System and method for enforcing location privacy using rights management
First Claim
1. A location information server configured to securely deliver location information of a mobile device to a location consumer, the location information server comprising:
- a processor; and
a memory storing executable instructions which, when executed by the location information server, and in response to receiving a location request, cause the location information server to;
validate that the location request is authorized by the mobile device user, the location request including a license, wherein the license includes access conditions that identify conditions upon which the location consumer is authorized to access the location information of the mobile device, the access conditions comprising conditions of use based on at least one of the following;
a number of usages for which the license is valid,at least one location for which the license is valid, andat least one application for which the license is valid; and
determine whether the license is valid, wherein determining whether the license is valid comprises;
verifying validity of a public key associated with the mobile device,verifying validity of a identity certificate associated with the location consumer,verifying validity of the access conditions associated with the license, anddetermining if the license if one of;
suspended and expired; and
obtain the location information of the mobile device if the location request is authorized by the mobile device user;
generate a location response, including the location information, if the location request is authorized by the mobile device user, wherein generating the location response comprises;
diluting specificity of the location information,identifying one of;
geographic regions and areas in which the mobile device is located,specifying which applications may use the location information, encrypting the location information in the location response; and
return the location response to the location consumer.
2 Assignments
0 Petitions
Accused Products
Abstract
A system and method for securely delivering the location information of a mobile device to a location consumer is presented. In operation, the mobile device user issues a license to a location consumer. The license identifies the location consumer and any conditions the mobile device user places on the license. The license is encrypted such that it cannot be modified without invalidating the license. The license is submitted in a location request by the location consumer. A location information server receives the request, validates that the license was issued to the location consumer and that the location request conforms to the conditions of the license. If so, the location information server obtains the mobile device'"'"'s location information, generates a location response, encrypts some of the location response, and returns the location response to the location consumer.
109 Citations
54 Claims
-
1. A location information server configured to securely deliver location information of a mobile device to a location consumer, the location information server comprising:
-
a processor; and a memory storing executable instructions which, when executed by the location information server, and in response to receiving a location request, cause the location information server to; validate that the location request is authorized by the mobile device user, the location request including a license, wherein the license includes access conditions that identify conditions upon which the location consumer is authorized to access the location information of the mobile device, the access conditions comprising conditions of use based on at least one of the following; a number of usages for which the license is valid, at least one location for which the license is valid, and at least one application for which the license is valid; and determine whether the license is valid, wherein determining whether the license is valid comprises; verifying validity of a public key associated with the mobile device, verifying validity of a identity certificate associated with the location consumer, verifying validity of the access conditions associated with the license, and determining if the license if one of;
suspended and expired; andobtain the location information of the mobile device if the location request is authorized by the mobile device user; generate a location response, including the location information, if the location request is authorized by the mobile device user, wherein generating the location response comprises; diluting specificity of the location information, identifying one of;
geographic regions and areas in which the mobile device is located,specifying which applications may use the location information, encrypting the location information in the location response; and return the location response to the location consumer. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. A computer networked system configured to securely deliver location information regarding a mobile device from a mobile service provider to a location consumer, the system comprising:
-
a location-based service provider communicatively coupled to at least one mobile service provider, and also communicatively coupled to a location consumer; and a mobile service provider that provides communication services to the mobile device through a mobile service infrastructure, and that includes a location information server configured such that, in response to receiving a location request from a location consumer, the location information server; validates that the location request is authorized by the mobile device user, the location request including a license, wherein the license includes access conditions that identify conditions upon which the location consumer is authorized to access the location information of the mobile device, the access conditions comprising conditions of use based on at least one of the following; a number of usages for which the license is valid, at least one location for which the license is valid, and at least one application for which the license is valid; and determines whether the license is valid, wherein determining whether the license is valid comprises; verifying validity of a public key associated with the mobile device, verifying validity of a identity certificate associated with the location consumer, verifying validity of the access conditions associated with the license, and determining if the license if one of;
suspended and expired; andobtains the location information regarding the mobile device if the location request is authorized by the mobile device user; generates a location response if the location request is authorized by the mobile device user, the location response including the location information, wherein generating the location response comprises; diluting specificity of the location information, identifying one of;
geographic regions and areas in which the mobile device is located,specifying which applications may use the location information, encrypting the location information in the location response; and returns the location response to the location consumer. - View Dependent Claims (20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38)
-
-
39. A method of securely delivering location information of a mobile device to a location consumer, executed by a location information server, in response to a location request, the method comprising:
-
on the location information server, validating that the location request is authorized by the mobile device user, the location request including a license, wherein the license includes access conditions that identify conditions upon which the location consumer is authorized to access the location information of the mobile device, the access conditions comprising conditions of use based on at least one of the following; a number of usages for which the license is valid, at least one location for which the license is valid, and at least one application for which the license is valid; and determining whether the license is valid, wherein determining whether the license is valid comprises; verifying validity of a public key associated with the mobile device, verifying validity of a identity certificate associated with the location consumer, verifying validity of the access conditions associated with the license, and determining if the license if one of;
suspended and expired; andif the location request is authorized by the mobile device user; obtaining location information of the mobile device; generating a location response, the location response including the obtained location information, wherein generating the location response comprises; diluting specificity of the location information, identifying one of;
geographic regions and areas in which the mobile device is located,specifying which applications may use the location information, encrypting the location information in the location response; and returning the location response to the location consumer. - View Dependent Claims (40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53)
-
-
54. A memory bearing computer-executable instructions which, when executed on a computing device, carry out a method of securely delivering location information of a mobile device to a location consumer in response to a location request, the method comprising:
-
validating that the location request is authorized by the mobile device user, the location request including a license, wherein the license includes access conditions that identify conditions upon which the location consumer is authorized to access the location information of the mobile device, the access conditions comprising conditions of use based on at least one of the following; a number of usages for which the license is valid, at least one location for which the license is valid, and at least one application for which the license is valid; determining whether the license is valid, wherein determining whether the license is valid comprises; verifying validity of a public key associated with the mobile device, verifying validity of a identity certificate associated with the location consumer, verifying validity of the access conditions associated with the license, and determining if the license is one of;
suspended and expired; andif the location request is authorized by the mobile device user; obtaining the location information of the mobile device; generating a location response, the location response including the obtained location information, wherein generating the location response comprises; diluting specificity of the location information, identifying one of;
geographic regions and areas in which the mobile device is located,specifying which applications may use the location information, encrypting the location information in the location response; and returning the encrypted location response to the location consumer.
-
Specification