Methods, apparatus and systems for providing secure information via multiple authorized channels to authenticated users and user devices

US 8,578,285 B2
Filed: 04/13/2011
Issued: 11/05/2013
Est. Priority Date: 05/13/2008
Status: Active Grant

- Alert
- Pin

First Claim

Patent Images

1. An apparatus to provide secure user-centric information via a plurality of user platforms operated by a user, the apparatus comprising:

at least one communication interface to facilitate wired and/or wireless communications with the plurality of user platforms via one or more transmission media;

at least one memory to store processor-executable instructions; and

at least one processor communicatively coupled to the at least one communication interface and the at least one memory, wherein upon execution of the processor-executable instructions by the at least one processor, the at least one processor establishes a user session to manage provision of and interaction with the secure user-centric information by;

A) implementing a channel grid framework including a matrix of a plurality of channels through which the user receives and/or interacts with, via the plurality of user platforms, respective portions of the secure user-centric information, wherein the at least one processor is configured to synchronize functions and features of one or more of the plurality of channels across two or more of the plurality of user platforms by deploying the secure user-centric information to two or more of the plurality of user platforms;

B) establishing a user profile identifying user preferences, platform identities, and service support instructions that determine how the secure user-centric information behaves on at least one platform of the plurality of user platforms;

C) controlling the at least one communication interface to receive, from the at least one user platform of the plurality of user platforms, a user identity for the user and a platform identity for the at least one user platform;

D) authenticating the user and the at least one user platform to receive the secure user-centric information based at least in part on the user identity and the platform identity; and

E) if the user and the at least one user platform are authenticated in C), controlling the at least one communication interface so as to transmit to the at least one user platform first authenticated channel information relating to at least one authorized channel of the plurality of channels implemented in A), based at least in part on information access rights and/or security protocols respectively associated with the corresponding plurality of channels, the user, and the at least one user platform, wherein at least a portion of the first authenticated channel information to be transmitted to the at least one user platform is selected by the processor based at least in part on the user profile and is transmitted to the at least one user platform without being requested by the user, wherein the transmission of the first authenticated channel information to the at least one user platform is based in part on a bi-directional interrogation of the at least one authorized channel, wherein the bi-directional interrogation comprises the at least one authorized channel interrogating an identity management server, and wherein the bi-directional interrogation further comprises the identity management server and a web services gateway interrogating the at least one authorized channel, wherein the web services gateway is a tool through which the channel grid framework interacts with the identity management server.

View all claims

3 Assignments

Timeline View

Assignment View

Litigations

0 Petitions

Accused Products

Abstract

Providing secure user-centric information via one or more user platforms operated by one or more users. Multiple channels are configured and implemented, through which information relevant to a given user is presented for user interaction via one or more user platforms associated with the user. A user profile is established identifying user preferences and one or more platform identities. The user profile is managed to grant the user access to specific ones of the multiple channels. In one example, user(s) and user platform(s) are authenticated to receive respective portions of the secure user-centric information based on user identities and platform identities. If authenticated, channel information relating to one or more of the multiple channels is transmitted to one or more users/user platforms, based on information access rights and/or security protocols respectively associated with the corresponding channels, the user(s), and the user platform(s).

Citations

42 Claims

1. An apparatus to provide secure user-centric information via a plurality of user platforms operated by a user, the apparatus comprising:
- at least one communication interface to facilitate wired and/or wireless communications with the plurality of user platforms via one or more transmission media;
  
  at least one memory to store processor-executable instructions; and
  
  at least one processor communicatively coupled to the at least one communication interface and the at least one memory, wherein upon execution of the processor-executable instructions by the at least one processor, the at least one processor establishes a user session to manage provision of and interaction with the secure user-centric information by;
  
  A) implementing a channel grid framework including a matrix of a plurality of channels through which the user receives and/or interacts with, via the plurality of user platforms, respective portions of the secure user-centric information, wherein the at least one processor is configured to synchronize functions and features of one or more of the plurality of channels across two or more of the plurality of user platforms by deploying the secure user-centric information to two or more of the plurality of user platforms;
  
