Search Images Maps Play YouTube News Gmail Drive More »
Sign in
Screen reader users: click this link for accessible mode. Accessible mode has the same essential features but works better with your reader.

Patents

  1. Advanced Patent Search
Publication numberUS20060023738 A1
Publication typeApplication
Application numberUS 11/170,608
Publication date2 Feb 2006
Filing date28 Jun 2005
Priority date28 Jun 2004
Also published asEP1766926A1, EP1766927A1, EP1766928A2, EP1766931A1, US7760882, US20060064588, US20060072583, US20060075467, US20060075472, US20060075506, WO2006004784A1, WO2006004785A1, WO2006004786A1, WO2006004928A2, WO2006004928A3, WO2006004930A1, WO2006012058A1, WO2006012346A1
Publication number11170608, 170608, US 2006/0023738 A1, US 2006/023738 A1, US 20060023738 A1, US 20060023738A1, US 2006023738 A1, US 2006023738A1, US-A1-20060023738, US-A1-2006023738, US2006/0023738A1, US2006/023738A1, US20060023738 A1, US20060023738A1, US2006023738 A1, US2006023738A1
InventorsFrank Sanda
Original AssigneeSanda Frank S
Export CitationBiBTeX, EndNote, RefMan
External Links: USPTO, USPTO Assignment, Espacenet
Application specific connection module
US 20060023738 A1
Abstract
Embodiments of the present invention comprise an application-driven connection module that maintains network connectivity to at least one application server and enables only intended applications to operate between the client and the server.
Images(5)
Previous page
Next page
Claims(27)
1. A connection module for use with a client device, the connection module comprising:
an amount of network connectivity;
a transport service module for enabling network connectivity to at least one server through one of a plurality of connection types; and
an access module that enables at least one application offered by the at least one server;
wherein the network connectivity is limited to access related to the at least one application.
2. The connection module of claim 1, wherein the at least one application is a single application.
3. The connection module of claim 1, further comprising at least one transceiver.
4. The connection module of claim 1, wherein the connection module does not include a transceiver.
5. The connection module of claim 1, wherein the network connectivity is pre-paid airtime.
6. The connection module of claim 5, wherein the price of the prepaid airtime is based on requirements of the at least one application.
7. The connection module of claim 1, wherein the access module further provides security for the provision of the at least one application.
8. The connection module of claim 7, wherein the access module provides security using a firewall.
9. The connection module of claim 7, wherein the access module provides security using port controls.
10. The connection module of claim 7, wherein the access module provides security using a VPN.
11. The connection module of claim 1, wherein the access module only enables network connectivity when a secured environment is confirmed.
12. A system comprising a client device and at least one server wherein the client device is connected to a connection module comprising:
an amount of network connectivity;
a transport service module for enabling network connectivity to the at least one server through one of a plurality of connection types; and
an access module that enables at least one application offered by the at least one server,
wherein the network connectivity is limited to access related to the at least one application.
13. The system of claim 12, wherein the at least one server is part of a corporate network and the client device is located outside of the corporate network.
14. The system of claim 12, wherein the client device is virtually connected to a corporate network containing the at least one server.
15. The system of claim 12, wherein
the at least one application relates to a first entity; and
the at least one server is physically hosted by a second entity.
16. The system of claim 14, wherein the first entity and second entity are connected by a dedicated line.
17. The system of claim 12, wherein the at least one server reside at a data center.
18. The system of claim 16, wherein the data center is operated by a connection module provider.
19. The system of claim 16, wherein the data center is operated by a provider of the at least one application.
20. The system of claim 11, wherein the at least one application is a single application.
21. The system of claim 11, wherein the access module optimizes performance of the application.
22. A method of providing an application comprising:
providing a server offering an application for use by at least one client device, wherein the server is connected to an Intranet;
providing a client device located remote to the Intranet; and
providing a connection module at the client device, the connection module comprising an amount of network connectivity, a transport service module for enabling network connectivity to the server and an access module that allows access to only one application.
23. The method of claim 22, wherein the application is document sharing software, wherein the application controls access to selected files.
24. A method of selling an application comprising selling client software, server software, and at least one application-driven connection module under the same brand name.
25. The method of claim 23, wherein the software, the server software, and the at least one application-driven connection modules are sold as a package.
26. The method of claim 24, wherein the connection module includes prepaid airtime.
27. The method of claim 25, further comprising selling additional airtime to recharge the connection module.
Description
    CROSS-REFERENCE TO RELATED APPLICATIONS
  • [0001]
    The present application claims priority to U.S. provisional application No. 60/583,765, entitled “Controlling Use of a Mobile Work Station Based on Network Environment,” filed on Jun. 28, 2004, U.S. provisional application No. 60/598,364 entitled “Systems and Methods for Enhancing and Optimizing a User's Experience on an Electronic Device,” filed on Aug. 3, 2004, U.S. provisional application No. 60/653411 entitled “Creating an Environment for Secure Mobile Access Anywhere” filed on Feb. 16, 2005 to Sanda et al., and U.S. provisional application No. 60/652,121 entitled “Remote Access Services” filed on Feb. 11, 2005 to Sanda et al.
  • FIELD OF THE INVENTION
  • [0002]
    The invention relates generally to computing, telecommunication, and electronic devices. More specifically, the invention relates to network connectivity.
  • BACKGROUND OF THE INVENTION
  • [0003]
    More and more individuals require connectivity to networks such as the Internet for an ever-increasing variety of reasons. The recent advent of sufficiently small processing power, memory, display and battery endurance, coupled with an increasing presence of wireless communications services, has allowed mobile computing to be accomplished more effectively and efficiently, whether on a notebook or laptop computer, a Personal Digital Assistant (“PDA”), telecommunications devices, or other platforms. The increasing ubiquity of mobile computing and the need for connectivity, primarily wireless connectivity, has led to the proliferation of portable computers capable of connecting to networks in a variety of ways. These portable computers often contain at least one interface to several types of networks such as LANS, dial up modems, Wi-Fi wireless local area networks (WLANs), and wireless wide area networks (WWANs).
