Application intermediation gateway

US 7,076,562 B2
Filed: 03/17/2003
Issued: 07/11/2006
Est. Priority Date: 03/17/2003
Status: Expired due to Fees

First Claim

Patent Images

1. A method for facilitating the provision of access to a plurality of applications to a user in a network, the network comprising a plurality of users, an application intermediation gateway, a context server and a plurality of service providers, the application intermediation gateway intermediating between the plurality of users and the plurality of service providers, the user requesting an application using a device, the request being in the form of a data packet, the application being provided by a corresponding service provider through the application intermediation gateway, the method comprising the steps of:

a. collecting context details from at least one of the data packet and the context server, the context details being collected by the application intermediation gateway, the context details comprising information regarding the device characteristics, the network capabilities, and the user profile; and

b. enforcing application level policies on the data packet depending on the collected context details, the application level policies being enforced by the application intermediation gateway for enabling access to the application requested by the user, the application level policies comprising policy decisions for provision of access, redirection of the request and prompting the user, wherein the policy decision for provision of access enables the provision of access to the application requested by the user, the access being provided by the corresponding service provider, the policy decision for redirection of the request forwards the request to a destination, the destination being different from the corresponding service provider, and the policy decision for prompting the user enables sending notifications to the user and taking inputs from the user for enabling access to the application requested by the user, the inputs not being related to the context details.

View all claims

7 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present invention provides a system, method and computer program product for implementing application level policies in an operator network, while managing the exchange of data packets between users and service providers during the provisioning of premium data services. The present invention intermediates between a user and a service provider (who may be an enterprise, content provider, an application provider or a partner portal). The present invention enforces access control, prompting, redirection and inline context injection dynamically while the service is being delivered, and generates metering records for billing purposes. Prompting enables notifications and taking inputs from the user while the user accesses chargeable content or when the sharing of user data (profile or choice) occurs between the network and service provider. Inline context injection allows sharing of information regarding the users preference and profile, and capabilities of the devices between the users and the service provider.

Citations

12 Claims

1. A method for facilitating the provision of access to a plurality of applications to a user in a network, the network comprising a plurality of users, an application intermediation gateway, a context server and a plurality of service providers, the application intermediation gateway intermediating between the plurality of users and the plurality of service providers, the user requesting an application using a device, the request being in the form of a data packet, the application being provided by a corresponding service provider through the application intermediation gateway, the method comprising the steps of:
- a. collecting context details from at least one of the data packet and the context server, the context details being collected by the application intermediation gateway, the context details comprising information regarding the device characteristics, the network capabilities, and the user profile; and
  
  b. enforcing application level policies on the data packet depending on the collected context details, the application level policies being enforced by the application intermediation gateway for enabling access to the application requested by the user, the application level policies comprising policy decisions for provision of access, redirection of the request and prompting the user, wherein the policy decision for provision of access enables the provision of access to the application requested by the user, the access being provided by the corresponding service provider, the policy decision for redirection of the request forwards the request to a destination, the destination being different from the corresponding service provider, and the policy decision for prompting the user enables sending notifications to the user and taking inputs from the user for enabling access to the application requested by the user, the inputs not being related to the context details.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The method as recited in claim 1, wherein the application intermediation gateway is deployed in the network of a network operator.
  - 3. The method as recited in claim 1, wherein the network is a wireless network.
  - 4. The method as recited in claim 1, wherein the service providers comprise at least one of:
    - a content provider, a third party application provider, and a partner portal.
  - 5. The method as recited in claim 1 further comprising the step of injecting the context details collected from the context server into the data packet, the collected context details being injected inline by an application handler, the application handler being present in the application intermediation gateway, the application handler being specific to the type of application requested by the user.

6. A computer program product for use with a computer, the computer program product comprising a computer usable medium having a computer readable program code embodied therein for facilitating the provision of access to a plurality of applications to a user in a network, the network comprising a plurality of users, an application intermediation gateway, a context server and a plurality of service providers, the application intermediation gateway intermediating between the plurality of users and the plurality of service providers, the user requesting an application using a device, the request being in the form of a data packet, the application being provided by a corresponding service provider through the application intermediation gateway, the computer program code performing the steps of:
- a. collecting context details from at least one of the data packet and the context server, the context details being collected by the application intermediation gateway, the context details comprising information regarding the device characteristics, the network capabilities, and the user profile; and
  
  b. enforcing application level policies on the data packet depending on the collected context details, the application level policies being enforced by the application intermediation gateway for enabling access to the application requested by the user, the application level policies comprising policy decisions for provision of access, redirection of the request and prompting the user, wherein the policy decision for provision of access enables the provision of access to the application requested by the user, the access being provided by the corresponding service provider, the policy decision for redirection of the request forwards the request to a destination, the destination being different from the corresponding service provider, and the policy decision for prompting the user enables sending notifications to the user and taking inputs from the user for enabling access to the application requested by the user, the inputs not being related to the context details.

