Method and apparatus for intercepting events in a communication system
First Claim
1. A communication management device, comprising:
- a processor configured to operate as a legal intercept for intercepting data associated with a target user pursuant to a legal warrant.
4 Assignments
0 Petitions

Accused Products

Abstract
An intercept system provides more effective and more efficient compliance with legal intercept warrants. The intercept system can provide any combination of operations that include near-real-time intercept, capture of intercepted data in structured authenticated form, clear text intercept for communications where there is access to encryption keys, cipher text intercept for communications where there is no access to encryption keys, provision of transactional logs to the authorized agency, interception without altering the operation of the target services, and encryption of stored intercepted information.
265 Citations
MOBILE GATEWAY | ||
Patent #
US 20110122827A1
Filed 07/28/2009
|
Current Assignee
VoIP-Pal.com Inc.
|
Original Assignee
Digifonica International Limited
|
Method apparatus and system for capturing and analyzing interaction based content | ||
Patent #
US 7,953,219 B2
Filed 07/18/2002
|
Current Assignee
Nice Ltd
|
Original Assignee
Nice Systems Limited
|
ELECTRONIC MONITORING SYSTEM AND METHOD | ||
Patent #
US 20110145888A1
Filed 12/15/2010
|
Current Assignee
Electronics and Telecommunications Research Institute
|
Original Assignee
Electronics and Telecommunications Research Institute
|
Lawful Authorities Warrant Management | ||
Patent #
US 20110202980A1
Filed 10/10/2008
|
Current Assignee
Telefonaktiebolaget LM Ericsson
|
Original Assignee
Telefonaktiebolaget LM Ericsson
|
Apparatus and method for audio analysis | ||
Patent #
US 8,005,675 B2
Filed 03/17/2005
|
Current Assignee
Nice Ltd
|
Original Assignee
Nice Systems Limited
|
Flexible billing architecture | ||
Patent #
US 8,010,082 B2
Filed 10/19/2005
|
Current Assignee
Seven Networks Inc
|
Original Assignee
Seven Networks Inc
|
METHOD, APPARATUS AND SYSTEM FOR CAPTURING AND ANALYZING INTERACTION BASED CONTENT | ||
Patent #
US 20110206198A1
Filed 05/02/2011
|
Current Assignee
Nice Systems Limited
|
Original Assignee
Nice Systems Limited
|
Managing user-to-user contact with inferred presence information | ||
Patent #
US 8,069,166 B2
Filed 02/27/2006
|
Current Assignee
Seven Networks LLC
|
Original Assignee
Seven Networks Inc
|
Multiple data store authentication | ||
Patent #
US 8,064,583 B1
Filed 09/21/2006
|
Current Assignee
Seven Networks LLC
|
Original Assignee
Seven Networks Inc
|
Apparatus and method for event-driven content analysis | ||
Patent #
US 8,060,364 B2
Filed 11/13/2003
|
Current Assignee
Nice Ltd
|
Original Assignee
Nice Systems Limited
|
INTERCEPTING VOICE OVER IP COMMUNICATIONS AND OTHER DATA COMMUNICATIONS | ||
Patent #
US 20100150138A1
Filed 11/29/2007
|
Current Assignee
VoIP-Pal.com Inc.
|
Original Assignee
Digifonica International Limited
|
Apparatus and method for multimedia content based manipulation | ||
Patent #
US 7,714,878 B2
Filed 08/09/2004
|
Current Assignee
Nice Ltd
|
Original Assignee
Nice Systems Limited
|
Apparatus And Methods For The Semi-Automatic Tracking And Examining Of An Object Or An Event In A Monitored Site | ||
Patent #
US 20100157049A1
Filed 04/03/2005
|
Current Assignee
Qognify Ltd.
|
Original Assignee
Qognify Ltd.
|
Method and apparatus for segmentation of audio interactions | ||
Patent #
US 7,716,048 B2
Filed 01/25/2006
|
Current Assignee
Nice Systems Limited
|
Original Assignee
Nice Systems Limited
|
System and method for video content analysis-based detection, surveillance and alarm management | ||
Patent #
US 7,683,929 B2
Filed 12/26/2002
|
Current Assignee
Qognify Ltd.
|
Original Assignee
Nice Systems Limited
|
RFID tag management and operation | ||
Patent #
US 7,817,042 B2
Filed 02/23/2007
|
Current Assignee
Cisco Technology Incorporated
|
Original Assignee
Cisco Technology Incorporated
|
EMERGENCY ASSISTANCE CALLING FOR VOICE OVER IP COMMUNICATIONS SYSTEMS | ||
Patent #
US 20100172345A1
Filed 03/20/2008
|
Current Assignee
VoIP-Pal.com Inc.
|
Original Assignee
Digifonica International Limited
|
Method and apparatus for combining traffic analysis and monitoring center in lawful interception | ||
Patent #
US 7,770,221 B2
Filed 05/18/2006
|
Current Assignee
Cyberbit Ltd.
|
Original Assignee
Nice Systems Limited
|
INTERCEPTION METHOD INTERWORKING WITH COMMUNICATION NETWORK AND INTERNET NETWORK | ||
Patent #
US 20100115018A1
Filed 08/12/2009
|
Current Assignee
Electronics and Telecommunications Research Institute
|
Original Assignee
Electronics and Telecommunications Research Institute
|
PRODUCING ROUTING MESSAGES FOR VOICE OVER IP COMMUNICATIONS | ||
Patent #
US 20100150328A1
Filed 11/01/2007
|
Current Assignee
VoIP-Pal.com Inc.
|
Original Assignee
Digifonica International Limited
|
Method and apparatus for internal and external monitoring of a transportation vehicle | ||
Patent #
US 7,761,544 B2
Filed 03/06/2003
|
Current Assignee
Nice Ltd
|
Original Assignee
Nice Systems Limited
|
Method and apparatus for fraud detection | ||
Patent #
US 7,801,288 B2
Filed 02/29/2008
|
Current Assignee
Nice Ltd
|
Original Assignee
Nice Systems Limited
|
Method and apparatus for large population speaker identification in telephone interactions | ||
Patent #
US 7,822,605 B2
Filed 10/19/2006
|
Current Assignee
Nice Ltd
|
Original Assignee
Nice Systems Limited
|
METHOD AND APPARATUS FOR ADAPTIVE INTERACTION ANALYTICS | ||
Patent #
US 20090012826A1
Filed 07/02/2007
|
Current Assignee
Nice Systems Limited
|
Original Assignee
Nice Systems Limited
|
Apparatus and method for audio content analysis, marking and summing | ||
Patent #
US 7,546,173 B2
Filed 08/18/2003
|
Current Assignee
Nice Systems Limited
|
Original Assignee
Nice Systems Limited
|
System and method for the automatic control of video frame rate | ||
Patent #
US 7,573,421 B2
Filed 09/24/2002
|
Current Assignee
Qognify Ltd.
|
Original Assignee
Nice Systems Limited
|
COMMUNICATION SYSTEM | ||
Patent #
US 20090204817A1
Filed 09/15/2008
|
Current Assignee
OCI Mobile LLC
|
Original Assignee
OCI Mobile LLC
|
Method and system for automatic quality evaluation | ||
Patent #
US 7,577,246 B2
Filed 12/20/2006
|
Current Assignee
Nice Ltd
|
Original Assignee
Nice Systems Limited
|
Method and apparatus for generic analytics | ||
Patent #
US 7,599,475 B2
Filed 05/02/2007
|
Current Assignee
Nice Ltd
|
Original Assignee
Nice Systems Limited
|
Method and apparatus for lawful interception of web based messaging communication | ||
Patent #
US 7,631,046 B2
Filed 10/26/2006
|
Current Assignee
Cyberbit Ltd.
|
Original Assignee
Nice Systems Limited
|
Apparatus and Methods for the Detection of Emotions in Audio Interactions | ||
Patent #
US 20080040110A1
Filed 08/08/2005
|
Current Assignee
Nice Systems Limited
|
Original Assignee
Nice Systems Limited
|
METHOD AND APPARATUS FOR LAWFUL INTERCEPTION OF WEB BASED MESSAGING COMMUNICATION | ||
Patent #
US 20080148397A1
Filed 10/26/2006
|
Current Assignee
Cyberbit Ltd.
|
Original Assignee
Nice Systems Limited
|
Method and apparatus for fraud detection | ||
Patent #
US 7,386,105 B2
Filed 05/27/2005
|
Current Assignee
Nice Ltd
|
Original Assignee
Nice Systems Limited
|
METHOD AND SYSTEM FOR AUTOMATIC QUALITY EVALUATION | ||
Patent #
US 20080152122A1
Filed 12/20/2006
|
Current Assignee
Nice Ltd
|
Original Assignee
Nice Systems Limited
|
Method and Apparatus For Segmentation of Audio Interactions | ||
Patent #
US 20080181417A1
Filed 01/25/2006
|
Current Assignee
Nice Systems Limited
|
Original Assignee
Nice Systems Limited
|
RFID TAG MANAGEMENT AND OPERATION | ||
Patent #
US 20080204248A1
Filed 02/23/2007
|
Current Assignee
Cisco Technology Incorporated
|
Original Assignee
Cisco Technology Incorporated
|
METHOD AND APPARATUS FOR LARGE POPULATION SPEAKER IDENTIFICATION IN TELEPHONE INTERACTIONS | ||
Patent #
US 20080195387A1
Filed 10/19/2006
|
Current Assignee
Nice Ltd
|
Original Assignee
Nice Systems Limited
|
METHOD AND SYSTEM FOR LAUGHTER DETECTION | ||
Patent #
US 20080195385A1
Filed 02/11/2007
|
Current Assignee
Nice Ltd
|
Original Assignee
Nice Systems Limited
|
METHOD AND APPARATUS FOR CALL CATEGORIZATION | ||
Patent #
US 20080189171A1
Filed 02/01/2007
|
Current Assignee
Nice Systems Limited
|
Original Assignee
Nice Systems Limited
|
METHOD AND APPARATUS FOR GENERIC ANALYTICS | ||
Patent #
US 20080228296A1
Filed 05/02/2007
|
Current Assignee
Nice Ltd
|
Original Assignee
Nice Systems Limited
|
Method and apparatus for video frame sequence-based object tracking | ||
Patent #
US 7,436,887 B2
Filed 02/06/2003
|
Current Assignee
Qognify Ltd.