  • [0004]
    Historically, portable electronic devices and plug in components offering connectivity to at least one network have lacked the functionality to efficiently and effectively manage resources and network connections. These devices have failed to deal adequately with issues such as managing continuous connectivity using multiple connection options without excessive user interaction. Devices, software, or business arrangements have not been available that offer consumers convenient and flexible connectivity options as explained in more detail in U.S. non-provisional application No. [55132/316925], entitled “Systems and Methods for Enhancing and Optimizing a User's Experience on an Electronic Device,” filed concurrently herewith, which is incorporated herein in its entirety by reference. Moreover, prior devices, software, and business arrangements do not offer secured, software-solution specific connectivity.
  • SUMMARY OF THE INVENTION
  • [0005]
    Certain embodiments of the present invention provide a connection module such as a telecom battery. This module may include an interface for connection to an electronic device, a transceiver for communicating with a plurality of networks, a communication manager for establishing network connections, and an access module for maintaining airtime allotments for the plurality of networks.
  • [0006]
    Certain embodiments of the present invention relate to an application-driven connection module that includes an amount of network connectivity, a transport service module, and an access module that maintains communication with an application server and enables only certain intended software to operate between the client and the server. Certain embodiments of the present invention relate to methods of extending an application to extra-internet environment through application-driven connection modules.
  • BRIEF DESCRIPTION OF THE DRAWINGS
  • [0007]
    These and other features, aspects, and advantages of the present invention are better understood when the following Detailed Description is read with reference to the accompanying drawings, wherein:
  • [0008]
    FIG. 1 illustrates a functional block diagram of a system in accordance with one embodiment of the present invention;
  • [0009]
    FIGS. 2 a-c illustrate various connection modules in accordance with certain embodiments of the present invention;
  • [0010]
    FIG. 3 illustrates a flow diagram of a method in accordance with one embodiment of the present invention; and
  • [0011]
    FIG. 4 illustrates a functional block diagram of a system in accordance with one embodiment of the present invention.
  • DETAILED DESCRIPTION OF SPECIFIC EMBODIMENTS
  • [0012]
    Certain embodiments of the present invention are physical connection modules, also referred to as telecom batteries. These devices are used to add network connectivity capability to an electronic device such as a mobile computer, a PDA, a digital camera, a music player, or a vending machine by providing at least one connection to one or more networks, whether physical connections or wireless. A connection module may provide connections by including the necessary software, hardware, and/or airtime to connect to one or more carrier networks. The connection module may also be used to add additional network connectivity capabilities to an electronic device already having some network connectivity abilities. Certain embodiments of the present invention relate to application-driven connection modules that allow clients to have network connectivity to an application server and enable only the intended software application to operate between the clients and the server.
  • [0000]
    Exemplary Client Devices, Systems, and Environments
  • [0013]
    FIG. 1 illustrates a functional block diagram of client devices 120 a-120 n operating in network environments in accordance with various embodiments of the present invention. Client devices 120 a-120 n may be used by users 110 a-110 n for a variety of purposes and reasons. In addition to local system resource requirements, a client device 120 a may have various remote access or network connection requirements. For example, a user, such as user 110 a using client device 120 a, may desire to use or run local applications 128 residing in the memory 126 of the user's client device 120 a or may desire to remotely run applications or retrieve information residing on remote devices accessible on or through various networks 105. A server 140 may provide an application that is made available to clients, such as client 120 a, through connection module devices, such as connection module 130.
  • [0014]
    In general, a client device 120 a-n and a server 140 may use any suitable type of processor-based platform 124, 144, and typically will include a processor 122 coupled to a computer-readable medium, such as memory 124, and include hardware and user interface components. The computer readable medium can contain program code that can be executed by the processor. It can be used to store information and applications such as client applications 128 in the case of the client 120 a and server applications 148 in the case of the server 140. The client device 120 a and server may also each include an operating system that controls the system resources and provides a user interface.
  • [0015]
    The client devices 120 a-n themselves may have differing characteristics. The client devices 120 a-n may include cell phone devices, mobile phone devices, smart phone devices, pagers, notebook computers, personal computers, digital assistants, personal digital assistants, digital tablets, laptop computers, Internet appliances, blackberry devices, Bluetooth devices, standard telephone devices, fax machines, other suitable computing devices, or virtually any other suitable electronic device. Additional components in the client devices may differ and provide various functionalities.
  • [0016]
    The networks 105 are not limited to any particular type of network nor are they limited to a single network. For example, the networks 105 could include the Internet, a LAN, a WAN, a private network, a virtual network, and/or any combination of network types. The client device 120 a-120 n and server 140 may be connected to networks 105 in a variety of ways. Such connections may be through virtually any type of network, line, or wireless connection type. For example, the connection access options 138 could involve local area networks (“LANs”), dial up modems, Wi-Fi, wireless local area networks (WLANs), wireless wide area networks (WWANs), or cellular.
  • [0017]
    A connection module 130 may provide connection options 138 that allow the client 120 a to connect to the networks 105. The connection options 138 may allow access on a number of networks and/or through a number of network connectivity providers. Thus, generally, a connection module 130 may be a module used to add network connectivity capability to an electronic device by providing or facilitating one or more connections to one or more networks, whether through a physical connection or a wireless connection. A connection module 130 may provide, allow, or support Internet access over wireless and/or wired connections. The connection module 130 may include one or more transceivers for wireless connections. A connection module 130 generally will include, among other things, memory 132 and software or hardware to allow and/or manage network connectivity. The memory 132 may include information about the amount of network connectivity available 134 (e.g. airtime) and applications to manage the connections such as a connection manager 136. The connection module 130 may include network connectivity components such as telecommunications components and may be used to add additional network connectivity options to a client 120 a already having some network connectivity abilities.
