Zoeken Afbeeldingen Maps Play YouTube Nieuws Gmail Drive Meer »
Inloggen
Gebruikers van een schermlezer: klik op deze link voor de toegankelijkheidsmodus. De toegankelijkheidsmodus beschikt over dezelfde essentiŽle functies, maar werkt beter met je lezer.

Patenten

  1. Geavanceerd zoeken naar patenten
PublicatienummerUS20080043689 A1
PublicatietypeAanvraag
AanvraagnummerUS 11/853,247
Publicatiedatum21 feb 2008
Aanvraagdatum11 sept 2007
Prioriteitsdatum13 juli 2004
Ook gepubliceerd alsCA2567596A1, EP1766803A1, EP1766803A4, US7286834, US20060014547, WO2006017071A2, WO2006017071A3
Publicatienummer11853247, 853247, US 2008/0043689 A1, US 2008/043689 A1, US 20080043689 A1, US 20080043689A1, US 2008043689 A1, US 2008043689A1, US-A1-20080043689, US-A1-2008043689, US2008/0043689A1, US2008/043689A1, US20080043689 A1, US20080043689A1, US2008043689 A1, US2008043689A1
UitvindersEdward Walter
Oorspronkelijke patenteigenaarSbc Knowledge Ventures, Lp
Citatie exporterenBiBTeX, EndNote, RefMan
Externe links: USPTO, USPTO-toewijzing, Espacenet
System and method for location based policy management
US 20080043689 A1
Samenvatting
In a particular embodiment, a policy server is disclosed that includes a network device interface adapted to communicate with a set of wireless access points via a short range wireless network. Each of the wireless access points has a coverage area. The policy server also includes a processor and a memory accessible to the processor. The memory includes instructions executable by the processor to determine whether at least one wireless device is located within a boundary area, to apply a first policy when the at least one wireless device is located within the boundary area, and to apply a second policy when the at least one wireless device is located outside of the boundary area. The boundary area covers an area that is different from the coverage area of any one wireless access point.
Afbeeldingen(9)
Previous page
Next page
Claims(20)
1. A policy server comprising:
a network device interface adapted to communicate with a set of wireless access points via a short range wireless network, each of the wireless access points having a coverage area;
a processor and a memory accessible to the processor, the memory comprising instructions executable by the processor to:
determine whether at least one wireless device is located within a boundary area, the boundary area covering an area that is different from the coverage area of any one wireless access point of the set of wireless access points; and
apply a first policy when the at least one wireless device is located within the boundary area and apply a second policy when the at least one wireless device is located outside of the boundary area.
2. The policy server of claim 1, wherein the memory further comprises an instruction executable by the processor to receive location information from the at least one wireless device and to determine a location of the at least one wireless device relative to the boundary area based on the received location information.
3. The policy server of claim 1, wherein the memory further comprises an instruction executable by the processor to define the boundary area.
4. The policy server of claim 1, wherein the boundary area is located within a collective wireless coverage area provided by the coverage area of each wireless access point of the set of wireless access points.
5. The policy server of claim 1, wherein the first policy allows data packets from the at least one wireless device to pass to external networks and wherein the second policy does not allow data packets from the at least one wireless device to pass to external networks.
6. The policy server of claim 1, wherein the boundary area comprises a portion of a collective wireless coverage area of each of the wireless access points.
7. The policy server of claim 1, wherein the memory further comprises instructions executable by the processor to:
receive a set of points from a calibration device; and
extrapolate the boundary area from the received set of points.
8. A method comprising:
receiving location information related to a wireless device from at least one access point of a set of access points providing a short range wireless network;
determining a location of the wireless device relative to a boundary area defined within a coverage area of the short range wireless network, the boundary area defining a region that is not coextensive with the coverage area; and
selectively associating at least one policy with the wireless device based on the determined location.
9. The method of claim 8, wherein selectively associating at least one policy comprises assigning a first policy when the wireless device is determined to be within the boundary area and assigning a second policy when the wireless device is determined to be outside of the boundary area.
10. The method of claim 8, wherein selectively associating at least one policy comprises controlling the wireless device within the boundary area to use a particular ring tone when the wireless device is located within the boundary area.
11. The method of claim 8, wherein selectively associating at least one policy comprises communicating using a first encryption protocol when the wireless device is within the boundary area and communicating using a second encryption protocol when the wireless device is outside of the boundary area.
12. The method of claim 8, wherein selectively associating at least one policy comprises communicating using a first security key when the wireless device is within the boundary area and communicating using a second security key when the wireless device is outside of the boundary area.
13. The method of claim 8, further comprising:
receiving a plurality of calibration points from one or more calibration devices; and
extrapolating the boundary area from the plurality of calibration points.
14. The method of claim 8, wherein receiving the location information comprises receiving global positioning system (GPS) location data related to the wireless device.
