Location awareness session management and cross application session management

US 9,271,110 B1
Filed: 07/09/2012
Issued: 02/23/2016
Est. Priority Date: 07/09/2012
Status: Expired due to Fees

First Claim

Patent Images

1. A location aware session token generation and validation system, comprising:

a server system comprising at least one processor;

at least one non-transitory memory coupled to the at least one processor; and

a token component stored in the at least one non-transitory memory that, upon execution by the at least one processor of the server system, configures the server system to;

receive a request to initiate an application level session from a mobile device comprising a global session management component stored in non-transitory memory of the mobile device, wherein the request includes an identification of the mobile device and a location of the mobile device within a predefined area of a communication network,generate a token that initiates the application level session based on the request, wherein the token is time limited to a specified period of time and location limited to the predefined area such that the application level session is designated to expire based on at least one of the end of the specified period of time or the mobile device moving outside of the predefined area,send the token to the mobile device via the communication network, wherein the mobile device comprises a plurality of tokens that each correspond to a respective one of a plurality of application level sessions, wherein each application level session includes an interactive secure information exchange between an application server and an application via a radio transceiver of the mobile device based on a completed authentication and authorization for the application that is stored in a non-transitory memory of the mobile device,receive an application level session message from the mobile device using the global session management component, wherein the application level session message includes a requested application level session action associated with the application level session, a current location of the mobile device, and the token for the application level session,determine, by analysis of the token, that the current location does not match the location associated with the token due to the mobile device moving outside of the predefined area and that a level of activity on the mobile device meets or exceeds a pre-specified level of activity,responsive to the determination, extend the application level session associated with the token despite the current location of the mobile device being outside of the predefined area, andperform the requested application level session action based on the extended application level session.

View all claims

5 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A location aware session token generation and validation system is provided. The system comprises a server system comprising at least one processor. The server system also comprises at least one non-transitory memory. The system further comprises a token component stored on the at least one non-transitory memory that, when executed by the server system, receives a request to initiate an application level session from a mobile device, wherein the request includes an identification of the mobile device and a location of the mobile device, generates a token for the application level session wherein the token is time limited and location limited such that the application level session will expire at the end of a specified period of time or when the mobile device moves from the location.

62 Citations

View as Search Results

20 Claims

1. A location aware session token generation and validation system, comprising:
- a server system comprising at least one processor;
  
  at least one non-transitory memory coupled to the at least one processor; and
  
  a token component stored in the at least one non-transitory memory that, upon execution by the at least one processor of the server system, configures the server system to;
  
  receive a request to initiate an application level session from a mobile device comprising a global session management component stored in non-transitory memory of the mobile device, wherein the request includes an identification of the mobile device and a location of the mobile device within a predefined area of a communication network,generate a token that initiates the application level session based on the request, wherein the token is time limited to a specified period of time and location limited to the predefined area such that the application level session is designated to expire based on at least one of the end of the specified period of time or the mobile device moving outside of the predefined area,send the token to the mobile device via the communication network, wherein the mobile device comprises a plurality of tokens that each correspond to a respective one of a plurality of application level sessions, wherein each application level session includes an interactive secure information exchange between an application server and an application via a radio transceiver of the mobile device based on a completed authentication and authorization for the application that is stored in a non-transitory memory of the mobile device,receive an application level session message from the mobile device using the global session management component, wherein the application level session message includes a requested application level session action associated with the application level session, a current location of the mobile device, and the token for the application level session,determine, by analysis of the token, that the current location does not match the location associated with the token due to the mobile device moving outside of the predefined area and that a level of activity on the mobile device meets or exceeds a pre-specified level of activity,responsive to the determination, extend the application level session associated with the token despite the current location of the mobile device being outside of the predefined area, andperform the requested application level session action based on the extended application level session.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The location aware session token generation and validation system of claim 1, wherein determination that the level of activity on the mobile device meets or exceeds the pre-specified level of activity is responsive to the determination that the current location does not match the location.
  - 3. The location aware session token generation and validation system of claim 1, wherein the level of activity on the mobile device that meets or exceeds the pre-specified level of activity is associated with at least one of the plurality of application level sessions.
  - 4. The location aware session token generation and validation system of claim 1, wherein the current location is within a predefined radius from a point corresponding to the determined location associated with the token.
  - 5. The location aware session token generation and validation system of claim 1, wherein the location associated with the token is within the predefined area based on proximity to a predefined radio source of the communication network.
  - 6. The location aware session token generation and validation system of claim 5, wherein the predefined radio source comprises one of a particular local network, a particular WiFi network, and a particular base station tower.
  - 7. The location aware session token generation and validation system of claim 1, wherein the requested session action comprises one of manipulating data on a data store, retrieving data from the data store and sending the data to the mobile device, or receiving data from the mobile device and storing the data on the data store.