  • [0000]
    Connection Module
  • [0018]
    FIGS. 2 a, 2 b and 2 c depict various connection modules 204, 210, 220 that may be inserted into, attached to, or otherwise made a part of a client device 202. The connection module 210 illustrated in FIG. 2 b includes time available 212 and a connection manager 214. The connection module 220 illustrated in FIG. 2 c shows a connection module according to certain embodiments that may include a variety of different functional components, including a device interface 222, a communication module 226, an access module 228, and/or a system resource module 230. A physical connection module may have an interface for physically connecting to an electronic device, a communication module for establishing network connectivity, and an access module for monitoring and/or controlling network connectivity. The connection module may also include one or more transceivers 224. Different embodiments of a connection module according to the present invention may include some or all of these components as well as additional components and functionality.
  • [0019]
    FIG. 3 shows one aspect of the present invention as a method of adding network connectivity capability 300 to an electronic device. This method 300 involves using a connection module in an electronic device to connect the electronic device to a network using an available connection.
  • [0020]
    Block 302 illustrates installing a connection module capable of connecting to a network through a plurality of connections. The connection module may be installed in the electronic device at time of assembly of the electronic device (i.e. during manufacture), by a subsequent supply chain member (i.e. as an add-on component) prior to end customer purchase, or by the end customer or user (i.e. by separate purchase). The connection module may be integrally associated or inserted with other hardware components, such as part of a processing chip of an electronic device, or may be removably inserted like a PCMCIA card.
  • [0021]
    In block 304, the electronic device is connected to the network through one of the connections available on the connection module. The connection module could offer multiple connection types of the same or different types of communications or it could offer only one type. In this block, a connection is established through one of the available connections.
  • [0022]
    A connection module may include an amount of network connectivity. For example, a connection module could store a variable with an amount of network connectivity time (e.g. in minutes) or a variable with an amount of network connectivity data transmission potential (e.g. in Megabytes). As network connectivity is used, the variable value may be decreased accordingly. As a more specific example, a connection module could include an amount of network connectivity in the form of an amount of airtime (e.g. prepaid airtime, airtime associated with a customer account, etc.). The ability of the connection module to include an amount of network connectivity or airtime has many technical and commercial advantages. Specifically, a connection module provider can use this ability to add value to the services provided by a telecommunication network carrier. These value added aspects include the ability to simplify payment, to simplify use of the services, and to bundle multiple connection options together. Accordingly, a connection module provider may act as a reseller of airtime for one ore more telecommunication network carrier and add value to the services provided by these carriers. For example, the provider of the connection module can buy airtime at a flat rate from a wireless carrier, and then meter or sell the airtime per minute at a marked up rate as capacity with a connection module. The connection module can include a set capacity for airtime corresponding to a dollar amount regardless of which carriers the connection module chooses to select for various calls or communications. Alternatively, the user can buy the connection module with an account for which he or she provides his or her credit card number; whenever it is running low on airtime, the connection module can access the user's credit card account and pre-purchase a set or desired increment of time. The connection module can also have access to a number of credit card accounts of the user, and may choose which account to use depending on factors having to do with the credit card accounts such as interest rate, frequent user credits, promotions, and other relevant factors.
  • [0023]
    A connection module provides advantages in the area of payment because the payment for the network connectivity services can be associated with the cost of the connection module. The purchaser of the connection module is able to pay for the services in a manner that is most convenient for her. For, example, a purchaser may select a connection module that has prepaid network connectivity services for one, six, twelve, or twenty-four months. Another purchaser may select a connection module that has airtime or network connectivity charges that are paid periodically based on usage. These charges can be automatically billed to the purchaser's credit card.
  • [0024]
    A connection module may also provide value added advantages by improving the ease of use of the network connectivity services. When a connection module includes the necessary software, hardware, and amount of network connectivity, these components can be managed to provide a convenient, simple to use, interface for the user. A resource manager can provide this management ability and user interface. A connection module may also add value by bundling multiple connection options together into one device. Users require access to networks at different times, in different places, and in different ways. A connection module can include multiple network connectivity options to account for a user's various needs. In addition, a connection module may coordinate and manage the use of these options.
  • [0025]
    A connection module may also be called a telecom battery because it may be plugged into or included as part of an electronic device. Used in this manner, a connection module is analogous to an electric battery. Just as an electric battery can be plugged into an electronic device to add electricity to the device, a connection module may be plugged into an electronic device to add network connection capability such as, for example, a PCMCIA card. For example, a plug-in type connection module can be bought by an end consumer at a retail outlet and plugged into the user's PDA, computer, or other electronic device, adding telecommunication ability to the device. Alternatively, rather than plugging into an electronic device, a connection module can be included as a component of an electronic device prior to sale of the device to the consumer. For example, if the connection module is included in a PDA by the PDA manufacturer or OEM, the product may have telecommunication ability available at the time of purchase. Such communication ability may be associated with one or more accounts with one or more telecommunication providers.
  • [0026]
    Connection modules can also be specialized for certain applications. A variety of different connection modules satisfy various functions of specific applications just as there are different sizes and power levels of electric batteries. For example, the telecommunication requirements of a given digital camera may be very different than the telecommunication requirements of a PDA. Different connection modules may be used to satisfy these different requirements.