15. The method of claim 8, wherein receiving the location information comprises:
receiving location data from at least three access points of the set of access points; and
performing a triangulation operation based on the location data received from the at least three access points.
16. A network device comprising:
an interface adapted to communicate with a plurality of wireless access points that provide a wireless coverage area;
a network interface adapted to communicate with a network; and
logic adapted to communicate with the interface and the network interface, the logic to determine a location of a wireless device relative to a boundary area that is not coextensive with the wireless coverage area, the logic to enforce at least one location-based policy with respect to the wireless device based on the determined location.
17. The network device of claim 16, wherein the at least one location-based policy comprises a first policy when the wireless device is located within the boundary area and a second policy when the wireless device is outside of the boundary area.
18. The network device of claim 16, wherein the logic is adapted to determine the location of the wireless device by triangulation using data received from at least three of the plurality of wireless access points.
19. The network device of claim 16, wherein the logic is adapted to receive boundary point data and to determine the boundary area from the boundary point data.
20. The network device of claim 16, wherein the boundary point data comprises a set of calibration points associated with a physical dimension of a building.
Beschrijving
    CROSS-REFERENCE TO RELATED APPLICATION(S)
  • [0001]
    This application is a Continuation Patent Application of and claims priority from U.S. patent application Ser. No. 10/890,397, filed on Jul. 13, 2004, entitled “System and method for location based policy management,” which is incorporated herein by reference in its entirety.
  • FIELD OF THE DISCLOSURE
  • [0002]
    This disclosure, in general, relates to systems and methods for location based policy management.
  • BACKGROUND
  • [0003]
    Short-range wireless data networks have become commonplace, being found in homes, coffee shops, and places of business. Short-range wireless standards, such as 802.11x, and to some extent Bluetooth, provide network users with mobility and easy network access. However, this ease of wireless network access poses problems to network administrators including securing network traffic and preventing unauthorized network access.
  • [0004]
    Manufacturers of short-range wireless equipment have attempted to address the security issues posed by intrusive and unauthorized traffic through protocols, such as wireless application protocol (WAP), and encryption mechanisms such as wired equivalent privacy (WEP) and Wi-Fi protected access (WPA). The WAP protocol, for example, provides services for wireless devices that include security layers, such as wireless transport layer security (WTLS), that are designed to provide privacy, data integrity and authentication between communicating applications. WEP is an algorithm used to protect wireless communications from eavesdropping through data encryption. WEP relies upon a key that is shared between a mobile station and an access point. The key is used to encrypt packets before they are transmitted, and an integrity check is used to verify that the packets are not modified in transit. WPA is a security enhancement for Wi-Fi networks that defines the use of the advance encryption standard (AES) as an additional replacement for WEP encryption.
  • [0005]
    However, even with these security methods and mechanisms, wireless networks tend to extend beyond traditional physical boundaries, allowing users outside the boundaries to gain unauthorized access to networks. As such, improved systems and methods for managing access to short-range wireless networks would be desirable.
  • BRIEF DESCRIPTION OF THE DRAWINGS
  • [0006]
    FIGS. 1, 2, 3 and 4 are general diagrams that depict an exemplary short-range wireless network.
  • [0007]
    FIG. 5 is a flow diagram that illustrates an exemplary method for defining a wireless boundary region.
  • [0008]
    FIGS. 6 and 7 are general diagrams that depict exemplary computer systems for providing a short-range wireless network.
  • [0009]
    FIG. 8 is a block diagram depicting an exemplary policy server.
  • [0010]
    FIG. 9 is a block diagram depicting an exemplary wireless device.
  • [0011]
    FIGS. 10 and 11 are flow diagrams illustrating exemplary methods for controlling network traffic.
  • [0012]
    FIGS. 12 and 13 are flow diagrams illustrating exemplary methods for providing a feature policy.
  • DETAILED DESCRIPTION OF THE DRAWINGS
  • [0013]
    In a particular embodiment, a policy server is disclosed that includes a network device interface adapted to communicate with a set of wireless access points via a short range wireless network. Each of the wireless access points has a coverage area. The policy server also includes a processor and a memory accessible to the processor. The memory includes instructions executable by the processor to determine whether at least one wireless device is located within a boundary area, to apply a first policy when the at least one wireless device is located within the boundary area, and to apply a second policy when the at least one wireless device is located outside of the boundary area. The boundary area covers an area that is different from the coverage area of any one wireless access point of the set of wireless access points.
  • [0014]
    In another particular embodiment, a method is disclosed that includes receiving location information related to a wireless device from at least one access point of a set of access points providing a short range wireless network and determining a location of the wireless device relative to a boundary area defined within a coverage area of the short range wireless network. The boundary area defines a region that is not coextensive with the coverage area. The method also includes selectively associating at least one policy with the wireless device based on the determined location.
