Reliable reporting of location data

US 20070153715A1
Filed: 03/03/2006
Published: 07/05/2007
Est. Priority Date: 12/30/2005
Status: Active Grant

First Claim

Patent Images

1. A machine comprising:

a first virtual machine hosting at least an application domain including a telephony application;

a second virtual machine hosting at least a location provider to determine a current location for the machine;

a communication channel communicatively coupling at least the application domain and the location provider; and

a domain mediator to mediate access to the trusted location provider over the inter-domain communication channel, mediation including securely providing location data from the location provider to the application domain.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A machine, such as a mobile device having telephony features, such as a voice over Internet Protocol (VoIP) telephony application, is configured with a secure environment in which a location provider within (more reliable) or external to (less reliable) the machine may determine location data for the machine and securely provide it to a telephony application program for incorporation into a call setup for calling a callee. The secure environment may be created through use of one or more of Intel'"'"'s LaGrande Technology™ (LT), Vanderpool Technology (VT), or a Trusted Platform Module (TPM). The LT and VT allow defining secure independent components within the machine, such as by instantiating them as Virtual Machines, and the TPM allows components to cryptographically sign data, such as to facilitate ensuring the location data is not tampered with. A recipient of a telephone call setup including cryptographically secured location data may validate the location data and accept the call. Other embodiments may be described.

Citations

38 Claims

1. A machine comprising:
- a first virtual machine hosting at least an application domain including a telephony application;
  
  a second virtual machine hosting at least a location provider to determine a current location for the machine;
  
  a communication channel communicatively coupling at least the application domain and the location provider; and
  
  a domain mediator to mediate access to the trusted location provider over the inter-domain communication channel, mediation including securely providing location data from the location provider to the application domain.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The machine of claim 1, further comprising:
    - a trusted platform module communicatively coupled to selected ones of;
      
      the application domain and the location provider;
      
      wherein the trusted platform module is configured to cryptographically secure location data of said coupled ones of the application domain and location provider.
  - 3. The machine of claim 2 wherein the trusted platform module signs location data determined by the location provider to prevent tampering therewith.
  - 4. The machine of claim 3,wherein the location provider is configured to determine the location data, sign it with the trusted platform module, and send the signed location data to the domain mediator, andwherein the domain mediator is configured to secondarily sign the location data with the trusted platform module and provide the doubly signed location data to the application domain.
  - 5. The machine of claim 1, further comprising selected ones of:
    - a user storage in the application domain for storing at least user policies or rules constraining performing tasks, wherein the telephony application is configured to review the policies or rules to confirm availability of performing a telephony task;
      
      a policy manager component of the domain mediator for modifying data mediated by the domain mediator in accord with platform administrator policies;
      
      or a rules manager component of the domain mediator for modifying data mediated by the domain mediator in accord with platform administrator policies.
  - 6. The machine of claim 1, further comprising:
    - a user storage in the application domain for storing at least rules constraining performing tasks, said rules including a privacy rule requiring modifying location data;
      
      wherein the telephony application is configured to review said rules to confirm availability of performing initiating a telephony connection and to modify the location data as needed in accord with the privacy rule.
  - 7. The machine of claim 1 further comprising a virtual machine manager configured to provide the communication channel
  - 8. The machine of claim 1 further comprising a global positioning system (GPS) class of device to provide the current location, the GPS communicatively coupled to the location provider of the second virtual machine.
  - 9. The machine of claim 8 wherein the GPS class of device is disposed within the machine.
  - 10. The machine of claim 1 wherein the location provider is configured to provide a reliability factor to indicate a confidence in the current location.