  B) establishing a user profile identifying user preferences, platform identities, and service support instructions that determine how the secure user-centric information behaves on at least one platform of the plurality of user platforms;
  
  C) controlling the at least one communication interface to receive, from the at least one user platform of the plurality of user platforms, a user identity for the user and a platform identity for the at least one user platform;
  
  D) authenticating the user and the at least one user platform to receive the secure user-centric information based at least in part on the user identity and the platform identity; and
  
  E) if the user and the at least one user platform are authenticated in C), controlling the at least one communication interface so as to transmit to the at least one user platform first authenticated channel information relating to at least one authorized channel of the plurality of channels implemented in A), based at least in part on information access rights and/or security protocols respectively associated with the corresponding plurality of channels, the user, and the at least one user platform, wherein at least a portion of the first authenticated channel information to be transmitted to the at least one user platform is selected by the processor based at least in part on the user profile and is transmitted to the at least one user platform without being requested by the user, wherein the transmission of the first authenticated channel information to the at least one user platform is based in part on a bi-directional interrogation of the at least one authorized channel, wherein the bi-directional interrogation comprises the at least one authorized channel interrogating an identity management server, and wherein the bi-directional interrogation further comprises the identity management server and a web services gateway interrogating the at least one authorized channel, wherein the web services gateway is a tool through which the channel grid framework interacts with the identity management server.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36)
- - 2. The apparatus of claim 1, wherein the secure user-centric information includesat least one of:
    - text information;
      
      graphic information;
      
      one or more pictures;
      
      one or more videos;
      
      audio or digital sound;
      
      streaming data, audio or video;
      
      content associated with an executing computer application;
      
      voice-over-IP communication;
      
      instant messaging/SMS information;
      
      video-conferencing information;
      
      environmental monitoring information;
      
      financial services information;
      
      enterprise resource planning information;
      
      enterprise content management information;
      
      building information;
      
      project management information;
      
      product lifecycle management information;
      
      RSS (Really Simple Syndication) reader information;
      
      remote device control/interaction information;
      
      a three-dimensional graphic visualization of one or more objects and/or immersive environments;
      
      one or more word processing documents;
      
      one or more spreadsheets;
      
      one or more presentation/slide shows;
      
      email; and
      
      address book information.
  - 3. The apparatus of claim 1, wherein the first authenticated channel information is provided by at least one authenticated channel application and/or at least one authenticated service.
  - 4. The apparatus of claim 1, wherein the at least one communication interface includes a web services gateway communicatively coupled to the at least one user platform server via the one or more transmission media.
  - 5. The apparatus of claim 1, wherein:
    - C) comprises authenticating the user and the user platform based at least in part on the user profile; and
      
      D) comprises transmitting the first authenticated channel information to the at least one user platform based at least in part on the user profile.
  - 6. The apparatus of claim 1, wherein:
    - the at least one memory stores an authentication directory to provide the information access rights and/or security protocols respectively associated with the corresponding plurality of channels, the user, and the at least one user platform;
      
      the authentication directory includes a plurality of user accounts, a plurality of device accounts, and a plurality of application accounts; and
      
      C) comprises authenticating the user and the at least one user platform based at least in part on the plurality of user accounts and the plurality of device accounts included in the authentication directory.
  - 7. The apparatus of claim 6, wherein:
    - at least one user account of the plurality of user accounts includes at least one entry comprising at least one of;
      
      a user name;
      
      a user password;
      
      a user email;
      
      a user mailstop;
      
      a user telephone number;
      
      a user mobile number;
      
      a user building;
      
      a user campus; and
      
      at least one user group; and
      
      C) comprises authenticating the user if the user identity matches the at least one entry.
  - 8. The apparatus of claim 6, wherein:
    - at least one device account of the plurality of device accounts includes at least one entry comprising at least one of;
      
      a device name;
      
      a device type;
      
      a device manufacturer;
      
      a device model number;
      
      a device serial number;
      
      a device IP address;
      
      a device location;
      
