Verifiable device assisted service policy implementation

US 20100188975A1
Filed: 03/02/2009
Published: 07/29/2010
Est. Priority Date: 01/28/2009
Status: Active Grant

First Claim

Patent Images

1. A system, comprising:

a processor of a communications device configured to;

implement a first service policy for assisting control of the communications device use of a first service on a first network; and

monitor use of the first service based on the first service policy; and

a memory of the communications device coupled to the processor and configured to provide the processor with instructions,wherein the implementation of the first service policy is verified.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Various embodiments are disclosed for a services policy communication system and method. In some embodiments, a communications device implements a service policy for assisting control of the communications device use of a service on a network; and monitors use of the service based on the service policy, in which the implementation of the service policy is verified.

670 Citations

68 Claims

1. A system, comprising:
- a processor of a communications device configured to;
  
  implement a first service policy for assisting control of the communications device use of a first service on a first network; and
  
  monitor use of the first service based on the first service policy; and
  
  a memory of the communications device coupled to the processor and configured to provide the processor with instructions,wherein the implementation of the first service policy is verified.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62)
- - 2. The system recited in claim 1, wherein the communications device is a mobile communications device, and the first service includes one or more Internet based services.
  - 3. The system recited in claim 1, wherein the communications device is a mobile communications device, and the first service includes one or more Internet based services, and wherein the mobile communications device includes one or more of the following:
    - a mobile phone, a PDA, an eBook reader, a music device, an entertainment/gaming device, a computer, laptop, a netbook, and a home networking system.
  - 4. The system recited in claim 1, wherein the communications device includes a modem, and the processor is located in the modem.
  - 5. The system recited in claim 1, wherein the communications device includes a secure access module, and wherein a service monitor is stored in the secure access module.
  - 6. The system recited in claim 1, wherein the communications device includes a secure access module, and wherein a local service usage counter is stored in the secure access module.
  - 7. The system recited in claim 1, wherein the first service policy includes one or more of the following:
    - access control settings, traffic control settings, billing system settings, user notification with acknowledgement settings, user notification with synchronized service usage information, user privacy settings, user preference settings, authentication settings, admission control settings, application access settings, content access settings, transaction settings, and network or device management communication settings.
  - 8. The system recited in claim 1, wherein the implementation of the first service policy is verified in the device.
  - 9. The system recited in claim 1, wherein the implementation of the first service policy is verified in the first network.
  - 10. The system recited in claim 1, wherein the implementation of the first service policy is verified by a network device in communication with the first network.
  - 11. The system recited in claim 1, wherein the implementation of the first service policy is verified by a network device in communication with the first network, wherein the network device includes one or more of the following:
    - a billing system;
      
      a AAA system;
      
      a gateway;
      
      a router;
      
      a switch;
      
      a network server;
      
      a device that generates, aggregates, manages or stores CDRs;
      
      a base station controller; and
      
      a base station.
  - 12. The system recited in claim 1, wherein the implementation of the first service policy is verified using a network based service usage measure.
  - 13. The system recited in claim 1, wherein the implementation of the first service policy is verified by performing one or more of the following:
    - compare a network based service usage measure with the first service policy, compare, a device assisted service usage measure with the first service policy, compare the network based service usage measure to the device assisted service usage measure, and verify presence of an activation tracking system on the communications device.
  - 14. The system recited in claim 1, wherein the implementation of the first service policy is verified by performing one or more of the following:
    - compare a network based service usage measure with the first service policy, compare a device assisted service usage measure with the first service policy, compare the network based service usage measure to the device assisted service usage measure, compare a first device assisted service usage measure to a second device assisted service usage measure, verify presence of a service processor, verify configuration of the service processor, verify billing events are reported properly, compare the network based service usage measure with reported device billing data, verify reporting of a test billing event, verify reporting of the communications device reports billing events from a transaction server, verify presence of an activation tracking system, verify device configuration or operation, verify device standing or service plan standing, verify proper operation of the service processor, verify service processor heartbeat response reports, verify monitoring of a test service event, download a new service processor and perform integrity checks, verify a service processor code configuration with agent self-diagnosis checks, verify that the communications device uses the first service only after being authorized, verify user standing, and verify an agent communications log.
  - 15. The system recited in claim 1, wherein the processor of the communications device is further configured to:
    - perform a responsive action if the use of the first service on the first network is out of policy based on the first service policy.
  - 16. The system recited in claim 1, wherein the processor of the communications device is further configured to:
    - perform a responsive action if the use of the first service on the first network is out of policy based on the first service policy, wherein the responsive action includes one or more of the following;
      