11. A method for using a machine having a first virtual machine hosting a telephony application, a second virtual machine hosting a location provider to determine a current location for the machine, and a domain mediator to mediate access to the trusted location provider, comprising:
- configuring the telephony application to provide at least a portion of the current location of the machine along with a call;
  
  initiating the call, and responsive thereto, requesting from the domain mediator the current location from the location provider; and
  
  receiving from the domain mediator a signed location data identifying the current location, the location data being signed by selected ones of the location provider and the domain mediator; and
  
  validating the location data has not been tampered with based at least in part on said signing by selected ones of the location provider and domain mediator.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19)
- - 12. The method of claim 11, further comprising modifying the location data as needed in accord with a user privacy policy.
  - 13. The method of claim 11, further comprising determining the location data was altered after being provided by the location provider.
  - 14. The method of claim 11, further comprising:
    - cryptographically signing the location data with a trusted platform module disposed within the machine.
  - 15. The method of claim 11 wherein said signing by selected ones of the location provider and domain mediator comprises:
    - the location provider determining the location data and first signing it; and
      
      the domain mediator secondarily signing the location data with the TPM and providing the doubly signed location data to the application domain.
  - 16. The method of claim 11, further comprising:
    - the location provider applying a first cryptographic security to the location data to facilitate identifying tampering with the location data; and
      
      the domain mediator modifying the location data in accord with platform administrator policy and applying a second cryptographic security to facilitate determining tampering with the modified location data.
  - 17. The method of claim 16, further comprising the telephony application reviewing policies or rules stored in a user storage in the application domain to confirm availability of performing a telephony task prior to performing said task.
  - 18. The method of claim 11, further comprising the telephony application reviewing policies or rules stored in a user storage associated with the application domain to confirm availability of performing a telephony task.
  - 19. The method of claim 18, further comprising:
    - determining if a user privacy rule requires modifying location data; and
      
      modifying the location data as needed in accord with the user privacy rule.

20. A method for reliably providing location data, comprising:
- initiating a telephony connection to a callee with a telephony application;
  
  checking local policy for permission to provide a current location of the telephony application with the telephony connection;
  
  requesting the current location from a trusted location services domain (TLSD) and responsive thereto the TLSD requesting the TLSD from a trusted location provider;
  
  receiving by the TLSD of a location bundle including the current location and being first cryptographically secured against tampering; and
  
  the TLSD second cryptographically securing the location bundle against tampering and proving said secondarily secured bundle to the telephony application.
- View Dependent Claims (21, 22)
- - 21. The method of claim 20, further comprising the telephony application checking local policy for a requirement associated with the callee to modify the current location provided with the telephony connection to the callee;
  - 22. The method of claim 20, wherein the telephony connection includes making an E911 telephone call.

23. A method for reliably providing user identification, comprising:
- providing a first virtual machine hosting a user application and a local policy store storing user policies constraining operation of the user application;
  
  providing a second virtual machine hosting a trusted mediator for mediating access to resources providing confidential data including the user identification;
  
  checking the local policy store for a preventive policy precluding providing the confidential data along with establishing a data connection to a data recipient;
  
  if no preventive policy, initiating the data connection including requesting the trusted mediator obtain the confidential data for establishing the data connection; and
  
  receiving by the trusted mediator a first cryptographically signed confidential data from a trusted source, and responsive thereto, providing a second cryptographically signed confidential data to the application program.
- View Dependent Claims (24, 25, 26)
- - 24. The method of claim 23, wherein the first cryptographically signed confidential data is the same as the second cryptographically signed confidential data.
  - 25. The method of claim 23, wherein the second cryptographically signed confidential data comprises a secondary signing by the trusted mediator of the first cryptographically signed confidential data.
  - 26. The method of claim 23, further comprising providing a eavesdrop-resistant inter-virtual machine communication channel communicatively coupling the first and second virtual machines.

27. An article comprising a machine-readable medium having one or more associated instructions for using a machine utilizing virtual machines to separately host selected operations of the machine, wherein the one or more instructions, if executed, results in the machine performing:
- configuring a telephony application of a first virtual machine to provide at least a portion of the current location of the machine along with a call;
  
  initiating the call, and responsive thereto, requesting from a domain mediator of a second virtual machine the current location from the location provider; and
  
  receiving from the domain mediator a doubly signed location data identifying the current location, the location data being first signed by the location provider and second signed by the domain mediator; and
  