      a device user; and
      
      a device password; and
      
      C) comprises authenticating the user platform if the platform identity matches the at least one entry.
  - 9. The apparatus of claim 8, wherein C) comprises authenticating the at least one user platform based at least in part on a location of the at least one user platform.
  - 10. The apparatus of claim 6, wherein D) comprises:
    - transmitting to the at least one user platform the first authenticated channel information based at least in part on the plurality of application accounts included in the authentication directory.
  - 11. The apparatus of claim 10, wherein:
    - at least one application account of the plurality of application accounts includes at least one entry comprising at least one of;
      
      an application name;
      
      an application serial number;
      
      at least one application module;
      
      at least one application web service;
      
      at least one application interface;
      
      at least one application protocol;
      
      at least one application host;
      
      an application IP address;
      
      an application location;
      
      an application user; and
      
      an application password.
  - 12. The apparatus of claim 10, wherein C) comprises authenticating the at least one user platform based at least in part on a location of the at least one user platform.
  - 13. The apparatus of claim 1, wherein in D), the at least one processor further manages the provision of and interaction with the secure user-centric information by:
    - D
      
      1) controlling the at least one communication interface to transmit channel information corresponding to at least some of the plurality of channels implemented in A), including the first authenticated channel information, to the at least one user platform so as to facilitate display of a desktop for the at least one user platform as a channel grid framework, the channel grid framework including a plurality of user-selectable items representing the at least some of the plurality of channels implemented in A), wherein, in D
      
      1), the plurality of user-selectable items included in the channel grid framework is based at least in part on the information access rights and/or the security protocols respectively associated with the corresponding plurality of channels, the user, and the user platform.
  - 14. A system, comprising:
    - the apparatus of claim 13; and
      
      the at least one user platform, wherein the at least one user platform comprises;
      
      a display device to display the desktop for the user platform;
      
      at least one second communication interface to facilitate wired and/or wireless communications to the apparatus via one or more transmission media;
      
      at least one second memory to store second processor-executable instructions; and
      
      at least one second processor communicatively coupled to the display device, the at least one second communication interface, and the at least one second memory,wherein upon execution of the second processor-executable instructions, the at least one second processor controls the display device to display the desktop for the at least one user platform as the channel grid framework based at least in part on the channel information received from the apparatus.
  - 15. The system of claim 14, wherein the at least one user platform includes at least one of:
    - a desktop computer;
      
      a laptop computer;
      
      a tablet computer;
      
      a net-book computing device;
      
      a handheld computing device;
      
      a personal, enterprise, or portable digital assistant;
      
      a telecommunications device including one of a telephone, a cell phone, and a smart phone;
      
      a personal navigation device;
      
      a vehicle-based device;
      
      an optical disk player;
      
      a television; and
      
      a game console.
  - 16. The system of claim 14, wherein:
    - the at least one user platform includes a plurality of user platforms communicatively coupled to the apparatus of claim 13; and
      
      the plurality of user platforms include multiple different types of computing devices and/or multiple different types of communication devices.
  - 17. The apparatus of claim 1, wherein the first authenticated channel information includes at least one of:
    - text information;
      
      graphic information;
      
      one or more pictures;
      
      one or more videos;
      
      audio or digital sound;
      
      streaming data, audio or video;
      
      content associated with an executing computer application;
      
      voice-over-IP communication;
      
      instant messaging/SMS information;
      
      video-conferencing information;
      
      environmental monitoring information;
      
      financial services information;
      
      enterprise resource planning information;
      
      enterprise content management information;
      
      building information;
      
      project management information;
      
      product lifecycle management information;
      
      RSS (Really Simple Syndication) reader information;
      
      remote device control/interaction information;
      
      a three-dimensional graphic visualization of one or more objects and/or immersive environments;
      
      one or more word processing documents;
      
      one or more spreadsheets;
      
      one or more presentation/slide shows;
      
      email; and
      
      address book information.
  - 18. The apparatus of claim 1, wherein:
    - in A), the at least one processer implements a channel server that defines one or more visual characterizations, one or more functions or features, and/or one or more information types provided by respective channels of the plurality of channels;
      