  • [0015]
    In yet another particular embodiment, a network device is disclosed that includes an interface adapted to communicate with a plurality of wireless access points that provide a wireless coverage area and a a network interface adapted to communicate with a network. The network device also includes logic adapted to communicate with the interface and the network interface. The logic determines a location of a wireless device relative to a boundary area that is not coextensive with the wireless coverage area. The logic enforces at least one location-based policy with respect to the wireless device based on the determined location.
  • [0016]
    In a particular embodiment, the disclosure is directed to a method of controlling network traffic including providing boundary data defining a boundary zone within a short-range wireless network coverage area, determining whether a wireless enabled device is located within the boundary zone, and controlling network traffic received from the wireless enabled device when the wireless enabled device is located outside the boundary zone.
  • [0017]
    In another embodiment, the disclosure is directed to a policy server including a processor, communication circuitry, and memory. The communication circuitry is accessible to the processor and is configured to connect to a set of wireless network access points. The set of wireless access points provide a short-range wireless network coverage area. The memory is accessible to the processor and includes boundary data and computer-implemented instructions operable by the processor to determine whether a wireless enabled device is located within a boundary zone within the coverage area based on data received from the set of wireless network access points. The boundary zone is defined by the boundary data.
  • [0018]
    In a further embodiment, the disclosure is directed to a communications device including long-range wireless communication circuitry configured to access a long-range wireless network, short-range wireless communication circuitry configured to access a short-range wireless network, configurable feature circuitry, and a feature policy driver. The feature policy driver is programmed to receive a feature policy via the short-range wireless communication circuitry and is programmed to configure the feature circuitry based on the feature policy.
  • [0019]
    In another embodiment, the disclosure is directed to a method for managing feature functionality of a wireless enabled device. The method includes providing boundary data defining a boundary zone within a short-range wireless network coverage area, determining whether a wireless enabled device is located within the boundary zone, and determining a feature policy to be applied to the wireless enabled device based on determining whether the wireless enabled device is located within the boundary zone.
  • [0020]
    In a particular embodiment, the disclosure is directed to a system including a set of access points and a policy server. The set of access points establish a coverage area for a short-range wireless network and provide data to the policy server regarding wireless devices within the coverage area. The policy server determines the location of the wireless devices and whether the wireless devices are located within a boundary zone. Based on the location of the wireless device or its location within or outside of the boundary zone, a policy, such as a network traffic policy or a feature policy, may be applied to the wireless devices or network traffic transmitted by the network device. For example, network traffic policies may define network access and network access parameters based on wireless enabled device location. Feature policies may manipulate device features and feature availability based on wireless enabled device location.
  • [0021]
    FIG. 1 illustrates an exemplary short-range wireless network. The exemplary short-range wireless network 100 includes a set of access points 102 that each provide portions 104 of a coverage area. Typically, the coverage area portions 104 may extend beyond traditional physical boundaries or desired access areas. In this exemplary embodiment, the coverage area portions 104 extend beyond a physical boundary 106, such as a building, a room, an office space, a residence, or a shop location. In other examples, the boundaries or desired access areas 106 may include conceptual regions such as patios, balconies, reception areas, gardens, and parks.
  • [0022]
    The nature of the short-range wireless network is such that individuals having wireless enabled devices located within the portions 104 of the short-range wireless network coverage area may receive signals from one or more of the access points 102. An individual within a preferred access area, such as a user 108, may receive data emitted by the access points 102. In addition, a user located outside the preferred access area, such as user 110, may also receive data transmitted from the access points 102.
  • [0023]
    In exemplary embodiments, the access points 102 may provide a short-range. wireless network using standards and protocols, such as Wi-Fi, Wi-Max, Institute of Electrical and Electronics Engineers (IEEE) 802.11x, IEEE 802.15, IEEE 802.16, and Bluetooth. A short-range wireless network may, for example, have an effective coverage area portion provided by an access point, wherein the effective coverage area does not exceed 1000 feet in radius, such as not greater than 200 feet, or not greater than about 50 feet in radius. The short-range wireless network may, for example, provide wireless data network access in proximity to the access points, such as in and around a building, room, residence, office space, shop, or preferred access area. Wireless devices accessing the short-range wireless network may include wireless enabled computational devices, such as portable computers, printers, handheld computational devices, portable digital assistants (PDAs), wireless data network enabled cellular telephones, and other networkable devices. In general, a short-range wireless network is not a cellular or pager based network and is an Internet protocol (IP) based wireless data network. In contrast, long-range wireless networks generally provide wireless networks having a radius greater than about 1000 feet. For example, long-range wireless networks include pager networks and cellular telephone networks, such as time division multiple access (TDMA), code division multiple access (CDMA), and global system for mobile communication (GSM) networks.