  • [0027]
    Connection modules also allow network connectivity costs to be minimized to the requirements of the application and allow these cost savings to be passed on to the users. One example is to price the connection module based on the imposition on network capacity that the specific application will require. For smaller data amounts and slower speed requirements a cheaper connection module can be offered. Likewise, if the data direction is in the up link direction a cheaper connection module may be offered if network connectivity costs in that direction are less expensive to provide.
  • [0028]
    One connection module embodiment provides for the packaged sale of telecommunication with either general or application specific telecommunication capabilities. The price of the connection modules may reflect the length of time the connection module will provide telecommunications. For example, a one-month connection module, a six-month connection module, a twelve-month connection module, and a twenty-four-month connection module may be available at different prices. The price of the connection module may also reflect the application for which the connection module will be used or the user's preferences. One user may prefer higher speeds for a given application than another. Another user may prefer lower costs to higher speeds.
  • [0029]
    A connection module may be sold in the same stores that sell portable computers and other electronic devices. This provides convenience for a customer who can purchase a connection module at the same store she purchased her notebook computer. The connection module can be packaged as an electronic device and a compact disc that allows the connection module to be used for the purchase period. For example, the compact disc can allow use of a connection module for one, six, twelve, or twenty-four months depending on the user's preference. These four time periods are used for purposes of demonstration and are not meant to limit the invention. Other time periods and marketing promotions are envisioned. The sale of network connectivity capability and capacity as part of a hardware component allows all of the sales and marketing advantages inherent in hardware promotion to be used in addition to the sales and marketing techniques available for telecommunications and other network connectivity services.
  • [0030]
    In certain embodiments, the connection manager can be viewed as a battery of prepaid or pre-acquired network connectivity. The consumer expends the network connectivity (for example the time available 212 shown in FIG. 2 b) stored on the connection module when the user or an application running on the user's device connects to the network through the connection manager. It should be noted that sign-on, and/or authorization, authentication may be accomplished automatically and/or without the user's input or knowledge. The amount of network connectivity (e.g. time available) that is consumed by network connectivity may depend on a variety of factors. For example, the amount of network connectivity consumed may depend upon the type of connection (WWAN, WLAN, LAN, Dial-up, etc.), usage time, and amount of data, time-of-day usage, among other factors. Accordingly, some access may be free, some access cheap, and other access expensive in terms of usage of the stored network connectivity. A user may view the current status of the amount of network connectivity remaining on the connection module and may be notified when the amount of network connectivity remaining hits a low threshold or is close to expiration. The user may choose to refill, recharge, or otherwise re-acquire network connectivity on the connection module. Connection to the network may be automatic or the user may select from connection options effecting the connection characteristics (speed, etc.) and connection module (use of the stored amount of network connectivity). Accordingly, one of the many advantages of certain embodiments of the connection module is to make Internet access simple for a consumer by allowing automatic connection and network sign-on, providing consumer electronics with connection modules with a stored amount of network connectivity, and by providing an improved user experience. Other advantages result from the use of certain embodiments of the connection module with certain embodiments of the resource manager.
  • [0031]
    A resource manager, such as the resource manager discussed in U.S. patent application No. [55132/316925] to Sanda, entitled “Systems and Methods for Enhancing and Optimizing a User's Experience on an Electronic Device,” filed concurrently herewith, the entirety of which is incorporated herein by reference, may also be used to facilitate the use of a connection module to provide a connection to a network through changing network connectivity connection types. An electronic device may have multiple network communication options. These options may be provided by a connection module and/or by other components of the electronic device. The resource manager can control and utilize an appropriate network communication option automatically, based on user-defined criteria, or upon approval by the user after presenting the user with an array of options. In addition, the resource manager may be used to maintain a connection using several data streams or packet streams and can filter or accelerate the flow of data based on the requirements of the application to provide optimal connection to the network. In other words, the user can experience a continuous or near continuous connection to the network in accordance with their preferences even when the resource manager is adjusting, managing, and switching among different network communication options. For example, as a mobile user moves about using a portable electronic device containing a connection module, different network communication options may become available or preferable. The resource manager can switch to an appropriate connection when it becomes available or preferable with or without the user's interaction.
  • [0032]
    The resource manager may also facilitate the ability of an application specific connection module on a more general-purpose machine. Accordingly, the resource manager can deal with the potential problem of an application specific connection module being used to provide network connectivity for another purpose on a general-purpose electronic device. Specifically, the resource manager has the ability to restrict the user's access to the more general functions that may be available on an electronic device while the connection module is in use. This may be accomplished, for example, by using a user interface that does not allow the user to access applications outside of the user interface. The user is locked-out of restricted functions.
  • [0000]
    Process for Remote Control and Regulation
  • [0033]
    There are many remote control and remote monitoring advantages that result when a resource manager is used with a connection module. These advantages include the ability to manage upgrades on remote portable devices, the ability to monitor and use location information for the portable device, the ability to remotely control applications, and the ability to enable and simplify data recovery and continuity when a telecommunication channel is interrupted.
  • [0034]
    The resource manager allows for the management of upgrades on remote portable devices in a secure environment. This upgrade functionality extends across all applications. The resource manager can keep track of the applications available on a remote device, keep track of the providers of those applications, keep track of when the applications are changed and when upgrades are available, and keep track of how different upgrades are performed. With these capabilities, the resource manager can perform upgrades on a push or pull basis. The remote portable device can recognize and initiate its own upgrade procedure or an upgrade can be initiated elsewhere on the network. For example, a company wishing to roll out a new software upgrade to all of its sales associates in the field can initiate and manage such an upgrade using the resource manager. The company can also use the resource manager to send upgrades out to a specific remote machine by using the connection module to identify the appropriate remote portable device.