8. A cross application session management system for a mobile device, comprising:
- a mobile device comprising;
  
  a radio transceiver that couples to a communication network,at least one processor,at least one non-transitory memory coupled to the at least one processor,a plurality of tokens stored in the at least one non-transitory memory, wherein each of the plurality of tokens corresponds to a respective one of a plurality of application level sessions, and each of the plurality of tokens is associated with a location within a predefined area of the communication network, anda global session management component stored in the at least one non-transitory memory that, upon execution by the at least one processor, configures the mobile device to;
  
  monitor activity on the plurality of application level sessions, wherein each application level session includes an interactive secure information exchange between an application server and an application via the radio transceiver based on a completed authentication and authorization for the application that is stored in the at least one non-transitory memory of the mobile device,determine that activity on at least one of the plurality of application level sessions meets or exceeds a pre-specified level of activity, andbased on the determination, maintain the application level session life for at least another application level session of the plurality of application level sessions by sending;
  
  an application level session message reporting the activity of the at least one of the plurality of application level sessions that meets or exceeds the pre-specified level of activity, a token corresponding to the another application level session, and a current location of the mobile device that is outside of the predefined area associated with the token, wherein the application level session is extended despite the current location of the mobile device being outside of the redefined area.
- View Dependent Claims (9, 10, 11)
- - 9. The system of claim 8, wherein the token is designated to end the another application level session responsive to the current location of the mobile device not matching the location associated with the token.
  - 10. The system of claim 9, wherein the another application level session corresponding to the token that includes the location component is extended when the global session management component determines a specified level of activity on one of the plurality of application level sessions during movement of the mobile device.
  - 11. The system of claim 10, wherein the mobile device comprises at least one of a mobile telephone, a tablet computer, or a laptop computer.

12. A method for session management for a mobile device, comprising:
- receiving, at an authenticating server executing at least one processor, a request for a token to authenticate an application level session with a communication network of a service provider, wherein the request includes an identification of the mobile device and a location of the mobile device within a predefined area of the communication network;
  
  generating, by the authenticating server executing a token component, a token that initiates the application level session, wherein the token is time limited and location limited to a predefined area associated with the token at the time of generation;
  
  sending, from the authenticating server, the token to the mobile device;
  
  receiving, at the authenticating server, a session message for the application level session from the mobile device, wherein the session message includes a requested session action for the application level session, a current location of the mobile device, an activity level on the mobile device, and the token for the application level session, wherein the application level session includes an interactive secure information exchange between an application server and an application via a radio transceiver of the mobile device based on a completed authentication and authorization for the application that is stored a non-transitory memory of the mobile device;
  
  determining, by the authentication server analyzing the token, that the current location does not match the location associated with the token due to the mobile device moving outside of the predefined area and that the activity level at least meets a pre-specified level of activity;
  
  responsive to the determination, extending, by the authenticating server, the application level session associated with the token despite the current location of the mobile device being outside of the predefined area; and
  
  performing the requested session action based on extending the application level session.
- View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20)
- - 13. The method of claim 12, wherein extending the application level session comprises extending the predefined period of time associated with expiration of the application level session.
  - 14. The method of claim 12, further comprising ending the application level session responsive to expiration of a predefined period of time associated with the token and a level of activity below the pre-specified level for all of a plurality of application level sessions associated with the mobile device.
  - 15. The method of claim 12, further comprising:
    - ending the application level session responsive to the current location not matching the location of the token and the activity level being less than the pre-specified level of activity.
  - 16. The method of claim 12, wherein the requested session action comprises at least one of manipulating data on a data store, retrieving data from the data store and sending the data to the mobile device, or receiving data from the mobile device and storing the data on the data store.
  - 17. The method of claim 12, wherein the activity level is the activity level corresponding to a different application level session.
  - 18. The method of claim 12, wherein the current location does not match the location when the current location is outside of the predefined area.
  - 19. The method of claim 12, wherein the mobile device comprises at least one of a mobile telephone, a tablet computer, or laptop computer.
  - 20. The method of claim 12, wherein the current location of the mobile device is based on at least one of global positioning system coordinates or triangulation within the communication network.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Sprint Communications Company LP (Deutsche Telekom AG)
Original Assignee
Sprint Communications Company LP (Deutsche Telekom AG)
Inventors
Fultz, David K., Vijayakirthi, Victor Anend
Primary Examiner(s)
Manoharan, Muthuswamy

Application Number

US13/544,802
Time in Patent Office

1,324 Days
Field of Search

455/411, 455/456.1, 455/456.2, 455/456.3
US Class Current

1/1
CPC Class Codes

H04W 12/06   Authentication

H04W 4/02   Services making use of loca...

H04W 4/029   Location-based management o...

Location awareness session management and cross application session management

First Claim

5 Assignments

0 Petitions

Accused Products

Abstract

62 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Location awareness session management and cross application session management

First Claim

5 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

62 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links