      quarantine the communications device, suspend the communications device, bill for a service usage overage, route or copy device traffic to a device behavior analysis function, and notify a network manager or network troubleshooting function.
  - 17. The system recited in claim 1, wherein the communications device is quarantined if it is determined that the communications device has been tampered with or compromised.
  - 18. The system recited in claim 1, wherein the communications device is suspended if it is determined that the communications device has been tampered with or compromised.
  - 19. The system recited in claim 1, wherein the processor of the communications device is further configured to:
    - store a first service policy setting, wherein the first service policy setting is associated with a first service policy record in the first network.
  - 20. The system recited in claim 1, wherein the processor of the communications device is further configured to:
    - store a first service policy setting, wherein the first service policy setting is associated with a first service policy record for the communications device in the first network, and wherein the first service policy setting includes one or more of the following;
      
      a register setting, a software or hardware configuration, one or more executable instructions, and an executable program.
  - 21. The system recited in claim 1, wherein the processor of the communications device is further configured to:
    - store a service usage limit setting, wherein a service account associated with the communications device or a user of the communications device is billed for a service cost overage when the use of the first service by the communications device exceeds the service usage limit setting, wherein the service usage limit setting is associated with a service usage level record stored in a network device.
  - 22. The system recited in claim 1, wherein the processor of the communications device is further configured to:
    - determine if the use of the first service by the communications device is out of policy based on device assisted service usage information and the first service policy.
  - 23. The system recited in claim 1, wherein whether the use of the first service by the communications device is out of policy is determined in the first network.
  - 24. The system recited in claim 1, wherein whether the use of the first service by the communications device is out of policy is determined based on network based service usage information and the first service policy.
  - 25. The system recited in claim 1, wherein a service account associated with the communications device or a user of the communications device is billed for a service cost overage when it is determined that the use of the first service by the communications device is out of policy based on the first service policy.
  - 26. The system recited in claim 1, wherein a service account associated with the communications device or a user of the communications device is billed for a service cost overage when the use of the first service by the communications device exceeds a service usage limit setting stored locally in the communications device, wherein the service usage limit setting is associated with a service usage level record stored in a network device.
  - 27. The system recited in claim 1, wherein a service account associated with the communications device or a user of the communications device is billed for a service cost overage when it is determined that the use of the first service by the communications device is out of policy based on network service usage information and the first service policy.
  - 28. The system recited in claim 1, wherein the processor of the communications device is further configured to:
    - measure service usage at one or more points in the communications device, wherein a service account associated with the communications device or a user of the communications device is billed when it is determined that the use of the first service by the communications device is out of policy based on the measured service usage information and the first service policy.
  - 29. The system recited in claim 1, wherein the processor of the communications device is further configured to:
    - implement a second service policy for assisting control of the communications device use of a first service on a second network; and
      
      monitor use of the first service based on the second service policy,wherein the implementation of the second service policy is verified.
  - 30. The system recited in claim 1, wherein the processor of the communications device is further configured to:
    - perform an integrity check of a service processor on the communications device, wherein the service processor implements the first service policy and monitors use of the first service based on the first service policy.
  - 31. The system recited in claim 1, wherein the processor of the communications device is further configured to:
    - perform an integrity check of a service processor on the communications device, wherein the service processor implements the first service policy and monitors use of the first service based on the first service policy, and wherein the integrity check includes one or more of the following;
      
      collect information on the first service usage, agent configuration, and agent behavior;
      
      cross check the collected information to identify integrity breaches in the first service policy implementation;
      
      perform asynchronous or periodic checks to verify presence, configuration or proper operation of agents of the service processor; and
      
      perform a challenge-response sequence verification of agents of the service processor.
  - 32. The system recited in claim 1, wherein the processor of the communications device is further configured to:
    - receive network based service usage information for the communications device; and
      
      determine if the use of the first service by the communications device is out of policy based on the network based service usage information and the first service policy.
  - 33. The system recited in claim 1, wherein the processor of the communications device is further configured to:
    - receive network based service usage information for the communications device, wherein the network based service usage information for the communications device is based on one or more CDRs, and wherein the network based service usage information is received from one or more of the following;
      
      a billing system;
      
      a AAA system;
      
      a gateway;
      