  • [0035]
    Using a resource manager with a connection module may provide the ability to monitor the location of a remote portable device. This location information is useful to both the remote, portable device itself and to companies wishing to track the location of their portable computers in the field. The remote, portable device can use the location information on the device and on its local applications. For example, a resource manager can use this information to change the time when a time zone is crossed. As another example, a resource manager can change the telecommunications options or preferences as the user's location changes.
  • [0036]
    Companies may also use the location information available with the use of connection modules. For example, when remote portable devices are accessing a company's network, a resource manager on each of these devices can communicate the location information to appropriate company personnel or devices. This location information can be used in a variety of ways by the company, such as identifying which sales associate or field technician is currently closest to one of the company's clients or customers. Such information may be very useful in the event of a customer emergency that required, for example, a visit from a technician to perform tests using a specific diagnostic software application. The company can identify both an appropriate field technician in the proximate location to the emergency and can also determine whether the portable device carried by that person contained the necessary diagnostic software.
  • [0037]
    Using a resource manager with a connection module may also provide the ability to remotely control a portable device associated with a company. For example, the company can use a resource manager to ensure that the portable device is not used to download pornography. As another example, in the event the portable device is stolen or an employee carrying a portable device is terminated, a resource manager can be used to remotely delete confidential information saved on the portable device.
  • [0000]
    Process for Data Recovery
  • [0038]
    A resource manager may also provide data recovery and protection against the loss of data. This ability is useful when a resource manager is used with a connection module. A resource manager may capture information in the event that a telecommunication channel is interrupted or discontinued. For example, if a removable connection module is pulled out while a user is working on a remote network application, the resource manager may capture and/or save the information. When another connection to the network is established, the resource manager provides the captured information. This data recovery function prevents or at least minimizes data loss associated with lost and interrupted connections.
  • [0039]
    Furthermore, this function allows for the continuous use of network applications even through changing communication channels. The resource manager accomplishes this function by capturing the necessary information when a connection through one connection option is terminated and restoring the data to the application when another connection is established to the network through the same or another connection option. These features offer the additional benefits of simplifying the user's experience by automating a continuous network connection.
  • [0000]
    Application Driven Connection Module
  • [0040]
    Referring now to FIG. 4, certain embodiments of the present invention relate to an application-driven connection module 430 that maintains network connectivity with at least one application server 440 over networks 405 and enables only the intended software applications 422, 442 to operate between the client 420 and the server(s) 440. For example, in certain embodiments the connection module includes an amount of network connectivity, a transport service module for enabling network connectivity to at least one server through one of a plurality of connection types, and an access module that enables one application offered by the at least one server, wherein the network connectivity is limited to access related to the at least one application.
  • [0041]
    In certain embodiments the connection module 430 will include a transport service module 432, e.g. 3G-WCDMA, Cellular, PHS, and Wi-Fi (802.11x), and an access module 434. The connection module 430 may optionally contain one or more transceivers 436. In other embodiments the communication module 430 does not contain a transceiver, but instead uses transceivers and/or other connection devices associated with the client 420. The connection module may include an amount of network connectivity (e.g. prepaid airtime) as with other connection modules described herein. The amount of network connectivity may be tailored to particular application requirements.
  • [0042]
    In certain embodiments, the connection module enables and allows only software or application specific network connectivity within a corporate network through the use of an access module configured to only allow access to one or more specified application server(s) in that corporate network
  • [0043]
    In certain embodiments, the access module is set to only operate on an end-to-end basis maintaining maximum security utilizing firewall and port controls between the client (outside of the corporate Intranet) and the application server in the corporate data center. Accordingly, the client is virtually connected within the Intranet or LAN even though it is physically located on the outside. Personal firewall, VPN, and virus detection systems may be integrated with the access functionality platform. Thus, connection to the corporate servers via any desired transports may be restricted such that such connection is only allowed or enabled when a secured environment is fully established and confirmed. A secured environment may include the protection of the client and servers from virus, intrusion and/or attack.
  • [0044]
    In certain hosted embodiments, corporate servers will be physically hosted by a third party other than the user and the business entity operating the Intranet, although the third party and business entity operating the Intranet may be connected through a dedicated line. Other configurations of hosted security or ASP configuration are of course possible. In certain embodiments, the server resides at a data center operated by the connection module provider. In other embodiments, the server resides at the provider of the application.
  • [0045]
    The connection module of certain embodiments enables the intended application to operate between the client and the server. In addition to limiting access to only the software, the access module enables the remote user access to the corporate applications as if he/she was in the office by integrating network connectivity control, application access control, port control, authentication, etc. The access module may be used to control the access of the user to other solutions on the client. In this manner, the cost of the transport service can be priced according to the data transport requirement of the application. The access module may also use optimization tools to improve the user experience. For example, optimization tools may be based upon various accretion techniques and/or provide ease of use in network hopping and auto-authentication.
  • [0000]
    Methods of Extending an Application to Extra-Intranet Environments
  • [0046]
    Certain embodiments of the present invention relate to methods of extending an application to an extra-intranet environment (i.e. outside a corporate network or domain) through application-driven connection modules. These methods may enable software companies who market software applications to enhance and extend the reach of their products to extra-intranet environments. For example, the use of document sharing software, which controls access at a central location for selected data files, may be extended to users who are not directly connected to the corporate network on which the central location resides. In this illustrative scenario, each user to whom the software provider's customer wishes to extend remote access to the central location would be given a branded connection module. The connection module could have the ability to provide integrated Wi-Fi, WWAN, and/or LAN connectivity, and/or could take advantage of the network interface modules that exists on the remote device. In certain embodiments, the connection module physically connects to the remote device via a USB, PCMCIA, Bluetooth, or other existing interface. The connection module could take over the communications infrastructure and user interface of the remote device and provide connectivity only to the network resource and software to which it was configured to provide access and allow operating system resource access only to those services and applications to which it was configured to allow access. Once access to the shared resource and software is complete, the connection module could be removed from the remote device and the remote device would return to its normal state. In the process of this activity, the connection module could consume portions of its pre-paid network connectivity allotment, and provide the ability to “recharge” the amount of pre-paid network connectivity when depleted (possibly through a web interface).