7. A method for facilitating the provision of applications by a plurality of service providers to a user through an application intermediation gateway, the user being a subscriber to an network operator'"'"'s network, the operator'"'"'s network operating the application intermediation gateway having an application handler and an enforcement engine, the user requesting for an application using a device, the request being in the form of a data packet, the data packet comprising an IP header and a TCP header, the application being provided by a corresponding service provider, the method comprising the steps of:
- a. determining the type of application requested by the user, the application type being determined by unwrapping the TCP header of the data packet, the TCP header containing information regarding the application type;
  
  b. forwarding the data packet to an application handler, the application handler being specific to the determined type of the application;
  
  c. collecting context details from the data packet after forwarding the data packet to the application handler, the context details being collected by the application intermediation gateway, the context details comprising information regarding the device characteristics, network capabilities, and the user profile;
  
  d. controlling access to the application requested by the user based on a predetermined policy decision for provision of access, the access control enabling access to the application requested by the user, the access control being performed by the application handler, the context details being used for enforcing the policy decision for provision of access, the policy decision for provision of access being enforced by an enforcement engine;
  
  e. redirecting the request to a destination based on the policy decision for redirection of the request, the destination being different from the corresponding service provider, the redirection of the request being performed by the application handler, the context details being used for enforcing the policy decision for redirection of the request, the policy decision for redirection of the request being enforced by the enforcement engine;
  
  f. prompting the user inline for sending notifications to the user and taking inputs from the user based on a policy decision for prompting the user, the inputs not being related to the context details, the prompting being performed for enabling access to the application requested by the user, the context details being used for enforcing the policy decision for prompting the user, the policy decision for prompting the user being enforced by the enforcement engine; and
  
  g. metering information about the request made by the user and the enforced policy decisions, the metered information generating records corresponding to the application requested by the user for billing purposes.
- View Dependent Claims (8, 9, 10)
- - 8. The method as recited in claim 7 further comprising the steps of:
    - a. collecting the context details from a context server, the context server being associated with at least one of the operator'"'"'s network and the plurality of service providers;
      
      b. injecting the context details collected from the context server into the data packet, the collected context details being injected inline by the application handler; and
      
      c. updating the context details on the context server, the context details being updated inline by the application handler.
  - 9. The method as recited in claim 7, wherein the step of prompting the user is performed before at least one of the step of controlling access to the application requested by the user and the step of redirecting the request.
  - 10. The method as recited in claim 7, wherein the step of redirecting the request comprises forwarding the request for a purpose selected from the group comprising at least one the steps of:
    - payment of charges for accessing the application requested by the user, denial of access to the application requested by the user, downloading of software required for accessing the application requested by the user, signing a license agreement before the provision of access to the application requested by the user, and redirecting the request from the application handler to another application handler, the another application handler handling an application different from the application requested by the user.

11. A system for facilitating the provision of access to a user to a plurality of applications in a network, the system comprising:
- a. at least one device, each device being used by the user for making requests for one or more applications, each request for an application made by the user being in the form of a data packet;
  
  b. at least one service provider, each service provider providing access to the one or more applications requested by the user based on context details of the user present in the data packet, the context details comprising information regarding the user profile, the network capabilities and the device characteristics, each service provider being at least one of a content provider, a third party application provider, and a partner portal;
  
  c. a context server containing the context details of the user, the context details collected from the context server being injected inline into the data packet, wherein the context server is associated with at least one of an operator'"'"'s network and the at least one service provider to obtain the context details of the user;
  
  d. a policy decision point, the policy decision point providing application level policies based on the collected context details present in the data packet without or after inline injection, the application level policies comprising policy decisions for provision of access, redirection of the requests for the one or more applications, and prompting the user, wherein the policy decision for provision of access enables the provision of access to the one or more applications requested by the user, the access being provided by a corresponding service provider, wherein the policy decision for redirection of the request forwards the request to a destination, the destination being different from the corresponding service provider, and the policy decision for prompting the user enables sending notifications to the user and taking inputs from the user for enabling access to the one or more applications requested by the user, the inputs not being related to the context details; and
  
  e. an application intermediation gateway, the application intermediation gateway being deployed in the operator'"'"'s network, the application intermediation gateway intermediating between the at least one device and the at least one service provider, the application intermediation gateway including;
  
  i. a context engine, the context engine collecting the context details from the data packet; and
  
  ii. an enforcement engine, the enforcement engine enforcing the application level policies on the data packet, the enforcement of the application level policies enabling access to the one or more applications.
- View Dependent Claims (12)
- - 12. The system as recited in claim 11, wherein the network is a wireless network.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Cisco Technology, Inc. (Cisco Systems, Inc.)
Original Assignee
July Systems, Inc. (Cisco Systems, Inc.)
Inventors
Lal, Vishal, Singhal, Umesh, Reddy, Rajesh Ts, Abraham, Dax, Chakravorty, Jyothirmoy, Krishnan, Badrinarayanan
Primary Examiner(s)
Eng, David Y.

Application Number

US10/389,783
Publication Number

US 20050021818A1
Time in Patent Office

1,212 Days
Field of Search

709/217, 709/223, 709/232, 709/229
US Class Current

709/232
CPC Class Codes

H04L 67/53   using third party service p...

H04L 67/563   Data redirection of data ne...

H04L 67/568   Storing data temporarily at...

H04L 67/63   Routing a service request d...

H04L 69/329   in the application layer [O...

Application intermediation gateway

First Claim

7 Assignments

0 Petitions

Accused Products

Abstract

Citations

12 Claims

Specification

Solutions

Use Cases

Quick Links

Application intermediation gateway

First Claim

7 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

12 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links