Mobile user location privacy solution based on the use of multiple identities
First Claim
1. A method to use a location service in a wireless access network, comprising:
- transmitting a pseudo-identification (IDp) from a mobile device to an Authentication Module of the wireless access network;
over a first link of the wireless access network, forwarding the IDp from the Authentication Module to a wireless access network location server;
in the wireless access network location server, associating the IDp with the location of the mobile device; and
over a second link of the wireless access network, forwarding the IDp in association with the location of the mobile device from the wireless access network location server to a location-based application.
3 Assignments
0 Petitions
Accused Products
Abstract
A mobile device (10) includes a wireless network adapter (13) for communication with a wireless access network (24), and further includes a memory (23) in the mobile device for securely storing at least one pseudo-identification (IDp) of a mobile device user in conjunction with an actual identification (ID1) of the mobile device user. The mobile device further includes a mobile device identity manager (22), coupled to the memory, for transmitting ID1 from the mobile device to a trusted wireless access network for associating ID1 with a location of the mobile device (12), and for transmitting IDp from the mobile device to an untrusted wireless access network for associating IDp with a location of the mobile device (18).
54 Citations
20 Claims
-
1. A method to use a location service in a wireless access network, comprising:
-
transmitting a pseudo-identification (IDp) from a mobile device to an Authentication Module of the wireless access network; over a first link of the wireless access network, forwarding the IDp from the Authentication Module to a wireless access network location server; in the wireless access network location server, associating the IDp with the location of the mobile device; and over a second link of the wireless access network, forwarding the IDp in association with the location of the mobile device from the wireless access network location server to a location-based application. - View Dependent Claims (2, 3, 4)
-
-
5. A method to use a location service in a wireless access network, comprising:
-
securely storing in a mobile device at least one pseudo-identification (IDp) of a mobile device user in conjunction with an actual identification (ID1) of the mobile device user; when operating with a trusted wireless access network, transmitting ID1 from the mobile device to the trusted wireless access network and associating ID1 with a location of the mobile device; and when operating with an untrusted wireless access network, transmitting IDp from the mobile device to an Authentication Module coupled to the untrusted wireless access network and associating IDp with a location of the mobile device, forwarding over a first link of the wireless access network the IDp from the Authentication Module to a wireless access network location server of the untrusted wireless access network, the location server associating IDp with the location of the mobile device, and forwarding over a second link of the wireless access network the IDp in association with the location of the mobile device from the location server to a location-based application.
-
- 6. A wireless access network comprising in a mobile device a transmitter for transmitting a pseudo-identification (IDp) from the mobile device to an Authentication Module of the wireless access network, and in a wireless access network location server, means for associating the IDp with the location of the mobile device, further comprising means for forwarding over a first link of the wireless access network the IDp from the Authentication Module to the wireless access network location server, and further comprising means for forwarding over a second link of the wireless access network the IDp in association with the location of the mobile device from the location server to a location-based application.
-
9. A wireless access network comprising in a mobile device a transmitter for transmitting a pseudo-identification (IDp) from the mobile device to the wireless access network, and in a wireless access network location server, means for associating the IDp with the location of the mobile device, where the IDp is transmitted to an Authentication Module of the wireless access network, the wireless access network further comprising a first link for forwarding the IDp from the Authentication Module to the location server and further comprising a second link for forwarding the IDp in association with the location of the mobile device from the location server to a location-based.
-
10. A mobile device comprising a wireless network adapter for communication with a wireless access network, further comprising a memory in the mobile device for securely storing at least one pseudo-identification (IDp) of a mobile device user and an actual identification (ID1) of the mobile device user, and an Identity Manager, coupled to the memory, for transmitting ID1 from the mobile device to a trusted wireless access network for associating ID1 with a location of the mobile device, and for transmitting IDp from the mobile device to an Authentication Module coupled to an untrusted wireless access network for associating IDp with a location of the mobile device, the wireless access network further comprising the Authentication Module and a location server, the Authentication Module for forwarding over a first link of the wireless access network the IDp from the Authentication Module to the location server of the untrusted wireless access network, the location server associating the IDp with the location of the mobile device, and the location server for forwarding over a second link of the wireless access network the IDp in association with the location of the mobile device from the location server to a location-based application.
-
11. A method to use a location service in a wireless access network, comprising:
-
storing in a mobile device an actual identification (ID1) of a mobile device user; when registering with a non-trusted wireless access network, one of generating a pseudo-identification (IDp) or accessing a stored IDp; transmitting IDp from the mobile device to an Authentication Module of the non-trusted wireless access network; authenticating the mobile device user based on IDp; and providing a location of the mobile device and IDp to an application, wherein providing further comprises; over a first link of the wireless access network forwarding the IDp from the Authentication Module to a location server; and over a second link of the wireless access network forwarding the IDp in association with the location of the mobile device from the location server to the application. - View Dependent Claims (12)
-
-
13. A mobile device operable for using a location service in a wireless access network, comprising:
-
means for authenticating the mobile device comprising means for transmitting a pseudo-identification (IDp) from the mobile device to a location server of the wireless access network for associating the IDp with a location of the mobile device, where the IDp is transmitted to an Authentication Module of the wireless access network, where the wireless access network further comprises means for forwarding over a first link of the wireless access network the IDp from the Authentication Module to the location server and further comprises means for forwarding over a second link of the wireless access network the IDp in association with the location of the mobile device from the location server to a mobile application; and means, responsive to the mobile device being authenticated, for executing the mobile application in cooperation with an application server. - View Dependent Claims (14, 15, 16)
-
-
17. A computer medium program product comprising program code readable by at least one data processor for using a location service in a wireless access network, comprising:
-
a program code segment for authenticating the mobile device comprising computer program code for transmitting a pseudo-identification (IDp) from the mobile device to a location server of the wireless access network for associating the IDp with a location of the mobile device, where the program code for transmitting transmits the IDp to an Authentication Module of the wireless access network, and forwards over a first link of the wireless access network the IDp from the Authentication Module to the location server; a program code segment for forwarding over a second link of the wireless access network the IDp in association with the location of the mobile device from the location server to a mobile application; and a program code segment, responsive to the mobile device being authenticated for executing the mobile application in cooperation with a mobile device location-based application server.
-
-
18. A computer medium program product comprising program code readable by at least one data processor, comprising program code operable for reading a memory in the mobile device, the memory securely storing at least one pseudo-identification (IDp) of a mobile device user and an actual identification (ID1) of the mobile device user, said program code implementing an Identity Manager function for transmitting ID1 from the mobile device to a trusted wireless access network for associating ID1 with a location of the mobile device, and for transmitting IDp from the mobile device to an untrusted wireless access network for associating IDp with a location of the mobile device, the program code operable for transmitting IDp to an Authentication Module coupled to the untrusted wireless access network, the program code also operable for forwarding over a first link of the wireless access network the IDp from the Authentication Module to a location server and operable for forwarding over a second link of the untrusted wireless access network the IDp in association with the location of the mobile device from the location server to a location-based application.
- 19. A computer medium program product comprising program code readable by at least one data processor comprising part of a wireless network location server coupled to a mobile device through a wireless access network, comprising program code, responsive to a receipt of a pseudo-identification (IDp) from the mobile device, for associating the IDp with a determined location of the mobile device, where the IDp is received at the wireless network location server from an Authentication Module coupled to the wireless network location server and to the mobile device, the program code also for forwarding over a first link of the wireless access network the IDp from the Authentication Module to the wireless network location server and for forwarding over a second link of the wireless access network the IDp in association with the determined location of the mobile device from the wireless network location server to a location-based application.
Specification