  • [0047]
    As another example, in certain embodiments, the application-driven connection module might be used to package a hardware-independent email service (such as “Blackberry” service) which would work on any telecommunications platform. In other words, a user of an email service could purchase the service from a company independent of a particular communications platform. That user could obtain connection modules that operate on specific platforms. When the user wishes to use the email service, the user could insert the appropriate connection module into the remote device. The connection module could take over the communications infrastructure, security infrastructure, and user interface of the remote device to allow the email service to operate. Once finished, the user could remove the telecom battery and the remote device would return it its normal operation. Based on the user's usage, the telecom battery could expend a portion of the network connectivity, and would allow the user the ability to “recharge” the battery as required.
  • [0000]
    Alternative Embodiments
  • [0048]
    The structures and processes described above illustrate exemplary embodiments of inventive concepts included in the present invention. Other systems and processes are possible. While the invention has been described in detail with particular references to these particular embodiments, variations and modifications can be affected within the spirit and scope of the invention as described in this document.
Patent Citations
Cited PatentFiling datePublication dateApplicantTitle
US5406261 *11 Jan 199311 Apr 1995Glenn; James T.Computer security apparatus and method
US5500517 *2 Sep 199419 Mar 1996Gemplus Card InternationalApparatus and method for data transfer between stand alone integrated circuit smart card terminal and remote computer of system operator
US5627886 *15 Sep 19956 May 1997Electronic Data Systems CorporationSystem and method for detecting fraudulent network usage patterns using real-time network monitoring
US5748084 *18 Nov 19965 May 1998Isikoff; Jeremy M.Device security system
US5835737 *10 May 199610 Nov 1998Apple Computer, Inc.Method and apparatus for arbitrating access to selected computer system devices
US5864757 *12 Dec 199526 Jan 1999Bellsouth CorporationMethods and apparatus for locking communications devices
US5936526 *13 Jan 199810 Aug 1999Micron Electronics, Inc.Apparatus for generating an alarm in a portable computer system
US5953536 *30 Sep 199614 Sep 1999Intel CorporationSoftware-implemented tool for monitoring power management in a computer system
US5958058 *18 Jul 199728 Sep 1999Micron Electronics, Inc.User-selectable power management interface with application threshold warnings
US6070240 *27 Aug 199730 May 2000Ensure Technologies IncorporatedComputer access control
US6085084 *24 Sep 19974 Jul 2000Christmas; ChristianAutomated creation of a list of disallowed network points for use in connection blocking
US6118324 *30 Jun 199712 Sep 2000Xilinx, Inc.Output driver with reduced ground bounce
US6181925 *9 Apr 199730 Jan 2001Cellco PartnershipMethod and apparatus for fraud control in a cellular telephone switch
US6198920 *16 Mar 20006 Mar 2001Padcom, Inc.Apparatus and method for intelligent routing of data between a remote device and a host system
US6272112 *14 Apr 19987 Aug 2001Fujitsu LimitedRepeating unit testing system and communication apparatus as well as communication method
US6418533 *29 Aug 19979 Jul 2002Compaq Information Technologies Group, L.P.“J” system for securing a portable computer which optionally requires an entry of an invalid power on password (POP), by forcing an entry of a valid POP
US6542729 *27 Apr 19991 Apr 2003Qualcomm Inc.System and method for minimizing fraudulent usage of a mobile telephone
US6546425 *11 Jun 19998 Apr 2003Netmotion Wireless, Inc.Method and apparatus for providing mobile and other intermittent connectivity in a computing environment
US6564047 *28 Aug 200013 May 2003Motorola Inc.Advanced air time management
US6657956 *3 Mar 19972 Dec 2003Bull Cp8Method enabling secure access by a station to at least one server, and device using same
US6725379 *11 Aug 199920 Apr 2004Dell Products L.P.Stolen computer detection and protection
US6813498 *27 Oct 20002 Nov 2004Lucent Technologies Inc.Apparatus, method and system for detection and recovery of missing wireless devices in communication systems
US6865162 *6 Dec 20008 Mar 2005Cisco Technology, Inc.Elimination of clipping associated with VAD-directed silence suppression
US6910135 *7 Jul 199921 Jun 2005Verizon Corporate Services Group Inc.Method and apparatus for an intruder detection reporting and response system
US6947755 *15 Aug 200120 Sep 2005Gould Lawrence ASystems and methods for distributed processing of location information associated with emergency 911 wireless transmissions
US6996728 *26 Apr 20027 Feb 2006Hewlett-Packard Development Company, L.P.Managing power consumption based on utilization statistics
US7003282 *24 Jun 199921 Feb 2006Nokia CorporationSystem and method for authentication in a mobile communications system
US7051236 *13 Jun 200223 May 2006Dell Products L.P.Wirelessly network-connected, battery-powered information handling system featuring prevention of data corruption after wake-up by a network event
US7054594 *18 Jul 200230 May 2006Data Transfer & Communication LimitedData security device
US7089425 *18 Mar 20038 Aug 2006Ci4 Technologies, Inc.Remote access authorization of local content