  • [0024]
    FIG. 2 depicts an exemplary short-range wireless network 200 that includes a set of wireless network access points 202 that each provide portions 204 of a wireless network coverage area. Users having wireless enabled devices such as users 208 and 210 may be located within the coverage area portions 204 and, as such, may receive network transmissions transmitted from access points 202. A boundary 212 that defines a boundary zone 214 may be established for policy management, such as network traffic policies and feature policies. For example, a server or other network equipment may include boundary data that defines the boundary zone 214 and the boundaries 212. In this exemplary embodiment the boundary zone 214 corresponds closely with a preferred access area such as a room or building 206.
  • [0025]
    The location of a wireless enabled device may be determined using data from the access points. In one exemplary embodiment, a triangulation method uses at least three access points. For example, location may be determined by evaluating timing data associated with a signal reaching several access points. Network equipment such as a server or router device may include instructions for determining location based on timing data provided by the access points. In another exemplary embodiment, the triangulation method may use relative power levels of wireless communications received either at the wireless device or at the access points. The network equipment may determine the location relative to the access points based on these power measurements. In alternative embodiments, methods may be employed such as power measurement methods to determine location using one or two access points.
  • [0026]
    The network equipment may use data from the access points 202 to determine whether wireless devices, such as those co-located with users 208 and 210 are located within the boundary zone 214. In one exemplary embodiment, the network equipment utilizes triangulation methods based on at least three access points 202 to determine the location of a user and whether the user is located within the boundary 212 or the boundary zone 214. Using this determination, the network equipment may determine and implement policies associated with the location of the mobile device, the device's traffic, and/or device features. For example, a user having a wireless device, such as user 208, located within the boundary zone 214 may be provided with or associated with a policy different than a user located outside the boundary zone 214, such as user 210. For example, user 208 located within the boundary zone 214 may be provided with differing security and network traffic controls than user 210 located outside the boundary zone. In another exemplary embodiment the user 208 located within the boundary zone 214 may be provided with one feature policy while a user device 210 located outside of the boundary zone 214 may be provided with a second feature policy.
  • [0027]
    While FIG. 2 depicts a single boundary zone 214, alternative systems may include multiple boundary zones. Boundary data may be used to establish more than one boundary zone. In addition, systems having multiple boundary zones may apply different policies to wireless devices located within different boundary zones or different policies to the same wireless enabled device as it traverses the multiple boundary zones. In this manner, the system may implement multiple policy areas or a policy mapping.
  • [0028]
    In one exemplary embodiment users located outside of the preferred access zone as defined by the boundary zone may be denied network access. FIG. 3 illustrates an exemplary short-range wireless network 300 that implements location based network management. The short-range wireless network 300 may include wireless access points 302 that each provide a portion 304 of a coverage area. Within the coverage area, a boundary 312 may define a boundary zone 314 that represents a preferred access area. In this exemplary embodiment, the preferred access area and boundary zone 314 are located within a physical structure 306. For example, a preferred access region may be located within a building, a room, a residence, an office space, a shop or a patio region. In this exemplary embodiment, wireless enabled devices located within the boundary zone 314, such as devices co-located with user 308 may be provided with network access. For example, the set of access points 302 may provide data to network equipment, such as a server or router that determines the location of the user and determines whether the user is within the boundary zone 314. Network packets provided to and received from the wireless device associated with the user 308 may be transmitted across the wireless network and may be given access to external wired networks. In contrast, wireless enabled devices located outside of the boundary zone 314, such as devices co-located with user 310, may be denied access to the network. For example, network equipment may determine the location of the user 310 based on data from a set of access points 302. Using this location determination, data packets 316 transmitted from the wireless device 310 located outside of the boundary zone 314 may be dropped, discarded, sent to a holding place or trash 318, or treated with policies and algorithms differing from those applied to a wireless device located within the boundary zone 314.
  • [0029]
    FIG. 4 illustrates another exemplary short-range wireless network 400 that includes a set of wireless access points 402 that each provide portions 404 of a wireless network coverage area. In one exemplary embodiment, a boundary and a boundary zone may be established using a set of locations within a coverage area. These locations may be used to establish the boundary and boundary zones, such that they conform closely to a preferred access area or region. In one exemplary embodiment, the user 406, having a wireless enabled calibration device, may provide boundary data to network equipment by calibrating at various points along a boundary path 408. In the exemplary embodiment depicted, the boundary path 408 closely conforms to the physical boundary of a room or building. In alternative examples, the calibration device may provide a set of points from which a boundary may be extrapolated. For example, two boundary points may be used to create a boundary line or a set of boundary measurements, such as power measurements may be used to create a statistical boundary zone or area.
  • [0030]
    In one exemplary embodiment, boundary data and locations may be determined by triangulation between at least three access points. A set of triangulated boundary points may be compared to locations of devices in the coverage area to determine whether the devices are located within a boundary zone. Using this determination, differing network access policies and feature policies may be applied to mobile wireless enabled device.
