Provision of services over a common delivery platform such as a mobile telephony network

US 20060161991A1
Filed: 01/13/2006
Published: 07/20/2006
Est. Priority Date: 01/14/2005
Status: Active Grant

First Claim

Patent Images

1. A system for providing services to subscribers of a network, wherein the system supports the provision of a plurality of different services to multiple subscribers, and comprises:

a first processing unit which provides a first execution environment for a first set of software applications for providing respective services;

a second processing unit which provides a second execution environment for a second set of software applications for providing respective services;

a data structure for storing data associated with a plurality of subscribers of the system, wherein data associated with each of said plurality of subscribers of the system comprises a plurality of sets of data, each set of data relating to a respective level of authentication; and

a trust model comprising a set of relationships between the sets of data, wherein the trust model determines the access rights of subscribers to different services hosted by the different processing units in dependence on the data set which has been used to authenticate the subscriber in a given subscriber session.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

One embodiment of a system for providing services to subscribers of a network supports the provision of a plurality of different services to multiple subscribers. A processor arrangement is provided for hosting the different services. A data structure is provided for storing data associated with subscribers of the system, wherein data associated with subscribers of the system comprises a plurality of sets of data, each set of data relating to a respective level of authentication. A trust model comprises a set of relationships between the sets of data, and the trust model determines the access rights of subscribers to different services in dependence on the data set which has been used to authenticate the subscriber in a given subscriber session. The use of this trust model enables services and other access rights to be provided to a subscribed which match the level of authentication which has been applied to the subscriber during any particular session.

60 Citations

View as Search Results

20 Claims

1. A system for providing services to subscribers of a network, wherein the system supports the provision of a plurality of different services to multiple subscribers, and comprises:
- a first processing unit which provides a first execution environment for a first set of software applications for providing respective services;
  
  a second processing unit which provides a second execution environment for a second set of software applications for providing respective services;
  
  a data structure for storing data associated with a plurality of subscribers of the system, wherein data associated with each of said plurality of subscribers of the system comprises a plurality of sets of data, each set of data relating to a respective level of authentication; and
  
  a trust model comprising a set of relationships between the sets of data, wherein the trust model determines the access rights of subscribers to different services hosted by the different processing units in dependence on the data set which has been used to authenticate the subscriber in a given subscriber session.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
- - 2. A system as claimed in claim 1, wherein the data structure provides a common identity for association with a subscriber.
  - 3. A system as claimed in claim 2, wherein the common identity is recognized by all processing units of the system.
  - 4. A system as claimed in any one of claims 2, wherein the data structure stores all data associated with each subscriber from each processing unit.
  - 5. A system as claimed in claim 2, wherein the system comprises a plurality of access control points, and wherein each access control point is provided with a traffic interceptor for appending the common identity of a subscriber to a service request from the subscriber.
  - 6. A system as claimed in claim 5, wherein the system further comprises a plurality of gateways between the processing units, for controlling the passage of data between respective pairs of processing units, and wherein each gateway is provided with an access control point.
  - 7. A system as claimed in claim 1, for providing services to subscribers of a mobile telephony network over the mobile telephony network.
  - 8. A system as claimed in claim 1, wherein the first set of software applications are each associated with a first service binding or first set of service bindings, the second set of software applications are each associated with a different second service binding or second set of service bindings, and wherein the system further comprises a second data structure containing data identifying the first and second sets of software applications or software application components of the first and second sets of software applications, and further identifies the service binding or bindings associated with each application or application component.
  - 9. A system as claimed in claim 8, further comprising a third processing unit which provides a third execution environment for a third set of software applications, each associated with a different third service binding or third set of service bindings, and wherein the data structure contains data identifying the third set of software applications or software application components of the third set, and further identifies the service binding or bindings associated with each application or application component of the third set.
  - 10. A system as claimed in claim 9, wherein different developers are provided with different access rights to the data in the second data structure.
  - 11. A system as claimed in claim 10, wherein the access rights are dependent on the trust levels associated with the developers.
  - 12. A system as claimed in claim 11, further comprising a read interface for enabling a developer to access the data in the data structure, and wherein the read interface comprises a plurality of interface units, each associated with a specific software development environment.
  - 13. A system as claimed in claim 12, wherein each interface unit provides information for updating the software development environment to provide a listing of the data available based on the access rights associated with the software development environment.
  - 14. A system as claimed in claim 1, wherein the trust model further determines access rights to data in the data structure.
  - 15. A system as claimed in claim 1, provided in a mobile telephone network, wherein the mobile telephone network comprises a plurality of base stations connected to the system for communicating with multiple subscribers over a wireless connection.

16. A method of controlling access to services provided by a network operator, the network operator using a system which supports the provision of a plurality of different services to multiple subscribers, the system comprising a first processing unit which provides a first execution environment for a first set of software applications for providing respective services and a second processing unit which provides a second execution environment for a second set of software applications for providing respective services, the method comprising:
- receiving a service request from a subscriber for services hosted by one of the first and second processing units;
  
  interrogating a data structure which stores data associated with a plurality of subscribers of the system, the data associated with each of said plurality of subscribers of the system comprising a plurality of sets of data, each set of data relating to a respective level of authentication;
  
  using a trust model comprising a set of relationships between the sets of data to determine access rights of the subscriber to the service requested; and
  
  permitting or prohibiting access to the service requested based on the trust model and on the data set which has been used to authenticate the subscriber in the subscriber session.
- View Dependent Claims (17, 18, 19)
- - 17. A method as claimed in claim 16, wherein receiving service a request from a subscriber comprises receiving the request at a gateway within the system, the request using first identification information for the subscriber.
  - 18. A method as claimed in claim 17, wherein the data structure provides a common identity for association with a subscriber which is recognized by all processing units of the system, and wherein the method further comprises, at the gateway, associating the common identity with the request and forwarding the request to the processing unit associated with the request.
  - 19. A method as claimed in claim 18, wherein the system comprises a plurality of access control points, and wherein the method further comprises, at any access control point at which the request from the subscriber is initially received, appending the common identity of the subscriber to the request.

20. A data structure for use in a system for providing services to subscribers of a network, wherein the system supports the provision of a plurality of different services to multiple subscribers, the system comprising a first processing unit which provides a first execution environment for a first set of software applications for providing respective services and a second processing unit which provides a second execution environment for a second set of software applications for providing respective services, wherein the data structure stores data associated with a plurality of subscribers of the system, wherein data associated with each of said plurality of subscribers of the system comprises a plurality of sets of data, each set of data relating to a respective level of authentication, and wherein the data structure further comprises a trust model comprising a set of relationships between the sets of data, wherein the trust model is for determining access rights of subscribers to different services hosted by different processing units in dependence on the data set which has been used to authenticate the subscriber in a given subscriber session.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Hewlett Packard Enterprise Development LP (Hewlett-Packard Enterprise Company)
Original Assignee
Hewlett-Packard Development Company, L.P. (HP Inc.)
Inventors
I'Anson, Colin

Granted Patent

US 8,291,077 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/27
CPC Class Codes

H04M 3/38   Graded-service arrangements...

H04M 3/42   Systems providing special s...

H04Q 3/0054   Service creation techniques

H04Q 3/0095   Specification, development ...

Provision of services over a common delivery platform such as a mobile telephony network

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

60 Citations

20 Claims

Specification

Use Cases

Quick Links

Others

Provision of services over a common delivery platform such as a mobile telephony network

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

60 Citations

20 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others