|
Original Assignee
Playtex Products Incorporated
|
LEGAL INTERCEPT OF COMMUNICATION TRAFFIC PARTICULARLY USEFUL IN A MOBILE ENVIRONMENT | ||
Patent #
US 20080276294A1
Filed 05/02/2007
|
Current Assignee
Apogee Telecom Incorporated
|
Original Assignee
Apogee Telecom Incorporated
|
Automatic speech analysis | ||
Patent #
US 20070250318A1
Filed 04/25/2006
|
Current Assignee
Nice Ltd
|
Original Assignee
Nice Systems Limited
|
Apparatus and method for multimedia content based manipulation | ||
Patent #
US 20060028488A1
Filed 07/01/2005
|
Current Assignee
Nice Ltd
|
Original Assignee
Nice Systems Limited
|
Apparatus and methods for the detection of abnormal motion in a video stream | ||
Patent #
US 20060045185A1
Filed 08/31/2004
|
Current Assignee
Qognify Ltd.
|
Original Assignee
Nice Systems Limited, Ramot At TEL AVIV University Limited
|
Apparatus, system and method for dispute resolution, regulation compliance and quality management in financial institutions | ||
Patent #
US 20060089837A1
Filed 04/09/2003
|
Current Assignee
Nice Ltd
|
Original Assignee
Nice Ltd
|
Method and apparatus for speaker spotting | ||
Patent #
US 20060111904A1
Filed 11/23/2004
|
Current Assignee
Nice Ltd
|
Original Assignee
Nice Systems Limited
|
Apparatus and method for audio content analysis, marking and summing | ||
Patent #
US 20060133624A1
Filed 12/17/2003
|
Current Assignee
Nice Systems Limited
|
Original Assignee
Nice Systems Limited
|
Systems and methods for dynamic modification of a stream of data packets | ||
Patent #
US 20060126664A1
Filed 12/01/2005
|
Current Assignee
Pactolus Communications Software
|
Original Assignee
Pactolus Communications Software
|
Upgrading performance using aggregated information shared between management systems | ||
Patent #
US 20060179064A1
Filed 02/07/2006
|
Current Assignee
Nice Systems Limited
|
Original Assignee
Nice Systems Limited
|
Apparatus and method for audio analysis | ||
Patent #
US 20060212295A1
Filed 03/17/2005
|
Current Assignee
Nice Ltd
|
Original Assignee
Nice Systems Limited
|
Method and apparatus for fraud detection | ||
Patent #
US 20060285665A1
Filed 05/27/2005
|
Current Assignee
Nice Ltd
|
Original Assignee
Nice Systems Limited
|
Recording and quality management solutions for walk-in environments | ||
Patent #
US 20050030374A1
Filed 09/05/2002
|
Current Assignee
Nice Systems Limited
|
Original Assignee
Nice Systems Limited
|
System and method for the automatic control of video frame rate | ||
Patent #
US 20050046611A1
Filed 08/10/2004
|
Current Assignee
Qognify Ltd.
|
Original Assignee
Nice Systems Limited
|
System and method for traveler interactions management | ||
Patent #
US 20050128304A1
Filed 03/06/2003
|
Current Assignee
Nice Systems Limited
|
Original Assignee
Nice Systems Limited
|
System and method for video content analysis-based detection, surveillance and alarm management | ||
Patent #
US 20050204378A1
Filed 03/10/2004
|
Current Assignee
Nice Systems Limited
|
Original Assignee
Nice Systems Limited
|
Method and apparatus for internal and external monitoring of a transportation vehicle | ||
Patent #
US 20050258942A1
Filed 06/15/2005
|
Current Assignee
Nice Ltd
|
Original Assignee
Nice Systems Limited
|
System and method for video content analysis-based detection, surveillance and alarm management | ||
Patent #
US 20040161133A1
Filed 11/24/2003
|
Current Assignee
Qognify Ltd.
|
Original Assignee
Nice Systems Limited
|
Method apparatus and system for capturing and analyzing interaction based content | ||
Patent #
US 20040249650A1
Filed 07/14/2004
|
Current Assignee
Nice Ltd
|
Original Assignee
Nice Systems Limited
|
Secure end-to-end transport through intermediary nodes | ||
Patent #
US 8,127,342 B2
Filed 09/23/2010
|
Current Assignee
Seven Networks Inc
|
Original Assignee
Seven Networks Inc
|
Method and apparatus for speaker spotting | ||
Patent #
US 8,078,463 B2
Filed 11/23/2004
|
Current Assignee
Nice Ltd
|
Original Assignee
Nice Systems Limited
|
Provisioning applications for a mobile device | ||
Patent #
US 8,078,158 B2
Filed 06/26/2008
|
Current Assignee
Seven Networks Inc
|
Original Assignee
Seven Networks Inc
|
Provisioning of e-mail settings for a mobile terminal | ||
Patent #
US 8,116,214 B2
Filed 11/30/2005
|
Current Assignee
Seven Networks Inc
|
Original Assignee
Seven Networks Inc
|
Mobile virtual network operator | ||
Patent #
US 8,107,921 B2
Filed 01/11/2008
|
Current Assignee
Seven Networks Inc
|
Original Assignee
Seven Networks Inc
|
Application and network-based long poll request detection and cacheability assessment therefor | ||
Patent #
US 8,166,164 B1
Filed 10/14/2011
|
Current Assignee
Seven Networks LLC
|
Original Assignee
Seven Networks Inc
|
Cache defeat detection and caching of content addressed by identifiers intended to defeat cache | ||
Patent #
US 8,190,701 B2
Filed 11/01/2011
|
Current Assignee
Seven Networks LLC
|
Original Assignee
Seven Networks Inc
|
Application and network-based long poll request detection and cacheability assessment therefor | ||
Patent #
US 8,291,076 B2
Filed 03/05/2012
|
Current Assignee
Seven Networks LLC
|
Original Assignee
Seven Networks Inc
|
METHOD AND APPARATUS FOR PROVIDING SERVICE PROVIDER-CONTROLLED COMMUNICATION SECURITY | ||
Patent #
US 20120275598A1
Filed 06/10/2011
|
Current Assignee
Nokia Technologies Oy
|
Original Assignee
Nokia Corporation
|
Social caching for device resource sharing and management | ||
Patent #
US 8,316,098 B2
Filed 04/19/2012
|
Current Assignee
Seven Networks Inc
|
Original Assignee
Seven Networks Inc
|
Distributed management of keep-alive message signaling for mobile network resource conservation and optimization | ||
Patent #
US 8,326,985 B2
Filed 11/01/2011
|
Current Assignee
Seven Networks LLC
|
Original Assignee
Seven Networks Inc
|
System and method for a mobile device to use physical storage of another device for caching | ||
Patent #
US 8,356,080 B2
Filed 07/20/2012
|
Current Assignee
Seven Networks Inc
|
Original Assignee
Seven Networks Inc
|
Method, apparatus and system for capturing and analyzing interaction based content | ||
Patent #
US 8,204,884 B2
Filed 05/02/2011
|
Current Assignee
Nice Systems Limited
|
Original Assignee
Nice Systems Limited
|
Electronic-mail filtering for mobile devices | ||
Patent #
US 8,364,181 B2
Filed 12/10/2007
|
Current Assignee
Seven Networks Inc
|
Original Assignee
Seven Networks Inc
|
Context aware data presentation | ||
Patent #
US 8,412,675 B2
Filed 02/24/2006
|
Current Assignee
Seven Networks Inc
|
Original Assignee
Seven Networks Inc
|
Aligning data transfer to optimize connections established for transmission over a wireless network | ||
Patent #
US 8,417,823 B2
Filed 11/18/2011
|
Current Assignee
Seven Networks Inc
|
Original Assignee
Seven Networks LLC
|
Intercepting voice over IP communications and other data communications | ||
Patent #
US 8,422,507 B2
Filed 11/29/2007
|
Current Assignee
VoIP-Pal.com Inc.
|
Original Assignee
Digifonica International Limited
|
Flexible real-time inbox access | ||
Patent #
US 8,438,633 B1
Filed 12/18/2006
|
Current Assignee
Seven Networks Inc
|
Original Assignee
Seven Networks Inc
|
Publishing data in an information community | ||
Patent #
US 8,468,126 B2
Filed 12/14/2005
|
Current Assignee
Seven Networks Inc
|
Original Assignee
Seven Networks Inc
|
Distributed caching in a wireless network of content delivered for a mobile application over a long-held request | ||
Patent #
US 8,484,314 B2
Filed 10/14/2011
|
Current Assignee
Seven Networks Inc
|
Original Assignee
Seven Networks Inc
|
Provisioning applications for a mobile device | ||
Patent #
US 8,494,510 B2
Filed 12/06/2011
|
Current Assignee
Seven Networks Inc
|
Original Assignee
Seven Networks Inc
|
Emergency assistance calling for voice over IP communications systems | ||
Patent #
US 8,537,805 B2
Filed 03/20/2008
|
Current Assignee
VoIP-Pal.com Inc.
|
Original Assignee
Digifonica International Limited
|
Mobile network background traffic data management with optimized polling intervals | ||
Patent #
US 8,539,040 B2
Filed 02/28/2012
|
Current Assignee
Seven Networks Inc
|
Original Assignee
Seven Networks Inc
|
Producing routing messages for voice over IP communications | ||
Patent #
US 8,542,815 B2
Filed 11/01/2007
|
Current Assignee
VoIP-Pal.com Inc.
|
Original Assignee
Digifonica International Limited
|
Secure end-to-end transport through intermediary nodes | ||
Patent #
US 8,549,587 B2
Filed 02/14/2012
|
Current Assignee
Seven Networks Inc
|
Original Assignee
Seven Networks Inc
|
System and method for executing commands that are non-native to the native environment of a mobile device | ||
Patent #
US 8,561,086 B2
Filed 05/17/2012
|
Current Assignee
Seven Networks Inc
|
Original Assignee
Seven Networks Inc
|
Method and system for laughter detection | ||
Patent #
US 8,571,853 B2
Filed 02/11/2007
|
Current Assignee
Nice Ltd
|
Original Assignee
Nice Systems Limited
|
Electronic monitoring system and method | ||
Patent #
US 8,582,776 B2
Filed 12/15/2010
|
Current Assignee
Electronics and Telecommunications Research Institute
|
Original Assignee
Electronics and Telecommunications Research Institute
|
Systems and Methods for Protecting Communications Between Nodes | ||
Patent #
US 20130318339A1
Filed 05/24/2012
|
Current Assignee
Smart Security Systems LLC
|
Original Assignee
Patrick K. Bunday, Ken C. Tola
|
Detecting and preserving state for satisfying application requests in a distributed proxy and cache system | ||
Patent #
US 8,621,075 B2
Filed 04/27/2012
|
Current Assignee
Seven Networks Inc
|
Original Assignee
Seven Networks LLC
|
Mobile gateway | ||
Patent #
US 8,630,234 B2
Filed 07/28/2009
|
Current Assignee
VoIP-Pal.com Inc.