      a router;
      
      a switch;
      
      a network server;
      
      a device that generates, aggregates, manages or stores CDRs;
      
      a base station controller; and
      
      a base station; and
      
      determine if the use of the first service by the communications device is out of policy based on the network based service usage information and the first service policy.
  - 34. The system recited in claim 1, wherein the processor of the communications device is further configured to:
    - receive network based service usage information for the communications device; and
      
      compare the network based service usage information to device based service usage information.
  - 35. The system recited in claim 1, wherein the processor of the communications device is further configured to:
    - measure service usage at a plurality of points in the communications device;
      
      compare the measured service usage to the first service policy; and
      
      perform a responsive action if the measured service usage is out of policy based on the first service policy.
  - 36. The system recited in claim 1, wherein the processor of the communications device is further configured to:
    - measure service usage at a plurality of points in the communications device;
      
      compare the measured service usage at the plurality of points; and
      
      perform a responsive action if the measured service usage at the plurality of points indicates that the device has been tampered with or compromised.
  - 37. The system recited in claim 1, wherein the processor of the communications device is further configured to:
    - compare the monitored use of the first service by the communications device to the first service policy; and
      
      control use of the first service by the communications device based on the first service policy.
  - 38. The system recited in claim 1, wherein the processor of the communications device is further configured to:
    - perform traffic shaping if the monitored use of the first service is out of policy based on the first service policy.
  - 39. The system recited in claim 1, wherein the processor of the communications device is further configured to:
    - perform application layer based traffic shaping if the monitored use of the first service is out of policy based on the first service policy.
  - 40. The system recited in claim 1, wherein the processor of the communications device is further configured to:
    - perform application layer based traffic shaping based on user input if the monitored use of the first service is out of policy based on the first service policy.
  - 41. The system recited in claim 1, wherein the processor of the communications device is further configured to:
    - perform application layer traffic shaping based on a user selected application.
  - 42. The system recited in claim 1, wherein the processor of the communications device is further configured to:
    - perform traffic shaping based on one or more privacy settings if the monitored use of the first service is out of policy based on the first service policy.
  - 43. The system recited in claim 1, wherein the processor of the communications device is further configured to:
    - measure service usage in the communications device using application layer tagging for a user selected application.
  - 44. The system recited in claim 1, wherein the processor of the communications device is further configured to:
    - perform traffic shaping based on network capacity information for the first network.
  - 45. The system recited in claim 1, wherein the processor of the communications device is further configured to:
    - monitor configuration or operation of a service processor executing on the processor, wherein the service processor implements the first service policy and monitors use of the first service by the communications device based on the first service policy.
  - 46. The system recited in claim 1, wherein the processor of the communications device is further configured to:
    - execute a service processor in a secure execution environment, wherein the service processor implements the first service policy and monitors use of the first service by the communications device based on the first service policy.
  - 47. The system recited in claim 1, wherein the processor of the communications device is further configured to:
    - execute a service processor, wherein the service processor implements the first service policy and monitors use of the first service by the communications device based on the first service policy, and wherein the service processor is located in a secure storage of the communications device.
  - 48. The system recited in claim 1, wherein the processor of the communications device is further configured to:
    - execute a service processor, wherein the service processor implements the first service policy and monitors use of the first service by the communications device based on the first service policy, and wherein the service processor is located in one or more of the following;
      
      a memory, non-volatile memory, an external memory, a processor, a modem, an external modem, and an external communications bus, of the communications device.
  - 49. The system recited in claim 1, wherein the processor of the communications device is further configured to:
    - download a service processor, wherein the service processor implements the first service policy and monitors use of the first service by the communications device based on the first service policy.
  - 50. The system recited in claim 1, wherein the processor of the communications device is further configured to:
    - download a component of a service processor, wherein the service processor implements the first service policy and monitors use of the first service by the communications device based on the first service policy.
  - 51. The system recited in claim 1, wherein the processor of the communications device is further configured to:
    - download a component of a service processor based on one or more of the following;
      