  • [0031]
    FIG. 5 depicts an exemplary method for providing a boundary zone. As shown at step 502, a set of boundary locations is established. For example, a wireless calibration device may communicate with network equipment to establish a set of locations along a boundary. This set of locations may be converted to boundary data that defines a boundary zone. In this manner, the boundary zone is determined, as shown at step 504.
  • [0032]
    FIG. 6 depicts an exemplary system 600 for establishing a short-range wireless network. A device 602, such as a wireless hand-held electronic device, a wireless enabled laptop or a short-range wireless enabled cell phone, may interact with access points 604 when located within the coverage area of the short-range wireless network. The access points 604 collect data associated with the location of the wireless device 602 and transfer that data via a router or other network equipment 606 to a policy server 608. For example, the access points 604 may record a time that a signal was received. This signal arrival time may be transferred to the policy server 608 and the policy server 608 may determine the location of the wireless device within a coverage area based on the reported signal arrival times from each access point 604. The policy server 608 compares the location with boundary zone data to determine whether the wireless device 602 is located within a boundary zone. The policy server 608 implements and associates policies with the wireless device 602 based on its location relative to a boundary zone. For example, the policy server may implement network traffic controls based on the location of the wireless device 602. In one exemplary embodiment, the policy server 608 manipulates network equipment, such as network equipment 606, to control network traffic received from the wireless device 602. In one example, network traffic received from the wireless device 602 when the wireless device 602 is located within a boundary zone is permitted to pass to external networks. In another example, network packets transmitted from the wireless device 602 when the wireless is outside of a boundary zone are dropped or discarded. In another exemplary embodiment, the policy server 608 may implement additional security protocols for devices accessing the network based on their location relative to the boundary zone. For example, a policy server may implement a network that uses different encryption protocols or different security keys based on the location of the wireless device.
  • [0033]
    In another embodiment, the policy server 608 may interact with the wireless device 602 and control its features and feature activation based on the location within the coverage area. For example, if wireless device 602 is a short-range wireless enabled cellular telephone, the policy server 608 may interact with the cellular telephone to manipulate features located on the cellular telephone based on the phones location. For example, the policy server may manipulate ring tones, ring volume and vibration modes on a cellular telephone based on the cellular telephone's location. In another exemplary embodiment, the policy server manipulates or deactivates camera features on a camera enabled cellular telephone based on its location within the coverage area. Additional exemplary features and feature policies are described below.
  • [0034]
    FIG. 7 depicts an alternate embodiment of a system where a policy server is implemented within network equipment. The system 700 includes a set of access points 704 connected to network equipment 706. The access points 704 interact with the wireless device 702 to gather data that may be used in determining the wireless device location. The network equipment 706 uses this data to determine the location of the wireless device. Using the location, the network equipment may compare the location of the wireless device to boundary zone data to determine the location of the device relative to the boundary zone. In response, the network equipment may implement policies, such as network traffic controls and feature policies, based on the relative location of the device 702 to a boundary zone.
  • [0035]
    FIG. 8 depicts an exemplary policy server 800. The policy server 800 may be a separate computational system or may be implemented within other data network equipment. The policy server includes processors 802, network and device interfaces 804, and storage 806, such as memory. The storage or memory 806 includes boundary data 808 and programs and instructions 812, and may include policy data and/or algorithms 810.
  • [0036]
    The network and device interfaces 804 interact with access points and network equipment. For example, the network and device interfaces 804 include interfaces to a wired network and interfaces to access points that implement a wireless short-range wireless network. Through this interaction with the access points, data associated with the location of a wireless device are transferred to the policy server 800.
  • [0037]
    Programs and instructions 812 are operable by the processors 802 to determine the location of the wireless device within the short-range wireless network coverage area based on the data received from the access points. For example, the programs and instructions 812 may include location determination logic. In addition, the program and instructions 812 may also include software instructions for comparing the location of the wireless device to boundary data 808. From this comparison, the system determines whether particular wireless devices are located within or outside of the boundary zone. The programs and instructions 812 may further include software instructions for implementing policies, such as network traffic controls and feature policies, based on the location of the wireless device. For example, software instructions 812, operable by the processors 802, may be configured to access policy data and algorithms 810 to determine selected policies to implement based on the relative location of the wireless device to a boundary zone. For example, the system 800 may implement network traffic controls based on the location of the wireless device. In another exemplary embodiment the system 800 may implement feature policy controls based on the location of the wireless device.