US7089553 *12 Oct 20008 Aug 2006International Business Machines CorporationMethod, system, computer program product, and article of manufacture for downloading a remote computer program according to a stored configuration
US7107349 *30 Sep 200212 Sep 2006Danger, Inc.System and method for disabling and providing a notification for a data processing device
US7170999 *28 Aug 200230 Jan 2007Napster, Inc.Method of and apparatus for encrypting and transferring files
US7239862 *19 Sep 20023 Jul 2007Cellco PartnershipMethod of and system for processing prepaid wireless data communications
US7240366 *17 May 20023 Jul 2007Microsoft CorporationEnd-to-end authentication of session initiation protocol messages using certificates
US7272230 *5 Mar 200218 Sep 2007Pumpkin House IncorporatedEncryption system and control method thereof
US7299349 *31 Jan 200220 Nov 2007Microsoft CorporationSecure end-to-end notification
US7370349 *3 Sep 20036 May 2008Peoplechart CorporationMethod and system for protecting information on a computer system
US7389123 *28 Apr 200417 Jun 2008Sony Ericsson Mobile Communications AbMobile apparatus with remote lock and control function
US7392390 *11 Dec 200224 Jun 2008Valve CorporationMethod and system for binding kerberos-style authenticators to single clients
US7392391 *12 Sep 200224 Jun 2008International Business Machines CorporationSystem and method for secure configuration of sensitive web services
US7395049 *2 Mar 20041 Jul 2008Nokia CorporationSecurity element commanding method and mobile terminal
US7409061 *29 Nov 20015 Aug 2008Noatak Software LlcMethod and system for secure distribution of subscription-based game software
US7421083 *5 Apr 20022 Sep 2008General Instrument CorporationSystem for seamlessly updating service keys with automatic recovery
US7437550 *28 Oct 200314 Oct 2008Ponoi Corp.System for providing session-based network privacy, private, persistent storage, and discretionary access control for sharing private data
US7549048 *19 Mar 200416 Jun 2009Microsoft CorporationEfficient and secure authentication of computing systems
US7725716 *16 Jun 200525 May 2010Japan Communications, Inc.Methods and systems for encrypting, transmitting, and storing electronic information and files
US20020039359 *7 Dec 20014 Apr 2002At&T CorporationHybrid fiber twisted pair local loop network service architecture
US20020052968 *20 Dec 20002 May 2002Rudy BonefasMessaging method and apparatus for routing messages in a client server environment over multiple wireless and wireline networks
US20020099957 *24 Jan 200125 Jul 2002Michael KramerEstablishing a secure connection with a private corporate network over a public network
US20020133584 *17 Jan 200119 Sep 2002Greuel James R.Method and apparatus for customizably calculating and displaying health of a computer network
US20020186845 *11 Jun 200112 Dec 2002Santanu DuttaMethod and apparatus for remotely disabling and enabling access to secure transaction functions of a mobile terminal
US20030005331 *22 Aug 20012 Jan 2003Cryptek Secure Communications, LlcMulti-level security network system
US20030051140 *10 Sep 200213 Mar 2003Buddhikot Milind M.Scheme for authentication and dynamic key exchange
US20030056116 *16 May 200220 Mar 2003Bunker Nelson WaldoReporter
US20030084350 *12 Sep 20021 May 2003International Business Machines CorporationSystem and method for secure configuration of sensitive web services
US20030204748 *20 May 200230 Oct 2003Tom ChiuAuto-detection of wireless network accessibility
US20030212548 *13 May 200213 Nov 2003Petty Norman W.Apparatus and method for improved voice activity detection
US20030217166 *23 Dec 200220 Nov 2003Mario Dal CantoSystem and method for provisioning universal stateless digital and computing services
US20030221039 *22 May 200227 Nov 2003International Business Machines CorporationData caching on bridge following disconnect
US20030235307 *9 Jun 200325 Dec 2003Kazuhiro MiyamotoEncryption and decryption program
US20030236827 *24 Jun 200225 Dec 2003Cisco Technology, Inc.Adaptive feedback technique implemented in Mobile IP networks
US20040030887 *7 Aug 200212 Feb 2004Harrisville-Wolff Carol L.System and method for providing secure communications between clients and service providers
US20040039807 *13 Mar 200326 Feb 2004Angel Boveda De MiguelMethods and arrangements in a telecommunication network
US20040052259 *31 Jul 200318 Mar 2004Agilent Technologies, Inc.Measuring network operational parameters as experienced by network operational traffic
US20040064293 *24 Sep 20031 Apr 2004Hamilton David B.Method and system for storing and reporting network performance metrics using histograms
US20040082351 *26 Jun 200329 Apr 2004Ilkka WestmanUser group creation
US20040087213 *26 Feb 20036 May 2004Chi-Lei KaoPlug used for connection with a usb receptacle
US20040107360 *13 Mar 20033 Jun 2004Zone Labs, Inc.System and Methodology for Policy Enforcement
US20040110488 *10 Dec 200210 Jun 2004Nokia CorporationSystem and method for performing security functions of a mobile station
US20040123150 *28 Feb 200324 Jun 2004Michael WrightProtection of data accessible by a mobile device
US20040127196 *31 Dec 20021 Jul 2004Dabbish Ezzat A.Methods and apparatus for managing secured software for a wireless device
US20040137964 *15 Sep 200315 Jul 2004Steven LynchWireless communication device and method for responding to solicitations
US20040143470 *22 Dec 200322 Jul 2004Myrick Conrad B.Structure and method of modeling integrated business and information technology frameworks and architecture in support of a business