      a time based event, a periodic event, in response to a request, in response to a service processor malfunction or error, a service processor integrity check, and in response to a service processor integrity check error, wherein the service processor implements the first service policy and monitors use of the first service by the communications device based on the first service policy.
  - 52. The system recited in claim 1, wherein the processor of the communications device is further configured to:
    - periodically report configuration or operation of the communications device to a network device, the report including service usage information.
  - 53. The system recited in claim 1, wherein the processor of the communications device is further configured to:
    - periodically report configuration or operation of a service processor executing on the processor to a service controller, wherein the service processor implements the first service policy and monitors use of the first service by the communications device based on the first service policy, and the service controller communicates with the service processor.
  - 54. The system recited in claim 1, wherein the processor of the communications device is further configured to:
    - report configuration or operation of a service processor executing on the processor in response to a polling request from a service controller, wherein the service processor implements the first service policy and monitors use of the first service by the communications device based on the first service policy, and the service controller communicates with the service processor.
  - 55. The system recited in claim 1, wherein the processor of the communications device is further configured to:
    - send a report including configuration or operation information of the communications device to a service controller, wherein a service processor implements the first service policy and monitors use of the first service by the communications device based on the first service policy, and the service controller communicates with the service processor, and wherein the report is sent based on one or more of the following;
      
      a time based event, a service data usage based event, a request from the service controller, a polling request from the service controller, a request from a billing server, and an error condition related to the communications device.
  - 56. The system recited in claim 1, wherein the processor of the communications device is further configured to:
    - send a response to a challenge/response query from a service controller, the response including information based on configuration or operation of the communications device, wherein the service controller communicates with a service processor.
  - 57. The system recited in claim 1, wherein the processor of the communications device is further configured to:
    - send a response to a test service usage sequence from a service controller, wherein the service controller communicates with a service processor.
  - 58. The system recited in claim 1, wherein the processor of the communications device is further configured to:
    - send a response to a test service billing sequence from a service controller, wherein the service controller communicates with a service processor.
  - 59. The system recited in claim 1, wherein the processor of the communications device is further configured to:
    - control access to the first network based on one or more of the following;
      
      a network address identifier, an application type, a service type, a content type, a time of day, and an associated service usage level.
  - 60. The system recited in claim 1, wherein the processor of the communications device is further configured to:
    - control traffic based on one or more of the following;
      
      a network address identifier, an application type, a service type, a content type, a time of day, and an associated service usage level.
  - 61. The system recited in claim 1, wherein the processor of the communications device is further configured to:
    - report service usage for the communications device based on one or more of the following;
      
      a network address identifier, an application type, a service type, a content type, a time of day, and an associated service usage level.
  - 62. The system recited in claim 1, wherein the processor of the communications device is further configured to:
    - report service usage for the communications device to a third party network, wherein the third party network associated with one or more of the following;
      
      an enterprise associated with a service plan for the communications device, a person associated with the service plan for the communications device, and one or more parents of a user of the communications device.

63. A system, comprising:
- a processor of a communications device configured to;
  
  implement a first service policy for assisting control of the communications device use of a first service on a first network;
  
  monitor use of the first service based on the first service policy; and
  
  communicate control channel information over a control channel, wherein the control channel information includes information related to the first service policy implementation, and wherein a network bandwidth required for communicating the control channel information is reduced by associating a frequency of communication or an amount of data in each communication with a service usage level for the first service; and
  
  a memory of the communications device coupled to the processor and configured to provide the processor with instructions.
- View Dependent Claims (64, 65, 66)
- - 64. The system recited in claim 63, wherein the control channel is a secure communication channel.
  - 65. The system recited in claim 63, wherein the processor of the communications device is further configured to:
    - verify a service processor executing on the processor using periodic communications over the control channel to a service controller, wherein the service processor implements the first service policy and monitors use of the first service by the communications device based on the first service policy, and the service controller communicates with the service processor to continuously verify the service processor.
  - 66. The system recited in claim 63, wherein the processor of the communications device is further configured to:
    - execute a service processor, wherein the service processor communicates over the control channel to a service controller, and wherein the service processor implements the first service policy and monitors use of the first service by the communications device based on the first service policy, and the service controller is located in a central provider network, a private network, or Internet.

67. A method, comprising:
- implementing a first service policy for assisting control of a communications device use of a first service on a first network;
  
  monitoring use of the first service based on the first service policy using a processor of the communications device, wherein the implementation of the first service policy is verified.

68. A computer program product, the computer program product being embodied in a computer readable storage medium and comprising computer instructions for:
- implementing a first service policy for assisting control of a communications device use of a first service on a first network;
  
  monitoring use of the first service based on the first service policy, wherein the implementation of the first service policy is verified.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Headwater Research LLC (Greg Raleigh)
Original Assignee
Greg Raleigh
Inventors
Raleigh, Gregory G.