  • [0038]
    In one particular embodiment, the wireless device may be implemented as a cellular telephone or portable hand-held device with cellular telephone functionality. In another exemplary embodiment, the wireless device may be configured to access both a long-range network, such as a pager or cellular network, and a short-range network. FIG. 9 depicts an exemplary device that includes both long distance communication circuitry 902 and short-range wireless communication circuitry 904. For example, the long-range communication circuitry 902 may be implemented as a cellular telephone transceiver. The short-range wireless communication circuitry 904 may, for example, interact with a short-range wireless network. In exemplary embodiments, the short-range wireless network includes networks utilizing protocols and standards, such as IEEE 802.11x, IEEE 802.15, IEEE 802.16, Bluetooth, Wi-Fi, and Wi-Max. In addition, to the communications circuitry 902 and 904, the device 900 includes feature devices and circuitry 906 and a feature policy driver 908. The feature devices and circuitry 906 may include circuitry that enables inbound calling, outbound calling, ringer volume levels, text messaging, voice alert messaging, camera features, web access features, application features, such as JAVA based application, games, voice-over-IP (VoIP). The feature policy driver 908 interacts with the feature devices and circuitry 906 to activate, enable, disable, deactivate or manipulate the parameters or policies associated with those devices and circuitry 906. For example, the feature policy driver 908 may deactivate a camera capability or web feature when a device is located within a boundary zone. In another example, the features policy driver 908 may activate or deactivate application environments such as JAVA application environments based on a location of the device relative to boundary zones. In a further example, the feature policy driver 908 may initiate downloading of applications.
  • [0039]
    In one exemplary embodiment, when the device 900 enters a coverage area of a short-range wireless network, short-range wireless communications circuitry 904 interacts with access points to establish a location of the wireless device 900. A policy server associated with the short-range wireless network determines a feature policy based upon the location of the wireless device within the coverage area relative to boundary zones or a policy mapping. The policy server transmits a feature policy to the device via the short-range wireless network. The feature policy driver 908 implements feature policies that manipulate the feature devices and circuitry 906. For example, the features policy server may transmit a feature policy that disables or deactivates camera features within camera enabled cell phones.
  • [0040]
    In one exemplary embodiment, a school may implement a policy that disables game features and JAVA-based applications within classrooms. In this example, the school may establish a short-range wireless network with boundary zones associated with classroom locations. When wireless enabled devices including a feature policy driver are located within the classroom boundary zones, features such as games, JAVA applications, cameras, and ringer volume may be manipulated, disabled or shut off. Similarly, an establishment may establish a boundary zone closely associated with restrooms and locker rooms. In such boundary zones, features such as cameras may be disabled. In a further exemplary embodiment, movie theaters may activate vibration or silent modes within theaters by applying feature policies to features policy enabled devices.
  • [0041]
    In another exemplary embodiment, a policy server may communicate with feature policy enabled devices utilizing voice alert messages and text alert messages. For example, the policy server may provide a text alert message indicating that the device is entering a restricted zone or that a certain feature policy will be enacted. A similar message may be provided by a voice alert. In a further example, features, such as voice over IP capabilities, may be enabled or disabled based on locations within the coverage area relative to the boundary zone.
  • [0042]
    FIG. 10 depicts an exemplary method for controlling network traffic. The method includes providing boundary data, as shown at step 1002. The boundary data may include a set of boundary locations that are used to establish a boundary zone or region. When a wireless device enters the short-range wireless network coverage area, the system determines the location of the wireless device, as shown at step 1004. For example, the system may use a time-based triangulation technique utilizing at least three wireless access points. In another exemplary embodiment, the system may use a power-based technique for determining wireless device location. Determining the location of the wireless device may further include comparing a location to the boundary data to determine whether the location is within a boundary zone. Based on the location relative to the boundary zone, the system may control network traffic, as shown at step 1006. For example, the system may discard packets received from devices located outside of the boundary zone.
  • [0043]
    FIG. 11 depicts a method for controlling the network traffic. The method 1100 includes receiving a packet from a wireless device, as shown at step 1102. A determination is made as to whether the device is within the boundary zone or region, as shown at step 1104. For example, the system may periodically determine the location of the wireless device relative to the boundary zone. The system may, for example, set a flag that indicates whether the device is in or out of the boundary zone. This flag may be checked to determine whether a packet received from the device should be forwarded or discarded.
  • [0044]
    If the device is determined to be in the boundary zone, the packet is forwarded, as shown at step 1108. If the device is not within the boundary zone, the packet is dropped or discarded, as shown at step 1106.
  • [0045]
    Policies may also be implemented as feature policies that manipulate and control features of a device enabled to receive the feature policies. FIG. 12 depicts an exemplary method for controlling features policies. Boundary data is provided, as shown at step 1202. When a wireless device enters a coverage area of a short-range wireless network, the location of the wireless device is determined, as shown at step 1204. For example, the system may utilize a triangulation technique or a power-based technique to determine the location of the device. Determining the location of the device may further include comparing the location to the boundary data to determine the location of the device relative to a boundary zone. Based on the location of the device relative to the boundary zone, the system determines a feature policy, as shown at step 1206. For example, one feature policy may apply to a device when it is located within a boundary zone and a second feature policy may apply to the device when it is located outside of the boundary zone. The system provides the location based feature policy to the wireless device, as shown at step 1208.