US20040180692 *29 Jul 200316 Sep 2004Handlink Technologies Inc.Portable network transmission device
US20040193694 *1 Apr 200430 Sep 2004Randy SaloApplication gateway systems
US20040198491 *21 Apr 20047 Oct 2004Walker Jay S.Method and apparatus for operating a gaming device to dispense a specified amount
US20040199545 *24 Feb 20047 Oct 2004Frederico WagnerNetworked disposal and replenishment apparatus
US20040205749 *25 Mar 200414 Oct 2004Lockheed Martin CorporationSystem for enabling application software of data acquisition devices
US20040218587 *19 Apr 20044 Nov 2004Sung-Hoon KimPrivate EV-DO system sharing public network data location register and data service method
US20040218605 *1 Dec 20034 Nov 2004Telefonaktiebolaget Lm Ericsson (Publ)Method for access selection
US20040235514 *18 Jul 200225 Nov 2004Stephen BlochData security device
US20040235522 *21 May 200325 Nov 2004Alan LinCard facility for freely communicating with network systems
US20040236547 *18 Nov 200325 Nov 2004Rappaport Theodore S.System and method for automated placement or configuration of equipment for obtaining desired network performance objectives and for security, RF tags, and bandwidth provisioning
US20050020315 *21 Jul 200427 Jan 2005Robertson Ian M.Security for mobile communications device
US20050025184 *18 Aug 20043 Feb 2005Dowling Eric MorganVirtual connection of a remote unit to a server
US20050050323 *2 Sep 20033 Mar 2005Authenture, Inc.Communication session encryption and authentication system
US20050073389 *1 Oct 20037 Apr 2005Chandley Adrian MarkSystems and methods for deterring theft of electronic devices
US20050125474 *5 Dec 20039 Jun 2005International Business Machines CorporationMethod and structure for transform regression
US20050160280 *12 May 200421 Jul 2005Caslin Michael F.Method and system for providing fraud detection for remote access services
US20050186989 *21 Apr 200525 Aug 2005Keith CocitaCell phone feature
US20050198491 *3 Mar 20048 Sep 2005Cisco Technology, Inc., A Corporation Of CaliforniaNetwork security enhancement methods and devices
US20050216736 *24 Mar 200429 Sep 2005Smith Ned MSystem and method for combining user and platform authentication in negotiated channel security protocols
US20060059265 *17 Jun 200316 Mar 2006Seppo KeronenTerminal connectivity system
US20060073820 *10 Oct 20036 Apr 2006Craswell Ronald JMethod and apparatus for remote control and updating of wireless mobile devices
US20060112275 *9 Oct 200325 May 2006David JealFacilitating and authenticating transactions
US20060149414 *9 Feb 20056 Jul 2006Carrier CorporationRemote web access control of multiple home comfort systems
US20070125620 *3 Jun 20047 Jun 2007Sorenson Timothy NMethods and systems for providing products, such as digital content including games, ring tones, and/or graphics; and services, such as computer network service including internet service
US20080233919 *9 Feb 200525 Sep 2008Nokia CorporationSystem and Method for Limiting Mobile Device Functionality.
Referenced by
Citing PatentFiling datePublication dateApplicantTitle
US7719427 *18 Aug 200618 May 2010Chung Yuan Christian UniversityWireless pH measurement system
US833198719 Apr 200711 Dec 2012Apple Inc.Personal area network systems and devices and methods for use thereof
US836413919 Apr 200729 Jan 2013Apple Inc.Personal area network systems and devices and methods for use thereof
US836984619 Apr 20075 Feb 2013Apple Inc.Personal area network systems and devices and methods for use thereof
US960958731 Jan 201228 Mar 2017Synchronoss Technologies, Inc.System and method for host and OS agnostic management of connected devices through network controlled state alteration
US20080064442 *11 Sep 200613 Mar 2008Utstarcom, :Inc.Identity and payment modem module for handsets
US20080259829 *19 Apr 200723 Oct 2008Apple Inc.Personal area network systems and devices and methods for use thereof
US20080261528 *19 Apr 200723 Oct 2008Apple Inc.Personal area network systems and devices and methods for use thereof
US20080261529 *19 Apr 200723 Oct 2008Apple Inc.Personal area network systems and devices and methods for use thereof
CN103620585A *18 Jun 20125 Mar 2014微软公司Virtual identity manager
WO2008130511A1 *11 Apr 200830 Oct 2008Apple Inc.Personal area network systems and devices and methods for use thereof
Classifications
U.S. Classification370/463
International ClassificationH04W48/18, H04W36/14, H04W12/08, H04L12/66
Cooperative ClassificationH04L2209/56, H04L2209/805, H04L9/321, H04L2209/60, H04L63/0823, H04L63/08, H04L43/0817, G06F21/6227, H04L67/30, H04L63/1408, H04L67/322, H04L63/102, G06F21/316, H04L63/166, H04L63/162, H04L43/045, H04L63/0263, H04L41/5067, H04L41/509, H04L63/20, H04L41/0681, H04L47/24, H04W48/18, H04L63/0272, H04L9/3273, H04L41/0213, H04L41/5009, H04L47/22, H04L67/04, H04L47/11, H04W12/08, H04L41/5016, H04L67/14, H04L63/0869, H04L63/145, H04L63/0227, H04L67/02, H04L69/329
European ClassificationH04L47/24, G06F21/62B1, G06F21/31B, H04L29/08A7, H04L63/10B, H04L63/08G, H04L63/20, H04L41/50A2, H04L29/08N29, H04L29/08N13, H04L41/50J2, H04L63/14D1, H04L47/11, H04L63/02C, H04L41/02B, H04L29/08N3, H04L9/32R2, H04L63/02B6, H04L63/02B, H04L29/08N31Q, H04L9/08, H04W12/08, H04L47/22, H04L63/14A, H04L43/04A, H04L43/08D, H04L29/08N1
Legal Events
DateCodeEventDescription
1 Nov 2005ASAssignment
Owner name: JAPAN COMMUNICATIONS, INC., JAPAN
Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:SANDA, MR. FRANK SEIJI;REEL/FRAME:016714/0231
Effective date: 20051019