  validating the location data has not been tampered with based at least in part on selected ones of the first signature and the second signature.
- View Dependent Claims (28, 29, 30, 31, 32)
- - 28. The article of claim 27 wherein the machine-readable media further includes instructions, when executed, results in the machine modifying the location data as needed in accord with a user privacy policy.
  - 29. The article of claim 27 wherein the machine-readable media further includes instructions, when executed, results in the machine determining the location data was altered after being provided by the location provider.
  - 30. The article of claim 27 wherein the machine-readable media further includes instructions, when executed, results in the machine cryptographically signing the location data with a trusted platform module disposed within the machine.
  - 31. The article of claim 27 wherein the machine-readable media further includes instructions, when executed, results in the telephony application reviewing policies or rules stored in a user storage in the application domain to confirm availability of performing a telephony task prior to performing said task.
  - 32. The article of claim 27 wherein the machine-readable media further includes instructions, when executed, results in the machine performing:
    - determining if a user privacy rule requires modifying location data; and
      
      modifying the location data as needed in accord with the user privacy rule.

33. An article comprising a machine-readable medium having one or more associated instructions for reliably providing location data, wherein the one or more instructions, if executed, results in a machine performing:
- initiating a telephony connection to a callee with a telephony application;
  
  checking local policy for permission to provide a current location of the telephony application with the telephony connection;
  
  requesting the current location from a trusted location services domain (TLSD) and responsive thereto the TLSD requesting the TLSD from a trusted location provider;
  
  receiving by the TLSD of a location bundle including the current location and being first cryptographically secured against tampering; and
  
  the TLSD second cryptographically securing the location bundle against tampering and proving said secondarily secured bundle to the telephony application.
- View Dependent Claims (34, 35)
- - 34. The article of claim 33 wherein the machine-readable media further includes instructions, when executed, results in the telephony application checking local policy for a requirement associated with the callee to modify the current location provided with the telephony connection to the callee;
  - 35. The article of claim 33, wherein the telephony connection includes making an E911 telephone call.

36. An article comprising a machine-readable medium having one or more associated instructions for reliably providing location data, wherein the one or more instructions, if executed, results in a machine performing:
- providing a first virtual machine hosting a user application and a local policy store storing user policies constraining operation of the user application;
  
  providing a second virtual machine hosting a trusted mediator for mediating access to resources providing confidential data including the user identification;
  
  checking the local policy store for a preventive policy precluding providing the confidential data along with establishing a data connection to a data recipient;
  
  if no preventive policy, initiating the data connection including requesting the trusted mediator obtain the confidential data for establishing the data connection; and
  
  receiving by the trusted mediator a first cryptographically signed confidential data from a trusted source, and responsive thereto, providing a second cryptographically signed confidential data to the application program.
- View Dependent Claims (37, 38)
- - 37. The article of claim 36, wherein the first cryptographically signed confidential data is the same as the second cryptographically signed confidential data.
  - 38. The article of claim 36, wherein the second cryptographically signed confidential data comprises a secondary signing by the trusted mediator of the first cryptographically signed confidential data.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Intel Corporation
Original Assignee
Intel Corporation
Inventors
Wang, Shao-Cheng, Adrangi, Farid, Covington, Michael J., Sastry, Manoj R., Manohar, Deepak J.

Granted Patent

US 7,965,702 B2
Time in Patent Office

Days
Field of Search
US Class Current

370/315
CPC Class Codes

G06F 21/57   Certifying or maintaining t...

G06F 21/64   Protecting data integrity, ...

G06F 2221/2111   Location-sensitive, e.g. ge...

H04L 12/2856   Access arrangements, e.g. I...

H04L 12/2898   Subscriber equipments DSL m...

H04L 65/1053   IP private branch exchange ...

H04L 65/1069   Session establishment or de...

H04L 65/1101   Session protocols

H04L 67/52   specially adapted for the l...

H04M 2242/04   for emergency applications

H04W 88/18   Service support devices; Ne...

Reliable reporting of location data

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

38 Claims

Specification

Solutions

Use Cases

Quick Links

Reliable reporting of location data

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

38 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links