, and forming a second message responsive to the first message, the second message including an identifier of the mobile unit and indicia of the present location of the mobile unit;
transmitting the second message from the base station to a selected information server over a second link, the second link having a data transfer rate greater than the first link; and
at the selected information server, receiving the second message and, responsive to the second message, initiating transmission of the selected data from a selected transmission facility to the requesting mobile unit via a broadband wireless broadcast link having a data transfer rate greater than the first and second links, thereby forming an ad hoc, loosely coupled network loop comprising the mobile unit, the base unit, the information server and the broadband wireless transmission facility. - View Dependent Claims (21, 22, 23, 24, 25, 26, 27, 28, 29)
-
Specification