Granted Patent

US 8,270,310 B2
Time in Patent Office

Days
Field of Search
US Class Current

370/230.100
CPC Class Codes

G06F 15/177   Initialisation or configura...

G06Q 10/06315   Needs-based resource requir...

G06Q 10/06375   Prediction of business proc...

G06Q 20/102   Bill distribution or payments

G06Q 20/20   Point-of-sale [POS] network...

G06Q 20/32   using wireless devices

G06Q 20/40   Authorisation, e.g. identif...

G06Q 30/0207   Discounts or incentives, e....

G06Q 30/0241   Advertisements

G06Q 30/0283   Price estimation or determi...

G06Q 30/0284   Time or distance, e.g. usag...

G06Q 30/04   Billing or invoicing

G06Q 30/0601   Electronic shopping [e-shop...

G06Q 40/00   Finance; Insurance; Tax str...

G06Q 40/12   Accounting

H04L 12/14   Charging , metering or bill...

H04L 12/1407   Policy-and-charging control...

H04L 41/0806   for initial configuration o...

H04L 41/0876   Aspects of the degree of co...

H04L 41/0893   Assignment of logical group...

H04L 41/0894 : Policy-based network config...

H04L 41/5003 : Managing SLA; Interaction b...

H04L 41/5025 : by proactively reacting to ...

H04L 41/5054 : Automatic deployment of ser...

H04L 47/20 : Traffic policing

H04L 47/2408 : for supporting different se...

H04L 51/046 : Interoperability with other...

H04L 63/0236 : Filtering by address, proto...

H04L 63/04 : for providing a confidentia...

H04L 63/0428 : wherein the data content is...

H04L 63/08 : for authentication of entit...

H04L 63/0853 : using an additional device,...

H04L 63/0892 : by using authentication-aut...

H04L 63/10 : for controlling access to d...

H04L 63/20 : for managing network securi...

H04L 67/145 : avoiding end of session, e....

H04L 67/306 : User profiles

H04L 67/34 : involving the movement of s...

H04L 67/51 : Discovery or management the...

H04L 67/55 : Push-based network services

H04L 67/564 : Enhancement of application ...

H04L 67/63 : Routing a service request d...

H04L 9/32 : including means for verifyi...

H04L 9/3247 : involving digital signatures

H04M 15/00 : Arrangements for metering, ...

H04M 15/49 : Connection to several servi...

H04M 15/58 : based on statistics of usag...

H04M 15/61 : based on the service used

H04M 15/66 : Policy and charging system

H04M 15/80 : Rating or billing plans; Ta...

H04M 15/8055 : Selecting cheaper transport...

H04M 15/88 : Provision for limiting conn...

H04M 2215/0188 : Network monitoring; statist...

H04W 12/00 : Security arrangements; Auth...

H04W 12/02 : Protecting privacy or anony...

H04W 12/037 : of the control plane, e.g. ...

H04W 12/06 : Authentication

H04W 12/08 : Access security

H04W 12/37 : Managing security policies ...

H04W 24/08 : Testing, supervising or mon...

H04W 28/02 : Traffic management, e.g. fl...

H04W 28/0215 : based on user or device pro...

H04W 28/0268 : using specific QoS paramete...

H04W 28/12 : using signalling between ne...

H04W 4/02 : Services making use of loca...

H04W 4/12 : Messaging; Mailboxes; Annou...

H04W 4/18 : Information format or conte...

H04W 4/20 : Services signaling; Auxilia...

H04W 4/24 : Accounting or billing

H04W 4/50 : Service provisioning or rec...

H04W 48/14 : using user query or user de...

H04W 48/16 : Discovering, processing acc...

H04W 72/0453 : Resources in frequency doma...

H04W 8/02 : Processing of mobility data...

H04W 8/18 : Processing of user or subsc...

H04W 8/20 : Transfer of user or subscri...

H04W 84/04 : Large scale networks; Deep ...

H04W 84/042 : Public Land Mobile systems,...

H04W 84/12 : WLAN [Wireless Local Area N...

H04W 88/06 : adapted for operation in mu...

H04W 88/08 : Access point devices

Y02P 90/80 : Management or planning

View All

Verifiable device assisted service policy implementation

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

670 Citations

68 Claims

Specification

Solutions

Use Cases

Quick Links

Verifiable device assisted service policy implementation

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

670 Citations

68 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links