|
Original Assignee
Digifonica International Limited
|
Cache state management on a mobile device to preserve user experience | ||
Patent #
US 8,635,339 B2
Filed 08/22/2012
|
Current Assignee
Seven Networks Inc
|
Original Assignee
Seven Networks Inc
|
Uninterrupted transmission of internet protocol transmissions during endpoint changes | ||
Patent #
US 8,675,566 B2
Filed 09/17/2009
|
Current Assignee
VoIP-Pal.com Inc.
|
Original Assignee
Digifonica International Limited
|
Polling | ||
Patent #
US 8,693,494 B2
Filed 03/31/2008
|
Current Assignee
Seven Networks Inc
|
Original Assignee
Seven Networks Inc
|
Cache defeat detection and caching of content addressed by identifiers intended to defeat cache | ||
Patent #
US 8,700,728 B2
Filed 05/17/2012
|
Current Assignee
Seven Networks Inc
|
Original Assignee
Seven Networks Inc
|
Cross-platform event engine | ||
Patent #
US 8,209,709 B2
Filed 07/05/2010
|
Current Assignee
Seven Networks Inc
|
Original Assignee
Seven Networks Inc
|
Distributed system for cache defeat detection and caching of content addressed by identifiers intended to defeat cache | ||
Patent #
US 8,204,953 B2
Filed 11/01/2011
|
Current Assignee
Seven Networks LLC
|
Original Assignee
Seven Networks Inc
|
Automatic speech analysis | ||
Patent #
US 8,725,518 B2
Filed 04/25/2006
|
Current Assignee
Nice Ltd
|
Original Assignee
Nice Systems Limited
|
Apparatus and methods for the detection of abnormal motion in a video stream | ||
Patent #
US 8,724,891 B2
Filed 08/31/2004
|
Current Assignee
Qognify Ltd.
|
Original Assignee
Nice Systems Limited, Ramot At TEL AVIV University Limited
|
Electronic-mail filtering for mobile devices | ||
Patent #
US 8,738,050 B2
Filed 01/07/2013
|
Current Assignee
Seven Networks Inc
|
Original Assignee
Seven Networks Inc
|
Mobile device equipped with mobile network congestion recognition to make intelligent decisions regarding connecting to an operator network | ||
Patent #
US 8,750,123 B1
Filed 07/31/2013
|
Current Assignee
Seven Networks LLC
|
Original Assignee
Seven Networks Inc
|
Maintaining an IP connection in a mobile network | ||
Patent #
US 8,761,756 B2
Filed 09/13/2012
|
Current Assignee
Seven Networks Inc
|
Original Assignee
Seven Networks International Oy
|
Integrated messaging | ||
Patent #
US 8,774,844 B2
Filed 04/08/2011
|
Current Assignee
Seven Networks Inc
|
Original Assignee
Seven Networks Inc
|
Allocating charges for communications services | ||
Patent #
US 8,774,378 B2
Filed 09/17/2013
|
Current Assignee
VoIP-Pal.com Inc.
|
Original Assignee
Digifonica International Limited
|
Dynamic bandwidth adjustment for browsing or streaming activity in a wireless network based on prediction of user behavior when interacting with mobile applications | ||
Patent #
US 8,775,631 B2
Filed 02/25/2013
|
Current Assignee
Seven Networks Inc
|
Original Assignee
Seven Networks Inc
|
Timing of keep-alive messages used in a system for mobile network resource conservation and optimization | ||
Patent #
US 8,782,222 B2
Filed 09/05/2012
|
Current Assignee
Seven Networks Inc
|
Original Assignee
Seven Networks LLC
|
Application discovery on mobile devices | ||
Patent #
US 8,787,947 B2
Filed 06/18/2008
|
Current Assignee
Seven Networks LLC
|
Original Assignee
Seven Networks Inc
|
Content delivery to a mobile device from a content service | ||
Patent #
US 8,793,305 B2
Filed 12/13/2007
|
Current Assignee
Seven Networks LLC
|
Original Assignee
Seven Networks Inc
|
Technology For Combating Mobile Phone Criminal Activity | ||
Patent #
US 20140214423A1
Filed 01/31/2013
|
Current Assignee
International Business Machines Corporation
|
Original Assignee
International Business Machines Corporation
|
System and method of a relay server for managing communications and notification between a mobile device and a web access server | ||
Patent #
US 8,799,410 B2
Filed 04/13/2011
|
Current Assignee
Seven Networks Inc
|
Original Assignee
Seven Networks Inc
|
Maintaining mobile terminal information for secure communications | ||
Patent #
US 8,805,334 B2
Filed 09/05/2008
|
Current Assignee
Seven Networks Inc
|
Original Assignee
Seven Networks Inc
|
Integrated messaging | ||
Patent #
US 8,805,425 B2
Filed 01/28/2009
|
Current Assignee
Seven Networks Inc
|
Original Assignee
Seven Networks Inc
|
Mobile device power management in data synchronization over a mobile network with or without a trigger notification | ||
Patent #
US 8,811,952 B2
Filed 05/05/2011
|
Current Assignee
Seven Networks Inc
|
Original Assignee
Seven Networks Inc
|
Method and system for management of a virtual network connection without heartbeat messages | ||
Patent #
US 8,812,695 B2
Filed 04/03/2013
|
Current Assignee
Seven Networks LLC
|
Original Assignee
Seven Networks Inc
|
System and method for tracking billing events in a mobile wireless network for a network operator | ||
Patent #
US 8,831,561 B2
Filed 04/28/2011
|
Current Assignee
Seven Networks Inc
|
Original Assignee
Seven Networks Inc
|
System and method for making requests on behalf of a mobile device based on atomic processes for mobile network traffic relief | ||
Patent #
US 8,832,228 B2
Filed 04/26/2012
|
Current Assignee
Seven Networks LLC
|
Original Assignee
Seven Networks Inc
|
Distributed caching for resource and mobile network traffic management | ||
Patent #
US 8,838,783 B2
Filed 07/05/2011
|
Current Assignee
Seven Networks LLC
|
Original Assignee
Seven Networks Inc
|
Flexible real-time inbox access | ||
Patent #
US 8,839,412 B1
Filed 09/13/2012
|
Current Assignee
Seven Networks Inc
|
Original Assignee
Seven Networks Inc
|
Web-based access to data objects | ||
Patent #
US 8,838,744 B2
Filed 01/28/2009
|
Current Assignee
Seven Networks Inc
|
Original Assignee
Seven Networks Inc
|
Mobile traffic categorization and policy for network use optimization while preserving user experience | ||
Patent #
US 8,843,153 B2
Filed 11/01/2011
|
Current Assignee
Seven Networks Inc
|
Original Assignee
Seven Networks Inc
|
System for providing policy based content service in a mobile network | ||
Patent #
US 8,849,902 B2
Filed 06/24/2011
|
Current Assignee
Seven Networks Inc
|
Original Assignee
Seven Networks Inc
|
Hierarchies and categories for management and deployment of policies for distributed wireless traffic optimization | ||
Patent #
US 8,861,354 B2
Filed 12/14/2012
|
Current Assignee
Seven Networks Inc
|
Original Assignee
Seven Networks Inc
|
Policy based content service | ||
Patent #
US 8,862,657 B2
Filed 01/25/2008
|
Current Assignee
Seven Networks Inc
|
Original Assignee
Seven Networks Inc
|
System of redundantly clustered machines to provide failover mechanisms for mobile traffic management and network resource conservation | ||
Patent #
US 8,868,753 B2
Filed 12/06/2012
|
Current Assignee
Seven Networks Inc
|
Original Assignee
Seven Networks Inc
|
Provisioning of e-mail settings for a mobile terminal | ||
Patent #
US 8,873,411 B2
Filed 01/12/2012
|
Current Assignee
Seven Networks Inc
|
Original Assignee
Seven Networks Inc
|
Signaling optimization in a wireless network for traffic utilizing proprietary and non-proprietary protocols | ||
Patent #
US 8,874,761 B2
Filed 03/15/2013
|
Current Assignee
Seven Networks Inc
|
Original Assignee
Seven Networks Inc
|
Mobile application traffic optimization | ||
Patent #
US 8,886,176 B2
Filed 07/22/2011
|
Current Assignee
Seven Networks Inc
|
Original Assignee
Seven Networks Inc
|
Optimization of resource polling intervals to satisfy mobile device requests | ||
Patent #
US 8,903,954 B2
Filed 11/22/2011
|
Current Assignee
Seven Networks Inc
|
Original Assignee
Seven Networks Inc
|
Mobile virtual network operator | ||
Patent #
US 8,909,192 B2
Filed 08/11/2011
|
Current Assignee
Seven Networks Inc
|
Original Assignee
Seven Networks Inc
|
Bandwidth measurement | ||
Patent #
US 8,909,759 B2
Filed 10/12/2009
|
Current Assignee
Seven Networks Inc
|
Original Assignee
Seven Networks Inc
|
Detection and management of user interactions with foreground applications on a mobile device in distributed caching | ||
Patent #
US 8,909,202 B2
Filed 01/07/2013
|
Current Assignee
Seven Networks Inc
|
Original Assignee
Seven Networks Inc
|
System and method for providing a network service in a distributed fashion to a mobile device | ||
Patent #
US 8,914,002 B2
Filed 08/11/2011
|
Current Assignee
Seven Networks Inc
|
Original Assignee
Seven Networks Inc
|
Optimization of mobile traffic directed to private networks and operator configurability thereof | ||
Patent #
US 8,918,503 B2
Filed 08/28/2012
|
Current Assignee
Seven Networks Inc
|
Original Assignee
Seven Networks Inc
|
Method and apparatus for intercepting events in a communication system | ||
Patent #
US RE45,348 E1
Filed 03/16/2012
|
Current Assignee
Seven Networks Inc
|
Original Assignee
Seven Networks Inc
|
Application and network-based long poll request detection and cacheability assessment therefor | ||
Patent #
US 8,966,066 B2
Filed 10/12/2012
|
Current Assignee
Seven Networks LLC
|
Original Assignee
Seven Networks Inc
|
Mobile device and method to utilize the failover mechanism for fault tolerance provided for mobile traffic management and network/device resource conservation | ||
Patent #
US 8,977,755 B2
Filed 12/06/2012
|
Current Assignee
Seven Networks Inc
|
Original Assignee
Seven Networks Inc
|
Monitoring mobile application activities for malicious traffic on a mobile device | ||
Patent #
US 8,984,581 B2
Filed 07/11/2012
|
Current Assignee
Seven Networks LLC
|
Original Assignee
Seven Networks Inc
|
Connection architecture for a mobile network | ||
Patent #
US 8,989,728 B2
Filed 09/07/2006
|
Current Assignee
Seven Networks Inc
|
Original Assignee
Seven Networks Inc