      the channel server implements at least the at least one authorized channel; and
      
      the at least one memory further stores at least one database including registries to one or more services and/or applications used by the channel server to implement the at least one authorized channel and provide the first authenticated channel information.
  - 19. The apparatus of claim 18, wherein the at least one processor manages provision of and interaction with at least some of the secure user-centric information by:
    - implementing at least one other server, communicatively coupled to the channel server, to provide the one or more services and/or applications registered in the at least one database and used by the channel server to implement the at least one authorized channel and provide the first authenticated channel information, wherein the at least one other server includes at least one of;
      
      an identity management server to authenticate the user and the at least on user platform in C);
      
      a video server to transform, transmit, and/or support delivery of video information and/or audio information included in the first authenticated channel information;
      
      an enterprise content management server to provide configuration, templates, visual content, user interface controls and management control for the first authenticated channel information;
      
      a device integration server to manage streaming or real-time information from a machine or device, which streaming or real-time information is included in the first authenticated channel information;
      
      a portal server to facilitate Internet-based function access by the at least one user platform;
      
      a channel alert server to monitor the first authenticated channel information so as to determine one or more events, conditions, logical workflows, discrete information values or signal data based on at least one threshold condition or parameter, and to generate at least one alert in response to the one or more determined events, conditions, logical workflows, discrete information values or signal data relating to the first authenticated channel information; and
      
      a virtual world server to provide a three-dimensional visualization of, and/or interaction with, the first authenticated channel information.
  - 20. The apparatus of claim 19, wherein the at least one other server includes:
    - the identity management server to authenticate the user and the at least on user platform in C).
  - 21. The apparatus of claim 19, wherein the at least one other server includes:
    - the video server to transform, transmit, and/or support delivery of video information and/or audio information included in the first authenticated channel information.
  - 22. The apparatus of claim 19, wherein the at least one other server includes:
    - the enterprise content management server to provide configuration, templates, visual content, user interface controls and management control for the first authenticated channel information.
  - 23. The apparatus of claim 19, wherein the at least one other server includes:
    - the device integration server to manage streaming or real-time information from a machine or device, which streaming or real-time information is included in the first authenticated channel information.
  - 24. The apparatus of claim 19, wherein the at least one other server includes:
    - the portal server to facilitate Internet-based function access by the at least one user platform.
  - 25. The apparatus of claim 19, wherein the at least one other server includes:
    - the channel alert server to monitor the first authenticated channel information so as to determine one or more events, conditions, logical workflows, discrete information values orsignal data based on at least one threshold condition or parameter, and to generate at least one alert in response to the one or more determined events, conditions, logical workflows, discrete information values or signal data relating to the first authenticated channel information.
  - 26. The apparatus of claim 25, wherein the at least one other server includes the channel alert server, and wherein the at least one threshold condition or parameter includes a numerical limit or a trend.
  - 27. The apparatus of claim 25, wherein the at least one other server includes the channel alert server, and wherein the at least one alert includes at least one of:
    - at least one visual alert;
      
      at least one auditory alert;
      
      at least one email message;
      
      at least one SMS text message;
      
      activation of at least one channel of the plurality of channels; and
      
      a notification to a law enforcement agency.
  - 28. The apparatus of claim 27, wherein the channel alert server controls the at least one communication interface so as to implement the at least one alert on at least one of:
    - a device operated by at least one other user associated with or designated by the user, wherein the at least one other user is authenticated by the apparatus to receive the at least one alert; and
      
      at least one other user platform authenticated by the apparatus to receive the at least one alert.
  - 29. The apparatus of claim 19, wherein the at least one other server includes:
    - the virtual world server to provide a three-dimensional visualization of, and/or interaction with, the first authenticated channel information.
  - 30. The apparatus of claim 19, wherein the at least one other server includes:
    - the identity management server to authenticate the user and the at least on user platform in C);
      
      the video server to transform, transmit, and/or support delivery of video information and/or audio information included in the first authenticated channel information;
      
      the enterprise content management server to provide configuration, templates, visual content, user interface controls and management control for the first authenticated channel information;
      
      the device integration server to manage streaming or real-time information from a machine or device, which streaming or real-time information is included in the first authenticated channel information;
      
      the portal server to facilitate Internet-based function access by the at least one user platform;
      