  • [0046]
    A device enabled to communicate via the short-range wireless network and including a feature policy driver, may receive the feature policy, as shown at step 1302 in FIG. 13. The feature policy may, for example, deactivate features, such as cameras. The feature policy driver on the device may enact the feature policy, as shown at step 1304. For example, the feature policy driver may deactivate camera capabilities within the cellular telephone.
  • [0047]
    While the examples depict utilize a boundary that is determined based on data associated with a short-range network, a boundary zone may be determined using long-range networks and policies and features applied based on location within the long-range network. For example, location may be determined by GPS or cellular triangulation and policies applied to devices based on a policy mapping within the cellular network. Policies, such as the feature policy or network policy, may be implemented on a long-range network. In addition, IP-based communications protocols may be implemented that extend beyond the typical range of short-range wireless networks. In one exemplary embodiment a Wi-Max or IEEE 802.16 network that has a long-range coverage area may be used to implement boundary zones.
  • [0048]
    The above-disclosed subject matter is to be considered illustrative, and not restrictive, and the appended claims are intended to cover all such modifications, enhancements, and other embodiments, which fall within the true scope of the present invention. Thus, to the maximum extent allowed by law, the scope of the present invention is to be determined by the broadest permissible interpretation of the following claims and their equivalents, and shall not be restricted or limited by the foregoing detailed description.
Patentcitaties
Geciteerd patent Aanvraagdatum Publicatiedatum Aanvrager Titel
US5432842 *17 maart 199211 juli 1995Hitachi, Ltd.Mobile communication switching across cell boundaries
US5850444 *9 sept 199615 dec 1998Telefonaktienbolaget L/M Ericsson (Publ)Method and apparatus for encrypting radio traffic in a telecommunications network
US6178506 *23 okt 199823 jan 2001Qualcomm Inc.Wireless subscription portability
US6236852 *11 dec 199822 mei 2001Nortel Networks LimitedAuthentication failure trigger method and apparatus
US6271757 *21 juli 19997 aug 2001Invisible Fence, Inc.Satellite animal containment system with programmable Boundaries
US6813501 *27 feb 20012 nov 2004Nokia Mobile Phones, Ltd.Location dependent services
US6907254 *8 maart 200114 juni 2005Cisco Technology, Inc.Method and apparatus for controlling a quiet zone for wireless units
US7591020 *18 jan 200215 sept 2009Palm, Inc.Location based security modification system and method
US20030017826 *10 sept 200123 jan 2003Dan FishmanShort-range wireless architecture
US20030118015 *20 dec 200126 juni 2003Magnus GunnarssonLocation based notification of wlan availability via wireless communication network
US20030186710 *12 maart 20012 okt 2003Ahti MuhonenService provision in a communication system
US20030207683 *6 mei 20026 nov 2003Jarkko LempioLocation-based services for mobile stations using short range wireless technology
US20030220116 *22 april 200327 nov 2003Axis AbMethod and apparatus for determining the position of a portable device
US20040014422 *19 juli 200222 jan 2004Nokia CorporationMethod and system for handovers using service description data
US20040053645 *13 sept 200218 maart 2004Cyril BrignoneDefining a smart area
US20040137912 *17 okt 200315 juli 2004Ie-Hong LinMethod and apparatus for identifying transmitters in a wireless communication system using power predictions
US20040162084 *14 feb 200319 aug 2004Atheros Communications, Inc.Positioning with wireless local area networks and WLAN-aided global positioning systems
US20040166901 *17 feb 200426 aug 2004Ntt Docomo, Inc.Radio communication method and base station
US20040203856 *16 mei 200214 okt 2004Wigren Karl TorbjornAltitude determination and distribution in cellular communication systems
US20050207395 *2 april 200222 sept 2005Jahangir MohammedMethod for authenticating access to an unlicensed wireless communications system using a licensed wireless communications system authentication process
US20050239479 *22 april 200427 okt 2005Bednasz Kenneth MHands-free reminder for a wireless communications terminal
US20050260972 *6 april 200524 nov 2005Broadcom CorporationEnabling and controlling access to wireless hot spots
US20050260998 *19 mei 200424 nov 2005Lorenzo CasacciaChannel estimation and channel quality indicator (CQI) measurements for a high-speed downlink GPRS
US20050277428 *13 mei 200415 dec 2005International Business Machines CorporationLocation-based control of wireless communications device features