|
Predictive content delivery | ||
Patent #
US 9,002,828 B2
Filed 01/02/2009
|
Current Assignee
Seven Networks Inc
|
Original Assignee
Seven Networks Inc
|
Flexible and dynamic integration schemas of a traffic management system with various network operators for network traffic alleviation | ||
Patent #
US 9,009,250 B2
Filed 12/07/2012
|
Current Assignee
Seven Networks LLC
|
Original Assignee
Seven Networks Inc
|
Mobile network reporting and usage analytics system and method aggregated using a distributed traffic optimization system | ||
Patent #
US 9,021,021 B2
Filed 12/10/2012
|
Current Assignee
Seven Networks Inc
|
Original Assignee
Seven Networks Inc
|
3D mobile user interface with configurable workspace management | ||
Patent #
US 9,043,731 B2
Filed 03/30/2011
|
Current Assignee
Seven Networks Inc
|
Original Assignee
Seven Networks Inc
|
Mobile network traffic coordination across multiple applications | ||
Patent #
US 9,043,433 B2
Filed 05/25/2011
|
Current Assignee
Seven Networks Inc
|
Original Assignee
Seven Networks Inc
|
Intelligent rendering of information in a limited display environment | ||
Patent #
US 9,047,142 B2
Filed 12/16/2010
|
Current Assignee
Seven Networks Inc
|
Original Assignee
Seven Networks Inc
|
Mobile network traffic coordination across multiple applications | ||
Patent #
US 9,049,179 B2
Filed 01/20/2012
|
Current Assignee
Seven Networks Inc
|
Original Assignee
Seven Networks Inc
|
Location-based operations and messaging | ||
Patent #
US 9,055,102 B2
Filed 08/02/2010
|
Current Assignee
Seven Networks Inc
|
Original Assignee
Seven Networks Inc
|
Selective data compression by a distributed traffic management system to reduce mobile data traffic and signaling traffic | ||
Patent #
US 9,060,032 B2
Filed 05/09/2012
|
Current Assignee
Seven Networks Inc
|
Original Assignee
Seven Networks Inc
|
Proxy server associated with a mobile carrier for enhancing mobile traffic management in a mobile network | ||
Patent #
US 9,065,765 B2
Filed 10/08/2013
|
Current Assignee
Seven Networks LLC
|
Original Assignee
Seven Networks Inc
|
Distributed implementation of dynamic wireless traffic policy | ||
Patent #
US 9,077,630 B2
Filed 07/08/2011
|
Current Assignee
Seven Networks Inc
|
Original Assignee
Seven Networks Inc
|
Device resources sharing for network resource conservation | ||
Patent #
US 9,084,105 B2
Filed 04/19/2012
|
Current Assignee
Seven Networks Inc
|
Original Assignee
Seven Networks Inc
|
Mobile network background traffic data management | ||
Patent #
US 9,100,873 B2
Filed 09/14/2012
|
Current Assignee
Seven Networks Inc
|
Original Assignee
Seven Networks Inc
|
Managing cache to prevent overloading of a wireless network due to user activity | ||
Patent #
US 9,131,397 B2
Filed 06/06/2013
|
Current Assignee
Seven Networks Inc
|
Original Assignee
Seven Networks Inc
|
Determining a time to permit a communications session to be conducted | ||
Patent #
US 9,137,385 B2
Filed 09/17/2013
|
Current Assignee
VoIP-Pal.com Inc.
|
Original Assignee
Digifonica International Limited
|
Intercepting voice over IP communications and other data communications | ||
Patent #
US 9,143,608 B2
Filed 04/15/2013
|
Current Assignee
VoIP-Pal.com Inc.
|
Original Assignee
Digifonica International Limited
|
Uninterrupted transmission of internet protocol transmissions during endpoint changes | ||
Patent #
US 9,154,417 B2
Filed 11/27/2013
|
Current Assignee
VoIP-Pal.com Inc.
|
Original Assignee
Digifonica International Limited
|
Optimized and selective management of policy deployment to mobile clients in a congested network to prevent further aggravation of network congestion | ||
Patent #
US 9,161,258 B2
Filed 03/15/2013
|
Current Assignee
Seven Networks LLC
|
Original Assignee
Seven Networks LLC
|
Radio-awareness of mobile device for sending server-side control signals using a wireless network optimized transport protocol | ||
Patent #
US 9,173,128 B2
Filed 03/06/2013
|
Current Assignee
Seven Networks Inc
|
Original Assignee
Seven Networks LLC
|
Producing routing messages for voice over IP communications | ||
Patent #
US 9,179,005 B2
Filed 08/13/2013
|
Current Assignee
VoIP-Pal.com Inc.
|
Original Assignee
Digifonica International Limited
|
Dynamic categorization of applications for network access in a mobile network | ||
Patent #
US 9,203,864 B2
Filed 02/04/2013
|
Current Assignee
Seven Networks LLC
|
Original Assignee
Seven Networks LLC
|
Mobile device having content caching mechanisms integrated with a network operator for traffic alleviation in a wireless network and methods therefor | ||
Patent #
US 9,208,123 B2
Filed 12/07/2012
|
Current Assignee
Seven Networks LLC
|
Original Assignee
Seven Networks LLC
|
Mobile device with application or context aware fast dormancy | ||
Patent #
US 9,241,314 B2
Filed 03/15/2013
|
Current Assignee
Seven Networks LLC
|
Original Assignee
Seven Networks LLC
|
Automatic generation and distribution of policy information regarding malicious mobile traffic in a wireless network | ||
Patent #
US 9,239,800 B2
Filed 07/11/2012
|
Current Assignee
Seven Networks LLC
|
Original Assignee
Seven Networks LLC
|
Extending user relationships | ||
Patent #
US 9,251,193 B2
Filed 10/28/2007
|
Current Assignee
Seven Networks Inc
|
Original Assignee
Seven Networks LLC
|
Technology for combating mobile phone criminal activity | ||
Patent #
US 9,264,532 B2
Filed 01/31/2013
|
Current Assignee
International Business Machines Corporation
|
Original Assignee
International Business Machines Corporation
|
Application or context aware fast dormancy | ||
Patent #
US 9,271,238 B2
Filed 03/15/2013
|
Current Assignee
Seven Networks LLC
|
Original Assignee
Seven Networks LLC
|
Request and response characteristics based adaptation of distributed caching in a mobile network | ||
Patent #
US 9,275,163 B2
Filed 10/17/2011
|
Current Assignee
Seven Networks Inc
|
Original Assignee
Seven Networks LLC
|
Radio-awareness of mobile device for sending server-side control signals using a wireless network optimized transport protocol | ||
Patent #
US 9,277,443 B2
Filed 12/07/2012
|
Current Assignee
Seven Networks Inc
|
Original Assignee
Seven Networks LLC
|
System and method for a mobile device to use physical storage of another device for caching | ||
Patent #
US 9,300,719 B2
Filed 01/14/2013
|
Current Assignee
Seven Networks Inc
|
Original Assignee
Seven Networks Inc
|
Systems and methods for application management of mobile device radio state promotion and demotion | ||
Patent #
US 9,307,493 B2
Filed 03/15/2013
|
Current Assignee
Seven Networks Inc
|
Original Assignee
Seven Networks LLC
|
System and method for reduction of mobile network traffic used for domain name system (DNS) queries | ||
Patent #
US 9,325,662 B2
Filed 01/09/2012
|
Current Assignee
Seven Networks Inc
|
Original Assignee
Seven Networks LLC
|
Systems and methods for protecting communications between nodes | ||
Patent #
US 9,325,676 B2
Filed 05/24/2012
|
Current Assignee
Smart Security Systems LLC
|
Original Assignee
IP Ghoster Inc.
|
User as an end point for profiling and optimizing the delivery of content and data in a wireless network | ||
Patent #
US 9,326,189 B2
Filed 02/04/2013
|
Current Assignee
Seven Networks LLC
|
Original Assignee
Seven Networks LLC
|
Wireless traffic management system cache optimization using http headers | ||
Patent #
US 9,330,196 B2
Filed 06/14/2012
|
Current Assignee
Seven Networks LLC
|
Original Assignee
Seven Networks LLC
|
Mobile application traffic optimization | ||
Patent #
US 9,407,713 B2
Filed 01/16/2012
|
Current Assignee
Seven Networks Inc
|
Original Assignee
Seven Networks LLC
|
Method and apparatus for providing service provider-controlled communication security | ||
Patent #
US 9,450,752 B2
Filed 06/10/2011
|
Current Assignee
Nokia Technologies Oy
|
Original Assignee
Nokia Technologies Oy
|
Producing routing messages for voice over IP communications | ||
Patent #
US 9,537,762 B2
Filed 10/07/2015
|
Current Assignee
VoIP-Pal.com Inc.
|
Original Assignee
VoIP-Pal.com Inc.
|
Intercepting voice over IP communications and other data communications | ||
Patent #
US 9,549,071 B2
Filed 07/17/2015
|
Current Assignee
VoIP-Pal.com Inc.
|
Original Assignee
VoIP-Pal.com Inc.
|
Emergency assistance calling for voice over IP communications systems | ||
Patent #
US 9,565,307 B2
Filed 08/15/2013
|
Current Assignee
VoIP-Pal.com Inc.
|
Original Assignee
VoIP-Pal.com Inc.
|
Apparatus, system and method for dispute resolution, regulation compliance and quality management in financial institutions | ||
Patent #
US 9,712,665 B2
Filed 04/09/2003
|
Current Assignee
Nice Ltd
|
Original Assignee
Nice Ltd
|
Mobile device configured for communicating with another mobile device associated with an associated user | ||
Patent #
US 9,712,986 B2
Filed 03/22/2012
|
Current Assignee
Seven Networks Inc
|
Original Assignee
Seven Networks LLC
|
Producing routing messages for voice over IP communications | ||
Patent #
US 9,813,330 B2
Filed 12/30/2016
|
Current Assignee
VoIP-Pal.com Inc.
|
Original Assignee
VoIP-Pal.com Inc.
|
Producing routing messages for voice over IP communications | ||
Patent #
US 9,826,002 B2
Filed 01/12/2017
|
Current Assignee
VoIP-Pal.com Inc.
|
Original Assignee
VoIP-Pal.com Inc.
|
Operation modes for mobile traffic optimization and concurrent management of optimized and non-optimized traffic | ||
Patent #
US 9,832,095 B2
Filed 12/14/2012
|
Current Assignee
Seven Networks LLC
|
Original Assignee
Seven Networks LLC
|
Producing routing messages for voice over IP communications | ||
Patent #
US 9,935,872 B2
Filed 10/11/2017
|
Current Assignee
VoIP-Pal.com Inc.
|
Original Assignee
VoIP-Pal.com Inc.