      the channel alert server to monitor the first authenticated channel information so as to determine one or more events, conditions, logical workflows, discrete information values or signal data based on at least one threshold condition or parameter, and to generate at least one alert in response to the one or more determined events, conditions, logical workflows, discrete information values or signal data relating to the first authenticated channel information; and
      
      the virtual world server to provide a three-dimensional visualization of, and/or interaction with, the first authenticated channel information.
  - 31. The apparatus of claim 19, wherein at least a portion of one or more of the first authenticated channel information, the video information, the audio information, the streaming or real-time information from a machine or device, the events, the conditions, the logical workflows, the discrete information values, and the signal data are stored in the at least one database.
  - 32. The apparatus of claim 19, wherein the at least one processor establishes a service-oriented architecture (SOA) including an enterprise service bus, wherein the channel server and the at least one other server are implemented as logical components that are communicatively coupled to each other and the at least one database via the enterprise service bus.
  - 33. The apparatus of claim 32, further comprising at least one second communication interface, communicatively coupled to the enterprise service bus, to access at least some of the one or more services and/or applications provided by the at least one other server and used by the channel server.
  - 34. The system of claim 33, wherein the at least one second communication interface includes an Internet multi-media services gateway to implement network traffic protocols so as to access at least some of the one or more services and/or applications provided by the at least one other server and used by the channel server.
  - 35. The system of claim 33, wherein the at least one second communication interface includes telecommunications network services so as to access, through telecommunication wireline and wireless services, at least some of the one or more services and/or applications provided by the at least one other server and used by the channel server.
  - 36. The apparatus of claim 1, wherein the one or more of the plurality of channels interrogating the identity management server comprises the one or more of the plurality of channels evaluating content provided by the identity management server and determining if services of the one or more of the plurality of channels are available, and wherein the identity management server and the web services gateway interrogating the one or more of the plurality of channels comprises the identity management server evaluating content provided by the one or more of the plurality of channels.

37. A method for providing secure user-centric information via a plurality of user platforms operated by a user, the method comprising:
- A) implementing a channel grid framework including a matrix of a plurality of channels through which the user receives and/or interacts with, via the plurality of user platforms, respective portions of the secure user-centric information, wherein implementing the plurality of channels comprises synchronizing functions and features of one or more of the plurality of channels across two or more of the plurality of user platforms deploying the secure user-centric information to two or more of the plurality of user platforms;
  
  B) establishing a user profile identifying user preferences, platform identities, and service support instructions that determine how the secure user-centric information behaves on at least one platform of the plurality of user platforms;
  
  C) receiving, from at least one user platform of the plurality of user platforms, a user identity for the user and a platform identity for the at least one user platform;
  
  D) authenticating the user and the at least one user platform to receive the secure user-centric information based at least in part on the user identity and the platform identity; and
  
  E) if the user and the at least one user platform are authenticated in C), transmitting to the at least one user platform first authenticated channel information relating to at least one authorized channel of the plurality of channels implemented in A), based at least in part on information access rights and/or security protocols respectively associated with the corresponding plurality of channels, the user, and the at least one user platform, wherein at least a portion of the first authenticated channel information to be transmitted to the at least one user platform is selected based at least in part on the user profile and is transmitted to the at least one user platform without being requested by the user, wherein the transmission of the first authenticated channel information to the at least one user platform is based in part on a bi-directional interrogation of the at least one authorized channel, wherein the bi-directional interrogation comprises the at least one authorized channel interrogating an identity management server, and wherein the bi-directional interrogation further comprises the identity management server and a web services gateway interrogating the at least one authorized channel, wherein the web services gateway is a tool through which the channel grid framework interacts with the identity management server.
- View Dependent Claims (38, 39, 40, 41)
- - 38. The method of claim 37, wherein:
    - the method further comprises establishing the user profile as part of an authentication directory including a plurality of user accounts, a plurality of device accounts, and a plurality of application accounts; and
      