US20060264211 *27 juli 200623 nov 2006Amit KalhanSystem and method for determining when to exit a wireless communication coverage network
US20100220630 *6 mei 20102 sept 2010Strix Systems, Inc.Self-configuring, self-optimizing wireless local area network system
US20120196670 *13 april 20122 aug 2012Bally Gaming International, Inc.Network gaming system
Verwijzingen naar dit patent
Citerend patent Aanvraagdatum Publicatiedatum Aanvrager Titel
US7769394 *6 okt 20063 aug 2010Sprint Communications Company L.P.System and method for location-based device control
US8145241 *30 juni 200527 maart 2012Armstrong, Quinton Co. LLCMethods, systems, and computer program products for role- and locale-based mobile user device feature control
US82388791 dec 20107 aug 2012Armstrong, Quinton Co. LLCPolicy-based controls for wireless cameras
US862615619 okt 20117 jan 2014Tekelec, Inc.Methods, systems, and computer readable media for selective policy enhancement (PE) for high-usage roamers
US86605342 juli 201225 feb 2014Armstrong, Quinton Co. LLCPolicy based controls for wireless cameras
US868162219 dec 201125 maart 2014Tekelec, Inc.Policy and charging rules function (PCRF) and performance intelligence center (PIC) based congestion control
US869398731 dec 20088 april 2014Airvana LpFemto personal policy server
US8738029 *21 feb 201227 mei 2014Armstrong, Quinton Co. LLCMethods, systems, and computer program products for role- and locale-based mobile user device feature control
US878717420 dec 201022 juli 2014Tekelec, Inc.Methods, systems, and computer readable media for condition-triggered policies
US8812020 *3 okt 201119 aug 2014Tekelec, Inc.Methods, systems, and computer readable media for location-based policy enhancement
US9066194 *26 aug 201023 juni 2015Binj Laboratories, Inc.System and method for detecting and controlling transmission devices
US910676910 aug 201211 aug 2015Tekelec, Inc.Methods, systems, and computer readable media for congestion management in a diameter signaling network
US91855103 maart 201110 nov 2015Tekelec, Inc.Methods, systems, and computer readable media for managing the roaming preferences of mobile subscribers
US9210569 *31 dec 20088 dec 2015Commscope Technologies LlcFemto personal proxy application client
US936991015 juli 201314 juni 2016Tekelec, Inc.Methods, systems, and computer readable media for dynamically controlling congestion in a radio access network
US947392815 juli 201318 okt 2016Tekelec, Inc.Methods, systems, and computer readable media for policy-based local breakout (LBO)
US958915010 juni 20157 maart 2017Alibaba Group Holding LimitedManaging confidential information
US20050008001 *13 feb 200413 jan 2005John Leslie WilliamsSystem and method for interfacing with heterogeneous network data gathering tools
US20070004386 *30 juni 20054 jan 2007Singh Munindar PMethods, systems, and computer program products for role-and locale-based mobile user device feature control
US20100167694 *31 dec 20081 juli 2010Chiussi Fabio MFemto personal policy server
US20100167718 *31 dec 20081 juli 2010Chiussi Fabio MFemto personal proxy application client
US20110065452 *26 aug 201017 maart 2011BINJ Labs.System and method for detecting and controlling transmission devices
US20110069188 *1 dec 201024 maart 2011Singh Munindar PPolicy-Based Controls For Wireless Cameras
US20110158090 *20 dec 201030 juni 2011Yusun Kim RileyMethods, systems, and computer readable media for condition-triggered policies
US20110217979 *3 maart 20118 sept 2011Petrus Wilhelmus Adrianus Jacobus Maria NasMethods, systems, and computer readable media for managing the roaming preferences of mobile subscribers
US20120094685 *3 okt 201119 april 2012Peter Joseph MarsicoMethods, systems, and computer readable media for location-based policy enhancement
US20120149337 *21 feb 201214 juni 2012Armstrong, Quinton Co. LLCMethods, systems, and computer program products for role- and locale-based mobile user device feature control
US20160088608 *30 april 201324 maart 2016Telefonaktiebolaget L M Ericsson (Publ)Radio communication policy allocation in a network node
US20160234218 *29 juni 201511 aug 2016Fu Tai Hua Industry (Shenzhen) Co., Ltd.Application permission management device and method therefor
Classificaties
Classificatie in de VS370/338, 455/456.1, 455/410, 342/357.46
Internationale classificatieH04M1/66, H04B7/00, H04W64/00, H04W84/12, H04W4/02, G01S19/35, G01S19/17, G01S19/34, G01S19/09
CoŲperatieve classificatieH04L67/18, H04W4/02
Europese classificatieH04L29/08N17, H04W4/02
Juridische gebeurtenissen
DatumCodeGebeurtenisBeschrijving
11 sept 2007ASAssignment
Owner name: SBC KNOWLEDGE VENTURES, L.P., NEVADA
Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:SBC KNOWLEDGE VENTURES, L.P.;WALTER, EDWARD;REEL/FRAME:019809/0969
Effective date: 20040827