|
Producing routing messages for voice over IP communications | ||
Patent #
US 9,948,549 B2
Filed 10/19/2017
|
Current Assignee
VoIP-Pal.com Inc.
|
Original Assignee
VoIP-Pal.com Inc.
|
Systems and methods for protecting communications between nodes | ||
Patent #
US 9,992,180 B2
Filed 04/22/2016
|
Current Assignee
Smart Security Systems LLC
|
Original Assignee
Smart Security Systems LLC
|
Allocating charges for communications services | ||
Patent #
US 9,998,363 B2
Filed 07/07/2014
|
Current Assignee
VoIP-Pal.com Inc.
|
Original Assignee
VoIP-Pal.com Inc.
|
Apparatus and methods for the semi-automatic tracking and examining of an object or an event in a monitored site | ||
Patent #
US 10,019,877 B2
Filed 04/03/2005
|
Current Assignee
Qognify Ltd.
|
Original Assignee
Qognify Ltd.
|
Uninterrupted transmission of internet protocol transmissions during endpoint changes | ||
Patent #
US 10,021,729 B2
Filed 07/17/2015
|
Current Assignee
VoIP-Pal.com Inc.
|
Original Assignee
VoIP-Pal.com Inc.
|
Intercepting voice over IP communications and other data communications | ||
Patent #
US 10,038,779 B2
Filed 12/20/2016
|
Current Assignee
VoIP-Pal.com Inc.
|
Original Assignee
VoIP-Pal.com Inc.
|
Producing routing messages for voice over IP communications | ||
Patent #
US 10,218,606 B2
Filed 03/30/2018
|
Current Assignee
VoIP-Pal.com Inc.
|
Original Assignee
VoIP-Pal.com Inc.
|
Enhanced customer service for mobile carriers using real-time and historical mobile application and traffic or optimization data associated with mobile devices in a mobile network | ||
Patent #
US 10,263,899 B2
Filed 04/10/2013
|
Current Assignee
Seven Networks Inc
|
Original Assignee
Seven Networks LLC
|
Systems and methods for secure communications using organically derived synchronized encryption processes | ||
Patent #
US 10,263,777 B2
Filed 09/16/2016
|
Current Assignee
Olympus Sky Technologies S.A.
|
Original Assignee
Olympus Sky Technologies S.A.
|
Systems and methods for protecting communications | ||
Patent #
US 10,382,595 B2
Filed 01/29/2015
|
Current Assignee
Smart Security Systems LLC
|
Original Assignee
Smart Security Systems LLC
|
Systems and methods for protecting communications between nodes | ||
Patent #
US 10,637,839 B2
Filed 06/01/2018
|
Current Assignee
Smart Security Systems LLC
|
Original Assignee
Smart Security Systems LLC
|
System and method for protecting communications | ||
Patent #
US 10,778,659 B2
Filed 05/30/2018
|
Current Assignee
Smart Security Systems LLC
|
Original Assignee
Smart Security Systems LLC
|
Mobile gateway | ||
Patent #
US 10,880,721 B2
Filed 09/24/2013
|
Current Assignee
VoIP-Pal.com Inc.
|
Original Assignee
VoIP-Pal.com Inc.
|
Electronic document delivery system in which notification of said electronic document is sent to a recipient thereof | ||
Patent #
US 5,790,790 A
Filed 10/24/1996
|
Current Assignee
Axway Incorporated
|
Original Assignee
Tumbleweed Software Corporation
|
Enterprise connectivity to handheld devices | ||
Patent #
US 5,857,201 A
Filed 06/18/1996
|
Current Assignee
Good Technology Corporation
|
Original Assignee
Wright Strategies Inc.
|
System and method for using a workspace data manager to access, manipulate and synchronize network data | ||
Patent #
US 6,151,606 A
Filed 01/16/1998
|
Current Assignee
Blackberry Limited
|
Original Assignee
Good Technology Corporation
|
System and method for database synchronization | ||
Patent #
US 5,758,150 A
Filed 10/06/1995
|
Current Assignee
Tele-Communications Inc.
|
Original Assignee
Tele-Communications Inc.
|
Synchronization of mailboxes of different types | ||
Patent #
US 5,647,002 A
Filed 09/01/1995
|
Current Assignee
Avaya Incorporated
|
Original Assignee
Lucent Technologies Inc.
|
Method and apparatus for dynamic update of an existing object in an object editor | ||
Patent #
US 5,652,884 A
Filed 11/14/1994
|
Current Assignee
Apple Inc.
|
Original Assignee
Object Technology Licensing Corporation
|
System and method for using a global translator to synchronize workspace elements across a network | ||
Patent #
US 6,023,708 A
Filed 05/29/1997
|
Current Assignee
Good Technology Corporation
|
Original Assignee
Good Technology Corporation
|
System and method for globally and securely accessing unified information in a computer network | ||
Patent #
US 6,708,221 B1
Filed 09/20/2000
|
Current Assignee
Good Technology Corporation
|
Original Assignee
Good Technology Corporation
|
Automatic update of file versions for files shared by several computers which record in respective file directories temporal information for indicating when the files have been created | ||
Patent #
US 5,909,689 A
Filed 09/18/1997
|
Current Assignee
Sony Electronics Inc., Sony Corporation
|
Original Assignee
Sony Electronics Inc., Sony Corporation
|
Synchronizing databases | ||
Patent #
US 6,799,190 B1
Filed 04/11/2002
|
Current Assignee
Intellisync Corporation
|
Original Assignee
Intellisync Corporation
|
Enterprise connectivity to handheld devices | ||
Patent #
US 6,324,542 B1
Filed 12/23/1998
|
Current Assignee
Good Technology Corporation
|
Original Assignee
Wright Strategies Inc.
|
System and method for securely synchronizing multiple copies of a workspace element in a network | ||
Patent #
US 5,968,131 A
Filed 10/26/1998
|
Current Assignee
FB Commercial Finance Inc.
|
Original Assignee
Roampage Inc.
|
System and method for installing and using a temporary certificate at a remote site | ||
Patent #
US 6,233,341 B1
Filed 05/19/1998
|
Current Assignee
Blackberry Limited
|
Original Assignee
Good Technology Corporation
|
System and method for synchronizing electronic mail between a client site and a central site | ||
Patent #
US 5,961,590 A
Filed 07/22/1997
|
Current Assignee
Good Technology Corporation
|
Original Assignee
Roampage Inc.
|
Internet-enabled portfolio manager system and method | ||
Patent #
US 5,706,502 A
Filed 03/26/1996
|
Current Assignee
Oracle America Inc.
|
Original Assignee
Sun Microsystems Incorporated
|
Dynamic hypertext link converter system and process | ||
Patent #
US 5,745,360 A
Filed 08/14/1995
|
Current Assignee
International Business Machines Corporation
|
Original Assignee
International Business Machines Corporation
|
System and method for using cached data at a local node after re-opening a file at a remote node in a distributed networking environment | ||
Patent #
US 4,897,781 A
Filed 02/13/1987
|
Current Assignee
International Business Machines Corporation
|
Original Assignee
International Business Machines Corporation
|
Lawful interception of end-to-end encrypted data traffic | ||
Patent #
US 20050063544A1
Filed 12/06/2002
|
Current Assignee
Telefonaktiebolaget LM Ericsson
|
Original Assignee
Telefonaktiebolaget LM Ericsson
|
Methods and systems for monitoring user, application or device activity | ||
Patent #
US 20050183143A1
Filed 02/13/2004
|
Current Assignee
Sergeant Laboratories Inc.
|
Original Assignee
Sergeant Laboratories Inc.
|
Controllable telecommunications switch reporting compatible with voice grade lines | ||
Patent #
US 20040179513A1
Filed 03/14/2003
|
Current Assignee
Lucent Technologies Inc.
|
Original Assignee
GOVERNMENT OF THE UNITED STATES OF AMERICA FEDERAL BUREAU OF INVESTIGATION, GOVERNMENT OF THE UNITED STATES OF AMERICA FEDERAL BUREAU OF INVESTIGATION
|
Method and system for lawful interception of packet switched network services | ||
Patent #
US 20040255126A1
Filed 06/05/2003
|
Current Assignee
RPX Clearinghouse LLC
|
Original Assignee
Nortel Networks Limited
|
Interception method and system | ||
Patent #
US 20020078384A1
Filed 07/10/2001
|
Current Assignee
Nokia Networks
|
Original Assignee
Nokia Networks
|
Distributed synchronization of databases | ||
Patent #
US 6,223,187 B1
Filed 11/30/1999
|
Current Assignee
Intellisync Corporation
|
Original Assignee
Puma Technology Inc.
|
Synchronization of databases using filters | ||
Patent #
US 6,212,529 B1
Filed 03/05/1998
|
Current Assignee
Intellisync Corporation
|
Original Assignee
Puma Technology Inc.
|
Secure electronic transactions using a trusted intermediary with non-repudiation of receipt and contents of message | ||
Patent #
US 20010037453A1
Filed 06/27/2001
|
Current Assignee
Michael Robert Cantone, Douglas Scott Shoupp, Todd Jay Mitty, Chen Hui Wang
|
Original Assignee
Michael Robert Cantone, Douglas Scott Shoupp, Todd Jay Mitty, Chen Hui Wang
|
Using distributed history files in synchronizing databases | ||
Patent #
US 6,044,381 A
Filed 09/11/1997
|
Current Assignee
Intellisync Corporation
|
Original Assignee
Puma Technology Inc.
|
System and method for securely synchronizing multiple copies of a workspace element in a network | ||
Patent #
US 6,085,192 A
Filed 04/11/1997
|
Current Assignee
Good Technology Corporation
|
Original Assignee
Roampage Inc.
|
Synchronization of databases with date range | ||
Patent #
US 6,141,664 A
Filed 11/13/1996
|
Current Assignee
Intellisync Corporation
|
Original Assignee
Puma Technology Inc.
|
System and method for globally accessing computer services | ||
Patent #
US 6,131,116 A
Filed 12/13/1996
|
Current Assignee
Good Technology Corporation
|
Original Assignee
Good Technology Corporation
|
Method for location based intercept in a communication system | ||
Patent #
US 6,138,013 A
Filed 02/12/1998
|
Current Assignee
CDC Propriete Intellectuelle
|
Original Assignee
Motorola Inc.
|
Field level replication method | ||
Patent #
US 6,138,124 A
Filed 06/09/1998
|
Current Assignee
International Business Machines Corporation
|
Original Assignee
International Business Machines SA
|
System for synchronizing data between computers using a before-image of data | ||
Patent #
US 5,870,759 A
Filed 10/09/1996
|
Current Assignee
Oracle International Corporation
|
Original Assignee
Oracle Corporation
|
Method and apparatus for verifiably providing key recovery information in a cryptographic system | ||
Patent #
US 5,907,618 A
Filed 01/03/1997
|
Current Assignee
International Business Machines Corporation
|
Original Assignee
International Business Machines Corporation
|
Synchronization of recurring records in incompatible databases | ||
Patent #
US 5,943,676 A
Filed 11/13/1996
|
Current Assignee
Intellisync Corporation
|
Original Assignee
Puma Technology Inc.