      C) comprises authenticating the user and the at least one user platform based at least in part on the plurality of user accounts and the plurality of device accounts included in the authentication directory; and
      
      the method further comprises authenticating specific ones of the plurality of channels based at least in part on the plurality of application accounts included in the authentication directory.
  - 39. The method of claim 38, wherein:
    - at least one user account of the plurality of user accounts includes at least one entry comprising at least one of;
      
      a user name;
      
      a user password;
      
      a user email;
      
      a user mailstop;
      
      a user telephone number;
      
      a user mobile number;
      
      a user building;
      
      a user campus; and
      
      at least one user group; and
      
      in C, the user is authenticated if the user identity matches the at least one entry.
  - 40. The method of claim 39, wherein:
    - at least one device account of the plurality of device accounts includes at least one entry comprising at least one of;
      
      a device name;
      
      a device type;
      
      a device manufacturer;
      
      a device model number;
      
      a device serial number;
      
      a device IP address;
      
      a device location;
      
      a device user; and
      
      a device password; and
      
      in C, the user platform is authenticated if the platform identity matches the at least one entry.
  - 41. The method of claim 40, wherein:
    - at least one application account of the plurality of application accounts includes at least one application user and at least one additional entry comprising at least one of;
      
      an application name;
      
      an application serial number;
      
      at least one application module;
      
      at least one application web service;
      
      at least one application interface;
      
      at least one application protocol;
      
      at least one application host;
      
      an application IP address;
      
      an application location; and
      
      an application password; and
      
      the specific ones of the multiple channels are authenticated if the user identity matches the at least one application user.

42. At least one non-transitory computer readable storage medium storing processor-executable instructions that, when executed by at least one processor, perform a method for providing secure user-centric information via a plurality of user platforms operated by a user, the method comprising:
- A) implementing a channel grid framework including a matrix of a plurality of channels through which the user receives and/or interacts with, via the plurality of user platforms, respective portions of the secure user-centric information wherein implementing the plurality of channels comprises synchronizing functions and features of one or more of the plurality of channels across two or more of the plurality of user platforms by deploying the secure user-centric information to two or more of the plurality of user platforms;
  
  B) establishing a user profile identifying user preferences, platform identities, and service support instructions that determine how the secure user-centric information behaves on at least one platform of the plurality of user platforms;
  
  C) receiving, from at least one user platform of the plurality of user platforms, a user identity for the user and a platform identity for the at least one user platform;
  
  D) authenticating the user and the at least one user platform to receive the secure user-centric information based at least in part on the user identity and the platform identity; and
  
  E) if the user and the at least one user platform are authenticated in C), transmitting to the at least one user platform first authenticated channel information relating to at least one authorized channel of the plurality of channels implemented in A), based at least in part on information access rights and/or security protocols respectively associated with the corresponding plurality of channels, the user, and the at least one user platform, wherein at least a portion of the first authenticated channel information to be transmitted to the at least one user platform is selected based at least in part on the user profile and is transmitted to the at least one user platform without being requested by the user, wherein the transmission of the first authenticated channel information to the at least one user platform is based in part on a bi-directional interrogation of the at least one authorized channel, wherein the bi-directional interrogation comprises the at least one authorized channel interrogating an identity management server, and wherein the bi-directional interrogation further comprises the identity management server and a web services gateway interrogating the at least one authorized channel, wherein the web services gateway is a tool through which the channel grid framework interacts with the identity management server.

Specification

Resources

Litigation Campaign Assessment

Litigation Data

Current Assignee
Cyandia, Inc.
Original Assignee
Cyandia, Inc.
Inventors
Wetzer, Michael, Theriault, Thomas
Primary Examiner(s)
Bashore, William
Assistant Examiner(s)
NABI, REZA U

Application Number

US13/086,274
Publication Number

US 20110252461A1
Time in Patent Office

937 Days
Field of Search

715/769
US Class Current

715/769
CPC Class Codes

G06F 9/54 Interprogram communication

Methods, apparatus and systems for providing secure information via multiple authorized channels to authenticated users and user devices

First Claim

3 Assignments

Litigations

0 Petitions

Accused Products

Abstract

Citations

42 Claims

Specification

Solutions

Use Cases

Quick Links

Methods, apparatus and systems for providing secure information via multiple authorized channels to authenticated users and user devices

First Claim

3 Assignments

Subscription Required

Subscription Required

Litigations

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

42 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links