Location awareness session management and cross application session management
First Claim
1. A location aware session token generation and validation system, comprising:
- a server system comprising at least one processor;
at least one non-transitory memory coupled to the at least one processor; and
a token component stored in the at least one non-transitory memory that, upon execution by the at least one processor of the server system, configures the server system to;
receive a request to initiate an application level session from a mobile device comprising a global session management component stored in non-transitory memory of the mobile device, wherein the request includes an identification of the mobile device and a location of the mobile device within a predefined area of a communication network,generate a token that initiates the application level session based on the request, wherein the token is time limited to a specified period of time and location limited to the predefined area such that the application level session is designated to expire based on at least one of the end of the specified period of time or the mobile device moving outside of the predefined area,send the token to the mobile device via the communication network, wherein the mobile device comprises a plurality of tokens that each correspond to a respective one of a plurality of application level sessions, wherein each application level session includes an interactive secure information exchange between an application server and an application via a radio transceiver of the mobile device based on a completed authentication and authorization for the application that is stored in a non-transitory memory of the mobile device,receive an application level session message from the mobile device using the global session management component, wherein the application level session message includes a requested application level session action associated with the application level session, a current location of the mobile device, and the token for the application level session,determine, by analysis of the token, that the current location does not match the location associated with the token due to the mobile device moving outside of the predefined area and that a level of activity on the mobile device meets or exceeds a pre-specified level of activity,responsive to the determination, extend the application level session associated with the token despite the current location of the mobile device being outside of the predefined area, andperform the requested application level session action based on the extended application level session.
5 Assignments
0 Petitions
Accused Products
Abstract
A location aware session token generation and validation system is provided. The system comprises a server system comprising at least one processor. The server system also comprises at least one non-transitory memory. The system further comprises a token component stored on the at least one non-transitory memory that, when executed by the server system, receives a request to initiate an application level session from a mobile device, wherein the request includes an identification of the mobile device and a location of the mobile device, generates a token for the application level session wherein the token is time limited and location limited such that the application level session will expire at the end of a specified period of time or when the mobile device moves from the location.
62 Citations
20 Claims
-
1. A location aware session token generation and validation system, comprising:
-
a server system comprising at least one processor; at least one non-transitory memory coupled to the at least one processor; and a token component stored in the at least one non-transitory memory that, upon execution by the at least one processor of the server system, configures the server system to; receive a request to initiate an application level session from a mobile device comprising a global session management component stored in non-transitory memory of the mobile device, wherein the request includes an identification of the mobile device and a location of the mobile device within a predefined area of a communication network, generate a token that initiates the application level session based on the request, wherein the token is time limited to a specified period of time and location limited to the predefined area such that the application level session is designated to expire based on at least one of the end of the specified period of time or the mobile device moving outside of the predefined area, send the token to the mobile device via the communication network, wherein the mobile device comprises a plurality of tokens that each correspond to a respective one of a plurality of application level sessions, wherein each application level session includes an interactive secure information exchange between an application server and an application via a radio transceiver of the mobile device based on a completed authentication and authorization for the application that is stored in a non-transitory memory of the mobile device, receive an application level session message from the mobile device using the global session management component, wherein the application level session message includes a requested application level session action associated with the application level session, a current location of the mobile device, and the token for the application level session, determine, by analysis of the token, that the current location does not match the location associated with the token due to the mobile device moving outside of the predefined area and that a level of activity on the mobile device meets or exceeds a pre-specified level of activity, responsive to the determination, extend the application level session associated with the token despite the current location of the mobile device being outside of the predefined area, and perform the requested application level session action based on the extended application level session. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A cross application session management system for a mobile device, comprising:
a mobile device comprising; a radio transceiver that couples to a communication network, at least one processor, at least one non-transitory memory coupled to the at least one processor, a plurality of tokens stored in the at least one non-transitory memory, wherein each of the plurality of tokens corresponds to a respective one of a plurality of application level sessions, and each of the plurality of tokens is associated with a location within a predefined area of the communication network, and a global session management component stored in the at least one non-transitory memory that, upon execution by the at least one processor, configures the mobile device to; monitor activity on the plurality of application level sessions, wherein each application level session includes an interactive secure information exchange between an application server and an application via the radio transceiver based on a completed authentication and authorization for the application that is stored in the at least one non-transitory memory of the mobile device, determine that activity on at least one of the plurality of application level sessions meets or exceeds a pre-specified level of activity, and based on the determination, maintain the application level session life for at least another application level session of the plurality of application level sessions by sending;
an application level session message reporting the activity of the at least one of the plurality of application level sessions that meets or exceeds the pre-specified level of activity, a token corresponding to the another application level session, and a current location of the mobile device that is outside of the predefined area associated with the token, wherein the application level session is extended despite the current location of the mobile device being outside of the redefined area.- View Dependent Claims (9, 10, 11)
-
12. A method for session management for a mobile device, comprising:
-
receiving, at an authenticating server executing at least one processor, a request for a token to authenticate an application level session with a communication network of a service provider, wherein the request includes an identification of the mobile device and a location of the mobile device within a predefined area of the communication network; generating, by the authenticating server executing a token component, a token that initiates the application level session, wherein the token is time limited and location limited to a predefined area associated with the token at the time of generation; sending, from the authenticating server, the token to the mobile device; receiving, at the authenticating server, a session message for the application level session from the mobile device, wherein the session message includes a requested session action for the application level session, a current location of the mobile device, an activity level on the mobile device, and the token for the application level session, wherein the application level session includes an interactive secure information exchange between an application server and an application via a radio transceiver of the mobile device based on a completed authentication and authorization for the application that is stored a non-transitory memory of the mobile device; determining, by the authentication server analyzing the token, that the current location does not match the location associated with the token due to the mobile device moving outside of the predefined area and that the activity level at least meets a pre-specified level of activity; responsive to the determination, extending, by the authenticating server, the application level session associated with the token despite the current location of the mobile device being outside of the predefined area; and performing the requested session action based on extending the application level session. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20)
-
Specification