|
Method and apparatus using a pass through personal computer connected to both a local communication link and a computer network for indentifying and synchronizing a preferred computer with a portable computer | ||
Patent #
US 6,006,274 A
Filed 01/30/1997
|
Current Assignee
Access Company Limited
|
Original Assignee
3Com Corporation
|
Iconic access to remote electronic monochrome raster data format document repository | ||
Patent #
US 5,713,019 A
Filed 10/26/1995
|
Current Assignee
Timothy M. Keaten
|
Original Assignee
Timothy M. Keaten
|
Method for distributed task fulfillment of web browser requests | ||
Patent #
US 5,710,918 A
Filed 06/07/1995
|
Current Assignee
Google LLC
|
Original Assignee
International Business Machines Corporation
|
System for controlling the distribution and use of digital works having attached usage rights where the usage rights are defined by a usage rights grammar | ||
Patent #
US 5,715,403 A
Filed 11/23/1994
|
Current Assignee
ContentGuard Holdings Inc.
|
Original Assignee
Xerox Corporation
|
System and method for hierarchical data distribution | ||
Patent #
US 5,721,914 A
Filed 09/14/1995
|
Current Assignee
Verizon Patent and Licensing Incorporated
|
Original Assignee
MCI Incorporated
|
Information catalog system with object-dependent functionality | ||
Patent #
US 5,717,925 A
Filed 06/05/1996
|
Current Assignee
International Business Machines Corporation
|
Original Assignee
International Business Machines Corporation
|
Computer network for WWW server data access over internet | ||
Patent #
US 5,721,908 A
Filed 06/07/1995
|
Current Assignee
Google LLC
|
Original Assignee
International Business Machines Corporation
|
Method and apparatus for synchronizing information on two different computer systems | ||
Patent #
US 5,727,202 A
Filed 10/18/1995
|
Current Assignee
Access Company Limited
|
Original Assignee
Palm Inc.
|
Remote database file synchronizer | ||
Patent #
US 5,729,735 A
Filed 02/08/1995
|
Current Assignee
Samuel C. Meyering
|
Original Assignee
Samuel C. Meyering
|
Catalyst deterioration detection device for internal combustion engine | ||
Patent #
US 5,737,916 A
Filed 10/24/1996
|
Current Assignee
Ibaraki Toyota Jidosha Kabushiki Kaisha
|
Original Assignee
Ibaraki Toyota Jidosha Kabushiki Kaisha
|
Application independent e-mail synchronization | ||
Patent #
US 5,758,354 A
Filed 12/28/1995
|
Current Assignee
Intel Corporation
|
Original Assignee
Intel Corporation
|
Converting representations of year | ||
Patent #
US 5,758,346 A
Filed 01/29/1997
|
Current Assignee
Ent Services Development Corporation LP
|
Original Assignee
Electronic Data Systems Corporation
|
Service agent for fulfilling requests of a web browser | ||
Patent #
US 5,752,246 A
Filed 06/07/1995
|
Current Assignee
Google LLC
|
Original Assignee
International Business Machines Corporation
|
Method of replicating data at a field level | ||
Patent #
US 5,787,441 A
Filed 01/11/1996
|
Current Assignee
International Business Machines Corporation
|
Original Assignee
International Business Machines Corporation
|
Method and apparatus for collecting and displaying information from diverse computer resources | ||
Patent #
US 5,799,318 A
Filed 08/08/1996
|
Current Assignee
Oracle International Corporation
|
Original Assignee
FIRSTFLOOR SOFTWARE
|
Distributed control interface for managing the interoperability and concurrency of agents and resources in a real-time environment | ||
Patent #
US 5,832,483 A
Filed 12/13/1996
|
Current Assignee
Emc IP Holding Company LLC
|
Original Assignee
Novell Incorporated
|
Method and apparatus for reconciling different versions of a file | ||
Patent #
US 5,600,834 A
Filed 04/05/1995
|
Current Assignee
Binary Services LLC
|
Original Assignee
Mitsubishi Electric Information Technology Center America Inc.
|
Tokenless identification system for authorization of electronic transactions and electronic transmissions | ||
Patent #
US 5,613,012 A
Filed 05/17/1995
|
Current Assignee
YT Acquisition Corp.
|
Original Assignee
Smarttouch Incorporated
|
Apparatus and method for providing a secure gateway for communication and data exchanges between networks | ||
Patent #
US 5,623,601 A
Filed 11/21/1994
|
Current Assignee
RPX Corporation
|
Original Assignee
MILKWAY NETWORKS CORPORATION
|
Connection resource manager displaying link-status information using a traffic light iconic representation | ||
Patent #
US 5,630,081 A
Filed 09/07/1995
|
Current Assignee
Intellisync Corporation
|
Original Assignee
Puma Technology Inc.
|
Automatic networked facsimile queuing system | ||
Patent #
US 5,627,658 A
Filed 12/14/1994
|
Current Assignee
Xerox Corporation
|
Original Assignee
Xerox Corporation
|
Federated information management (FIM) system and method for providing data site filtering and translation for heterogeneous databases | ||
Patent #
US 5,634,053 A
Filed 08/29/1995
|
Current Assignee
Raytheon Company
|
Original Assignee
Hughes Aircraft Company
|
Method for mapping, translating, and dynamically reconciling data between disparate computer platforms | ||
Patent #
US 5,666,553 A
Filed 07/22/1994
|
Current Assignee
Intellisync Corporation
|
Original Assignee
Puma Technology Inc.
|
Method and apparatus for synchronizing data in a host memory with data in target MCU memory | ||
Patent #
US 5,680,542 A
Filed 06/07/1995
|
Current Assignee
Motorola Inc.
|
Original Assignee
Motorola Inc.
|
Databank system with methods for efficiently storing non-uniform data records | ||
Patent #
US 5,682,524 A
Filed 05/26/1995
|
Current Assignee
Intellisync Corporation
|
Original Assignee
Starfish Software Inc.
|
Synchronization of disparate databases | ||
Patent #
US 5,684,990 A
Filed 01/11/1995
|
Current Assignee
Intellisync Corporation
|
Original Assignee
Puma Technology Inc.
|
Method for mapping, translating, and dynamically reconciling data between disparate computer platforms | ||
Patent #
US 5,701,423 A
Filed 04/07/1994
|
Current Assignee
Intellisync Corporation
|
Original Assignee
Puma Technology Inc.
|
System and method for completing an electronic form | ||
Patent #
US 5,704,029 A
Filed 05/23/1994
|
Current Assignee
Seven Networks LLC
|
Original Assignee
Wright Strategies Inc.
|
Web browser with dynamic display of information objects during linking | ||
Patent #
US 5,572,643 A
Filed 10/19/1995
|
Current Assignee
AOL Inc.
|
Original Assignee
David H. Judson
|
System and method for maintaining codes among distributed databases using a global database | ||
Patent #
US 5,581,749 A
Filed 12/21/1992
|
Current Assignee
The Dow Chemical Company
|
Original Assignee
THEDOW CHEMICAL COMPANY
|
Conversion of data and objects across classes in an object management system | ||
Patent #
US 5,386,564 A
Filed 02/24/1993
|
Current Assignee
HP Inc.
|
Original Assignee
HP Inc.
|
Method for mapping, translating, and dynamically reconciling data between disparate computer platforms | ||
Patent #
US 5,392,390 A
Filed 04/10/1992
|
Current Assignee
Intellisync Corporation
|
Original Assignee
IntelliLink Corp
|
Method and system for providing user access control within a distributed data processing system by the exchange of access control profiles | ||
Patent #
US 5,263,157 A
Filed 02/15/1990
|
Current Assignee
International Business Machines Corporation
|
Original Assignee
International Business Machines Corporation
|
Database access machine for factory automation network | ||
Patent #
US 4,831,582 A
Filed 11/07/1986
|
Current Assignee
Allen-Bradley Company
|
Original Assignee
Allen-Bradley Company
|
Version management system using plural control fields for synchronizing two versions of files in a multiprocessor system | ||
Patent #
US 4,875,159 A
Filed 12/22/1987
|
Current Assignee
Amdahl Corporation
|
Original Assignee
Amdahl Corporation
|
34 Claims
-
1. A communication management device, comprising:
a processor configured to operate as a legal intercept for intercepting data associated with a target user pursuant to a legal warrant. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
14. A method for intercepting data, comprising:
-
receiving a warrant identifier for a warrant authorizing a legal intercept;
receiving a user identifier identifying an intercept target for the legal intercept associated with the warrant; and
automatically intercepting data received and/or sent by the intercept target identified by the user identifier. - View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22, 23)
-
-
24. A communication management system, comprising:
-
a management server used for managing communications between a computer in an enterprise or local network and a mobile device;
the management server configurable to operate as an interception device for intercepting the communications between the computer and the mobile device pursuant to a warrant from an enforcement agency. - View Dependent Claims (25, 26, 27, 28)
-
-
29. A communication management system, comprising:
-
a processor configured to operate as a legal intercept for intercepting data associated with a target user pursuant to a legal warrant, the processor configured to identify a first unencrypted portion of the intercepted data and identify a second encrypted portion of the intercepted data encrypted using an unknown security association, and the processor further configured to store the first portion of the intercepted data into a log file and combine the encrypted second portion of the intercepted data with the first portion of the intercepted data in the same log file. - View Dependent Claims (30, 31, 32, 33, 34)
-
1 Specification
Wireless digital communication systems wirelessly transport electronic mail (email), text messages, text files, images, Voice Over Internet Protocol (VoIP) data, and any other types of digital data and communications to wireless devices. Wireless communication system providers are facing the prospects of having to comply with a variety of legal-intercept (wiretap) requirements. Authorization for a legal intercept may include warrants for “wiretap/interception”, “search and seizure”, or both. For example, the requirements outlined in CALEA (US Communications Assistance for Law Enforcement Act of 1994, http://www.askcalea.net/) may have to be met by any proposed solution. In another example, the requirements outlined by the Australian Communications Authority (http://www.aca.gov.au) in the Australia Telecommunications Act of 1997 may have to be met by any proposed solution.
There are several technical challenges complying with these legal intercept requirements that may not exist in conventional telephone systems. For example, the intercepted data may be encrypted. The wireless network provider must be able to intercept the encrypted data, and any other non-encrypted information, without tipping off the intercept target that the wiretap is taking place.
