Application intermediation gateway

US 20050021818A1
Filed: 03/17/2003
Published: 01/27/2005
Est. Priority Date: 03/17/2003
Status: Active Grant

First Claim

Patent Images

1. A system for implementing application level policies on data packets in a network, the application level policies managing the exchange of data packets between users and service providers, the system comprising:

a. a system kernel for receiving and inspecting the data packets;

b. a plurality of application handlers for implementing the application level policies;

c. an enforcement engine for enforcing policy decisions;

the policy decisions being decisions taken according to policy; and

d. a context engine for context collection and context update.

View all claims

7 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present invention provides a system, method and computer program product for implementing application level policies in an operator network, while managing the exchange of data packets between users and service providers during the provisioning of premium data services. The present invention intermediates between a user and a service provider (who may be an enterprise, content provider, an application provider or a partner portal). The present invention enforces access control, prompting, redirection and inline context injection dynamically while the service is being delivered, and generates metering records for billing purposes. Prompting enables notifications and taking inputs from the user while the user accesses chargeable content or when the sharing of user data (profile or choice) occurs between the network and service provider. Inline context injection allows sharing of information regarding the users preference and profile, and capabilities of the devices between the users and the service provider.

73 Citations

View as Search Results

20 Claims

1. A system for implementing application level policies on data packets in a network, the application level policies managing the exchange of data packets between users and service providers, the system comprising:
- a. a system kernel for receiving and inspecting the data packets;
  
  b. a plurality of application handlers for implementing the application level policies;
  
  c. an enforcement engine for enforcing policy decisions;
  
  the policy decisions being decisions taken according to policy; and
  
  d. a context engine for context collection and context update.

2. A system for implementing application level policies on data packets in a network, the application level policies managing the exchange of data packets between users and service providers, the system comprising:
- a. a system kernel for receiving and inspecting the data packets;
  
  b. a plurality of application handlers for implementing application level policies on the data packets;
  
  a data parser for parsing data packets received by the application handlers;
  
  d. an enforcement engine for enforcing policy decisions, the policy decisions being decisions taken according to a policy;
  
  a policy component for obtaining the policy decisions; and
  
  f. a context engine for context collection and context update.
- View Dependent Claims (3, 4, 5, 6, 7, 8, 9, 10)
- - 3. The system as recited in claim 2 wherein the system further comprises a metering record generator for generating the records of the session for billing the user.
  - 4. The system as recited in claim 2 wherein the system kernel comprises a kernel hook, the kernel hook implementing kernel rules.
  - 5. The system as recited in claim 2 wherein the policy component comprises a local policy decision store for caching the policy decisions.
  - 6. The system as recited in claim 2 wherein the context engine comprises a local context store for caching the context.
  - 7. The system as recited in claim 2 wherein the application handlers are specific to each type of application.
  - 8. The system as recited in claim 2 wherein the application handlers receive the data packets from a user through the system kernel and forward them to the corresponding service provider.
  - 9. The system as recited in claim 2 wherein the application handler receives a response from the service provider and forwards the response to the user.
  - 10. The system as recited in claim 2 wherein the application handler performs inline context injection in the data packets.

11. A method for implementing application level policies on data packets in a network, the application level policies managing the exchange of data packets between users and service providers, the method comprising:
- a. receiving data packets from a user and forwarding data packets to an application handler on the basis of application information in data packet;
  
  b. injecting context in data packets wherein the context comprises device profile, network details and subscriber profile;
  
  c. enforcing policy decisions on data packets, the policy decisions being decisions taken according to a policy; and
  
  d. forwarding data packets to the service provider having the destination address.
- View Dependent Claims (12, 13)
- - 12. The method as recited in claim 11 wherein the step of enforcing the policy decisions on data packets comprises prompting the user to receive an input.
  - 13. The method as recited in claim 11 wherein the step of enforcing the policy decisions on data packets further comprises redirecting the user to an alternate destination address.

14. A method for facilitating the provision of data services by service providers to a user over a network, the method comprising:
- a. providing access control to the service providers for data services being provided by the service providers;
  
  b. prompting the user for receiving an input;
  
  c. redirecting the user to an alternate source; and
  
  d. injecting context inline for passing the information to the service providers, the context comprising information of device details, network details and the user profile.
- View Dependent Claims (15)
- - 15. The method as recited in claim 14 wherein the step of redirecting the user to an alternate source is done for:
    - a. denying a service or application to the user on the basis of a licensing agreement;
      
      b. providing a service to the user on the basis of a licensing agreement; and
      
      c. upgrading or downloading an application from a different destination.

16. A computer program product for use with a computer, the computer program product comprising a computer usable medium having a computer readable program code embodied therein for implementing application level policies on data packets in a network, the application level policies managing the exchange of data packets between users and service providers, the computer program code performing the steps of:
- a. receiving data packets from a user;
  
  b. forwarding data packets to an application handler on the basis of application information in the data packet;
  
  c. injecting context in data packets wherein the context comprises device profile, network details and subscriber profile;
  
  d. enforcing policy decisions on data packets, the policy decisions being decisions taken according to a policy; and
  
  e. forwarding data packets to the service provider having the destination address.
- View Dependent Claims (17, 18)
- - 17. The computer program product as recited in claim 16 wherein the step of enforcing the policy decisions on data packets comprises prompting the user to receive an input.
  - 18. The computer program product as recited in claim 16 wherein the step of enforcing the policy decisions on data packets further comprises redirecting the user to an alternate destination address.

19. A computer program product for use with a computer, the computer program product comprising a computer usable medium having a computer readable program code embodied therein for facilitating the provision of data services by service providers to a user over a network, the computer program code performing the steps of:
- a. providing access control to service providers for data services being provided by the service providers;
  
  b. prompting the user for receiving an input;
  
  c. redirecting the user to an alternate source; and
  
  d. injecting context inline for passing the information to the service providers, the context comprising information of device details, network details and the user profile.
- View Dependent Claims (20)
- - 20. The computer program product as recited in claim 19 wherein the step of redirecting the user to an alternate source is done for:
    - a. denying a service or application to the user on the basis of a licensing agreement;
      
      b. providing a service to the user on the basis of a licensing agreement; and
      
      c. upgrading or downloading an application from a different destination.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Cisco Technology, Inc. (Cisco Systems, Inc.)
Original Assignee
July Systems, Inc. (Cisco Systems, Inc.)
Inventors
Abraham, Dax, Lal, Vishal, Singhal, Umesh, Reddy, Rajesh Ts, Chakravorty, Jyothirmoy, Krishnan, Badrinarayanan

Granted Patent

US 7,076,562 B2
Time in Patent Office

Days
Field of Search
US Class Current

709/232
CPC Class Codes

H04L 67/53   using third party service p...

H04L 67/563   Data redirection of data ne...

H04L 67/568   Storing data temporarily at...

H04L 67/63   Routing a service request d...

H04L 69/329   in the application layer [O...

Application intermediation gateway

First Claim

7 Assignments

0 Petitions

Accused Products

Abstract

73 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Application intermediation gateway

First Claim

7 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

73 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links