The wiretap warrant may require the communication system provider to provide any intercepted information in substantially real-time or may require the communication system provider to intercept and store communications in an automated manner for later retrieval and analysis by the law enforcement agency. Evidentiary problems exist with information intercepted outside the presence and control of the enforcement agency. For example, the intercepted communications could be either intentionally or inadvertently deleted. A system malfunction could also prevent some communications from being intercepted. There is also the evidentiary issue of whether or not someone has tampered with the intercepted information. It may also be necessary to prevent technicians operating the communication system from accessing or viewing the intercepted information.
The invention addresses these and other problems with the present technology.
An intercept system provides more effective and more efficient compliance with legal intercept warrants. The intercept system can provide any combination of operations that include near-real-time intercept, capture of intercepted data in structured authenticated form, clear text intercept for communications where there is access to encryption keys, cipher text intercept for communications where there is no access to encryption keys, provision of transactional logs to the authorized agency, interception without altering the operation of the target services, and encryption of stored intercepted information.
The foregoing and other objects, features and advantages of the invention will become more readily apparent from the following detailed description of a preferred embodiment of the invention which proceeds with reference to the accompanying drawings.
In the description below, an intercept event refers to an event where an agency issues a warrant requesting data interception for a targeted user. A targeted user is identified by a unique label, such as a username or account number, that corresponds to a user who is under intercept. A communication event, transaction, or intercept data is any message either sent or received by the targeted user. The intercept data can include synchronization messages, email data, calendars, contacts, tasks, notes, electronic documents, files or any other type of data passing through the communication management system.
Communication Management System
The communication system 12 in one implementation is used for intercepting data pursuant to legal search warrants. For example, a law enforcement agency may require the operator of communication system 12 to intercept all messages sent to and from a mobile device 21. It should be understood that this is just one example of a communication system 12 and that the legal intercept system described in more detail below can operate with any communication network that is required to provide legal interception.
The communication system 12 includes a mobile network 14, an enterprise network 18, and a communication management system 16 that manages communications between the mobile network 14 and the enterprise network 18. The mobile network 14 includes mobile devices 21 that communicate with an IP infrastructure through a wireless or landline service provider. Since mobile networks 14 are well known, they are not described in further detail.
The enterprise network 18 can be any business network, individual user network, or local computer system that maintains local email or other data for one or more users. In the embodiment shown in
The PC 38 is connected to the server 34 over a Local Area Network (LAN) 35. The PC 38 includes memory (not shown) for storing local files that may include personal email data as well as any other types of electronic documents. Personal client software 40 is executed by a processor 37 in the PC 38. The personal client 40 enables the mobile device 21 to access email, calendars, and contact information as well as local files in enterprise network 18 associated with PC 38.
The communication management system 16 includes one or more management servers 28 that each include a processor 33. The processor 33 operates a transfer agent 31 that manages the transactions between the mobile device 21 and the enterprise network 18. A user database 42 includes configuration information for different users of the mobile communication service. For example, the user database 42 may include login data for mobile device 21.
While referred to as a communication management system 16 and management server 28, this can be any intermediary system that includes one or more intermediary servers that operate between the mobile network 14 and the enterprise or private network 18. For example, a separate Smart Device Server (SDS) 30 may be used in management system 16 for handling communications with mobile devices in mobile network 14. Correspondingly, a SEVEN Connection Server (SCS) 32 may be used for handling communications with personal clients in enterprise networks 18.
Legal Interception
A Legal Intercept (LI) software module 50 is operated by the processor 33 and communicates with the transfer agent 31 in order to capture intercept data 49 associated with targeted user 51B. An operator sets up a configuration file 51 that is then used by the legal intercept module to automatically intercept communications for a particular target user and then format the intercepted communications into self authenticating log files.
An operator runs a toolkit utility 54 from a computer terminal 52 to configure the management server 28 for capturing intercept data 49. The toolkit utility 54 is used for creating and loading the configuration file 51 into memory in management server 28 and can also display detected intercept data 49. To initiate an intercept, an entry is loaded into the configuration file 51. To stop capturing intercept data 49, the system administrator deletes the entry or configuration file 51 from memory. Changes to the configuration file 51 of management server 28 may be automatically replicated to other management servers that are part of the communication management system 16. The toolkit utility 54 may have tightly controlled access that only allows operation by a user with an authorized login and password.
The toolkit 54 allows the operator to view, add, modify, and delete a warrant sequence number 51A, user identifier (ID) 51B, and encryption key 57 in the configuration file 51. The warrant identifier may be the actual sequence number for a wiretap or search warrant issued by a court of law and presented to the operator of communication management system 16 by a federal, state, or municipal government agency. The user ID 51B for example may be an identifier used by communication management system 16 to uniquely identify different mobile clients 21.
The public encryption key 57 may be the public key component of a public/private key pair, such as a Pretty Good Privacy (PGP) or GNU Privacy Guard (GPG) public key, for encrypting the intercept data 49. In one embodiment, the legal intercept module 50 may not allow the management server 28 to start an interception process until a valid public key 57 is loaded into configuration file 51. This ensures that the intercepted data 49 can be immediately encrypted while being formatted into a log file 56. If this encryption fails for any reason, the legal intercept module 50 may shut down the intercept process ensuring that no intercept data 49 is stored in the clear.
The configuration file 51 may also include one or more entries defining a transport protocol, destination, and associated configuration values for the transmission of intercepted data via a network. In one embodiment, this could include a destination email address associated with a Simple Mail Transfer Protocol (SMTP) host and port number or other Internet Protocol (IP) destination address that is used by the legal intercept module 50 to automatically transmit the intercept data 49 to mail box 77 on a remote server 76 that is accessible by the agency issuing the warrant.
After the configuration file 51 is enabled, the legal intercept module 51 starts intercepting data 49 associated with the targeted user identified by user ID 51B. As mentioned above, this can include any emails, calendar information, contacts, tasks, notes, electronic documents, files or any other type of control or content data associated with user ID 51B. The intercepted data can include any type of communications such as email sent or received, calendar items sent or received, and other data sent/received by and from the targeted smart device 21. The captured intercept data 49 may then be encrypted using the encryption key 57 contained in the configuration file 51. The encrypted copy of the captured intercept data 49 may then be formatted and written to log file 56.
Data Delivery
The legal intercept module 50 running on each management server 28 may periodically poll the directory or location containing the encrypted intercept log files 56 for each user ID under intercept for the presence of new files or data. The poll period in one example is approximately every minute. Of course this is only one example and any user configurable time period can be used. New intercept data 49 which has been stored in one or more log files 56 and identified by the legal intercept module 50 during the polling process may be automatically reprocessed and/or transmitted according to the specification in configuration file 51. As an alternative to storing encrypted intercept data 49 in log file 56 on a file system, intercept data may be stored in database 42. Also, as shown in
In one implementation, an official from the agency physically sits at terminal 52 at the location of communication management system 16. The agency official then reads the log files 56 in semi-real-time as the intercept events 49 are being detected in the management server 49. The agency official then uses terminal 52 to store or copy the log files 56 onto a portable storage medium, such as a Compact Disc (CD), memory stick, etc. In this implementation, the legal intercept log files 56 may not reside in user database 42 at all, or may only reside in database 42 for some relatively brief period of time while being transferred onto the portable storage media.
A copy of the log files may be stored onto the portable storage medium while the same log files remain in the communication management system 16. The copy of the log files in the management system 16 could then be used, if necessary, for evidentiary purposes when admitting the copy under control of the agency official into evidence.
In an alternative implementation, the legal intercept module 50 may automatically send the log files 56 for the intercepted events to an email mailbox 77 operated in a remote server 76. The remote server 76 may be located in a wireless service provider network or may be located at the facilities of the enforcement agency issuing the warrant. In this implementation, a terminal 72 at the remote location 70 may include a toolkit utility 54 that has some of the same functionality as toolkit 54. The utility 54 only allows authorized users to decrypt and access the log files 56 received from communication management system 16.
For example, the toolkit utility 54 may include public and private PGP or GPG encryption keys 57 and 55, respectively, that are associated with the public encryption key 57 previously loaded into configuration file 51. Only personnel having authorized access to the toolkit 54 can decrypt and read the log files 56 previously generated and encrypted by legal intercept module 50. This provides additional privacy of the intercept data 49 from technical personnel of the communication management system 16 that may not be authorized to view the intercept data 49.
The intercept module 50 may transfer each captured log file 56 to a SMTP email server 76 via the Simple Mail Transfer Protocol (SMTP). The SMTP server 76 stores each log file 56 in an inbox of mailbox 77. The name of the mailbox 77 may be the same as the warrant sequence number @ the agency'"'"'s domain name. For example, warrant123@LAPD.com. The warrant sequence number may correspond with the warrant identifier 51A in configuration file 51 and the domain name may correspond with the IP address 51D in configuration file 51. Once transmitted and accepted by the SMTP email server 76, the log file 56 may be automatically deleted from user database 42.
The agency issuing the warrant can retrieve the captured log files 56 in remote server 76 for a particular user ID under interception using for example the Post Office Protocol (POPv3). The agency is given the name of email server 76, POP and SMTP port numbers, the mailbox id (warrant sequence number 51) and a password to access the mailbox 77. The agency then retrieves log files 56 in mailbox 77 using POP. Once a file is downloaded from the mailbox 77 to an agency terminal 72, the log file 56 may be automatically deleted from the mailbox 77.
Log Files
Referring to
The log files 56 stored in directory 60 may indicate the number of events intercepted for the targeted device during each minute. For example, a first log file 56A is identified by the following log file name: fe0-2005/09/23-00:00.ASC, containing a single line that reads as follows: “0 events logged in the last minute”. This indicates that a management server fe0 on Sep. 23rd, 2005, at 12:00 midnight logged zero intercept events for a particular user ID during the specified time period. A second log file 56B is named to identify a next minute of the intercept period and indicates that between 12:00 A.M and 12:01 A.M, on the same day, no intercept events were logged.
The first detected intercept events for this particular user ID for this particular day were detected in log file 56C identified by the log file name: fe0-2005/09/23-00:02.ASC, the first and/or last line of which reads “3 events logged in the last minute”. Log file 56C indicates that 3 intercept events were detected on Sep. 23rd, 2005, between 12:01 A.M. and 12:02 A.M. The legal intercept 50 generates this contiguous set of log files 56 that cover each minute or other configured interval of the intercept period.
The legal intercept 50 may also load a first entry into the log file directory 60 that lists the warrant id 51A, PGP key 57, etc. The legal intercept 50 may also generate a log file 56 that indicates any management server status-change events. For example, if the management server 28 conducts a graceful shutdown, a log file 56 may be generated that indicates when the shut down occurred and possibly the cause of the shutdown.
This highly structured log file format provides the agency official a quick indicator of when intercept events are detected for a particular target user. Further, as shown above, the log files are created contiguously for predetermined time periods over a particular intercept period even when no intercept events are detected. This provides further verification that the legal intercept 50 was actually in operation and continuously monitoring for intercept events during the intercept period.
As described above, the log files 56 may be stored into a portable storage media that can be transported by an agency official. Alternatively, the log files 56 may be stored in the user database 42 in the communication management system 16 for later retrieval by the agency official via toolkit 54. In another implementation, the log files 56 may be sent to the mailbox 77 in a server 76 in a mobile operator infrastructure which is accessible by the agency official.
When intercept events are detected, all the intercepted data for that time period is formatted into a same log file 56 in operation 64. The log file is encrypted in operation 65 using the encryption key 57 (
When interception for a current interception period is completed, a Cyclic Redundancy Check (CRC) value, or some other type of digital certificate/signature, may be generated in operation 67. The CRC can be used to verify that the contents of intercept directory 60 have not been tampered with or deleted after their initial generation. The CRC may be encrypted in operation 68 and then separately emailed to the agency or separately stored for later validation. As discussed above, the encrypted log files may then either be emailed to a mailbox or stored locally for later retrieval by the enforcement agency.
Thus, the individual log file encryption in operation 65 ensures the authenticity of intercepted events for a particular time period and the CRC generated in operation 67 ensures that none of the individual log files have been removed or replaced.
Encrypted Intercept Data
Referring to
The mobile device 21 also negotiates a point-to-point security association, specifying a cryptographic ciphersuite and a unique encryption key 27, with the management server 28. In one example, the point-to-point encryption key 27 is also an AES encryption key. The negotiated security association that includes encryption key 27 enables secure point-to-point communication between the mobile device 21 and the management server 28 over connection 23. Each different mobile device 21 negotiates a different security association that includes a unique encryption key 27 with the management server 28.
The point-to-point encryption key 27 may be used for encrypting control data that needs to be transferred between the mobile device 21 and management server 28. The point-to-point encryption key 29 may be used for encrypting control data that needs to be transferred between the management server 28 and personal client 40. For example, the control data may include login information and transaction routing information.
An end-to-end security association, specifying a cryptographic ciphersuite and a unique encryption key 46, is negotiated between the mobile device 21 and the personal client 40. In one example, the end-to-end encryption key 46 is also an AES encryption key. The end-to-end encryption key 46 in one example is used for encrypting transaction payloads transferred between personal client 40 and mobile device 21. For example, the end-to-end encryption key 46 may be used for encrypting the content of emails, files, file path names, contacts, notes, calendars, electronic documents and any other type of data transferred between mobile device and the PC. The end-to-end encryption key 46 is only known by the mobile device 21 and the personal client 40. Data encrypted using the end-to-end key 46 cannot be decrypted by the management server 28.
Referring to
The communication management system 16 has access to the point-to-point encryption keys 27 and 29 used for encrypting the point-to-point encrypted information 49B. Therefore, the management system 16 can automatically decrypt the point-to-point encrypted information 49B before it is reformatted into log file 56.
The end-to-end encryption keys 46 are only shared between the endpoints 21 and 38 and are unknown to the communication management system 16. Therefore, the agency issuing the warrant may be required to extract the end-to-end encryption keys 46 either at the mobile device 21 or at the enterprise server 34 or personal computer 38. The end-to-end encrypted information 49C may then be decrypted at a later time separately from the point-to-point encrypted information 49B.
For example, after receiving and decrypting the log file 56, the enforcement agency may then independently conduct a seizure of the end-to-end encryption key 46 from either the enterprise network 18 or the mobile device 21. The enforcement agency could then separately decrypt information 56B in log file 56 with the seized end-to-end encryption key 46.
In operation 84, any point-to-point encrypted portion 49B of the intercepted data 49 (
Detecting Different Types of Intercept Data
A second portion 106 of intercept data 102 may include control information that only needs to be processed by one particular server. In this case, control data 106 may be encrypted using a first point-to-point encryption key. A third portion 104 of intercept data 102 may have other control information, for example, error checking data, that needs to be processed by a different server. Accordingly, the error checking data 104 is encrypted using a second point-to-point encryption key different than either of the other two encryption keys used for encrypting data 108 and 106.
It should be understood that this is only an example, and the devices shown in
The mobile device 21, management server 28, and the personal client 40 are all configured with an encryption schema 112 that identifies how specific items in the transaction 110 are to be encrypted. Each device is also configured with different security associations as described above in
The mobile device 21 forms the request transaction 110. One example of a request is as follows.
Mobile device 21 attaches an auth_token to transactions sent to the management server 28. For example, the mobile device 21 may be required to authenticate to the management server 28 by transmitting a username and password prior to being permitted to submit other transactions for processing. The management server 28 issues the mobile device 21 an auth_token after successfully validating the username and password against information in the user database 42. The mobile device 21 then attaches the auth_token to subsequent transactions sent to the management server 28. The management server 28 uses the auth_token to identify and authenticate the source of each transaction and to determine where to route the transaction.
The device_id identifies the particular mobile device 21 sending the request 110. The device_id may be necessary, for example, when a user has more than one mobile device. The personal client 40 can use different device_id values to track when synchronization information was last sent to each of multiple different mobile devices. The device_id can also be used by either the management server 28 or the personal client 40 to determine how to format data sent to particular types of mobile devices 21. For example, data may need to be formatted differently for a cell phone as opposed to a personal computer. The device_id can also be used to correlate a known security association with a particular mobile device.
The method_id item in the example identifies a particular function GetDocument associated with request 110. The method_id item also requires the inclusion of related argument items that identify the parameters for the GetDocument function. For example, the argument items might include the expression path=“/docs” identifying the pathname where the requested documents are located.
In order to prepare the request 110 for transmission, the mobile device 21 performs a pattern match of the request 110 using the encryption schema 112. This pattern match separates the items in request 110 into different channels. One example of the different channels is shown below. In this example, the items in each channel are associated with predefined security associations: clear, pp, and ee.
The channel contents are encoded (via a process commonly known as serialization) into arrays of bits or bytes referred to as data groups. These groupings of bits or bytes are referred to generally below as arrays, but can be any type of partition, group, etc.
The contents of the clear channel are encoded into an array of bits referred to as data_group_1, the contents of the pp channel are encoded into an array of bits referred to as data_group_2, and the contents of the ee channel are encoded into an array of bits referred to as data_group_3. The contents of each channel need to be encoded into bit arrays so that they can be encrypted. The contents of the channels after being encoded into bit arrays are represented as follows.
The bit arrays are then encrypted according to the security association parameters for each channel. According to the encryption schema 112, bits in the clear channel (data_group_1) are not encrypted. The bits in the pp channel data_group_2 are encrypted using the point-to-point security association between mobile device 21 and management server 28, using PP key 27, and are referred to after encryption as pp_data_group_2. The bits in the ee channel data_group_3 are encrypted using the end-to-end security association between mobile device 21 and personal client 40, using EE key 46, and are referred to after encryption as ee_data_group_3. The data groups are represented as follows after encryption:
The bits making up the encrypted and unencrypted channels are then encoded into one or more packets. For clarity, the description below will refer to a single packet, however, the data from the channels may be contained in multiple packets. Some of the contents of the packet are shown below.
Information in the packet header may include the packet length, a version number, and other flags. The packet payload includes a count identifying 3 pairs of items. The three items include the non-encrypted contents in the clear channel, the pp encrypted contents of the pp channel, and the ee encrypted contents of the ee channel. The packet is then transported by mobile device 21 to the management server 28.
The transfer agent operating in server 28 receives the packet. The bits in the packet are separated into the different channels clear=data_group_1, pp=pp_data_group_2, and ee=ee_data_group_3.
The data in the clear channel does not need to be decrypted. The transfer agent decrypts the only bits in channels for which it has a known security association. The transfer agent, as a member of the point-to-point security association between mobile device 21 and management server 28, possesses the PP key 27 and therefore decrypts the contents of the pp channel. The transfer agent is not a member of the end-to-end security association between mobile device 21 and personal client 40, does not have the EE key 46 and therefore does not decrypt the data in the ee channel. Decryption produces the following data groups: clear=data_group_1, pp=data_group_2, and ee=ee_data_group_3.
The transfer agent decodes the contents of the clear and pp channels. The contents of the encrypted ee channel are not decoded, but instead are maintained in an unmodified state for eventual transport to the personal client 40. Decoding produces the following contents.
A partial request is formed by merging the items of the clear and pp channels. The partial request in this example could look similar to the following:
The transfer agent 31 in the management server 28 processes the partial request. In this example, the transfer agent may verify the request is authorized by matching the value of auth_token (“abc”) with contents in the user database 42 (
The transfer agent may identify a user_id=“joe” associated with the auth_token=“abc” and generate the following new request.
The legal intercept 50 in
The end-to-end encrypted data in group 3 remains encrypted and therefore may not provide all of the information desired for the enforcement agency. However, the decrypted information does provide enough information to adequately indicate that the intercepted data is associated with a particular user_id. The intercepted unencrypted data may also provide further evidence that the enforcement agency can then use to obtain another warrant to seize the ee encryption key from the targeted user.
As described above in
End-to-End Encrypted Data
As described above, the communication management system 16 may not have access to the end-to-end encryption keys 46 (
The intercept logs 56 can therefore contain data encrypted using encryption keys known only to the endpoints. For example, a mobile device 21 and a desktop connector running on personal computer 38 (
In order to make use of this functionality, the enforcement agency seeking the information may need to obtain both an intercept warrant, and either a search-and-seizure warrant authorizing the extraction of the configuration data from the smart device client in the mobile device 21 or a search-and-seizure warrant authorizing the extraction of the end-to-end encryption key from the desktop connector in the PC 38 (
After the authorized agency has executed the necessary warrants, the toolkit 54 is used by the agency to facilitate the recovery of the end-to-end key 46. The toolkit utility 54 then uses the end-to-end key 46 to decrypt the end-to-end encrypted information in the log files 56.
The system described above can use dedicated processor systems, micro controllers, programmable logic devices, or microprocessors that perform some or all of the operations. Some of the operations described above may be implemented in software and other operations may be implemented in hardware.
For the sake of convenience, the operations are described as various interconnected functional blocks or distinct software modules. This is not necessary, however, and there may be cases where these functional blocks or modules are equivalently aggregated into a single logic device, program or operation with unclear boundaries. In any event, the functional blocks and software modules or features of the flexible interface can be implemented by themselves, or in combination with other operations in either hardware or software.
Having described and illustrated the principles of the invention in a preferred embodiment thereof, it should be apparent that the invention may be modified in arrangement and detail without departing from such principles. Claim is made to all modifications and variation coming within the spirit and scope of the following claims.