TWI255626B - Mobility device platform system and method, and computer readable medium thereof - Google Patents

Abstract

A mobility device platform allowing for secure mobile computing is provided. In an illustrative implementation, an exemplary mobility device platform comprises a mobility device operable to communicate with at least one computing environment through a communications interface and wherein the mobility device is operable to process and store secure web services, a communications network operable to communicate data and computing applications using web services, and a mobility device management server operable to generate, process, store, communicate and encrypt web services to the mobility device. Further, the mobility device management server is operable to perform one or more mobility device management functions to provide encryption keys to cooperating mobility devices and to authenticate and verify cooperating mobility devices requesting web services from the mobility device management server. The mobility device management server and mobility device may further operate to perform authentication and verification using user identification and password information.

Description

1255626 IX. INSTRUCTIONS: Claims Priority and Cross-Reference The patent application claims the following US provisional patent applications: September 29, 2003, No. 60/507,197 entitled "GO-KEY SYSTEM"; 2003 9 On the 29th of the month, the 60th No. 06, 9 18 was named "G〇-KEY ONLINE MUSIC SUBSCRIPTION AND DISTRIBUTION APPLICATION AND SERVICE"; on September 29, 2003, No. 60/506,919 was named "GO-KEY E- MAIL APPLICATION AND SERVICE"; on September 29, 2003, No. 60/506, 925 was named "GO-KEY MOBILE DESKTOP ENVIRONMENT"; on January 22, 2004, No. 60/543,735 was named "MDMS"; 2004 1 On the 22nd of the month, No. 60/538,763 was named "OMNI FILE SYSTEM (OFS)"; on January 22, 2004, No. 60/538,915 was named "UDDI DIRECTORY"; and January 22, 2004, No. 60/ 538,767 is entitled "UDDI REPOSITORY", the disclosure of which is incorporated herein by reference. In addition, the present patent application is related to the following patent applications and is hereby incorporated by reference herein in its entirety herein in its entirety in the the the the the the the the the MOBILITY DEVICE SERVER (Attorney Profile No. 45597/196321); and April 30, 2004, No. 1/836,933 entitled "MOBILITY DEVICE" (Agency File Number: 45597/196314). FIELD OF THE INVENTION The systems and methods described herein relate to mobile computer technology and, most importantly, to a server that allows for the use of mobile devices, communication networks, and mobile devices for security. Mobile device for remote mobile computer operations [prior art], in. Businesses and individuals - the growing need for mobility as part of their computer. For the enterprise's ability to act, it is allowed to deploy people in various geographical locations, so that enterprises can provide better services to customers. For example, large pharmaceutical companies will be close to the “live” department of future customers (for example, doctors). In this context, "on-site" personnel will want to access confidential lock sales and market information and computer applications through secure connections. With the current 2 solution, these people will usually continue to "synchronize" their data with the company's network through an Anjun's $(6) network connection (for example, a virtual private network) at the end of the working day. jobs. (4) Under the individual's ability to seek the mobility of their computer environment, so that they can easily obtain their (4) and computer application private, and continue to maintain the "connected state" during the communication between the Internet and the Internet. "." In order to respond to the needs of mobile computer operations, computer environment manufacturers have developed mobile computer technology (such as 'independent, connected networks and/or internal, when people use slaves to use their computer environment. Such actions The device is designed to allow users to "carry" their broadcasts and applications at any time. Although these devices are used, they tend to be inefficient due to their size, processing power and portability. Due to their limitations. Following the usual large-scale portable computer, it should be (four) to have all the necessary slots and computer vaporization. Such a scheme is based on the computer operating system (the design of the computing itself is based on the use of the device-centric Electric 96374.doc 1255626 Using the "device-centric life-month package operation" computer users can be remotely and securely accessed by remote communication applications (eg, ,,,,, work, virtual private networks) Accessing files, but still wonderful 1 will carry large and bulky computer equipment to retrieve their data and computer should be -& e ^ column is important, the use of the device for the middle Computer work a ^ ^ ^ Users will generally be equipped with a device based on the needs of corporate computer operations (examples. ^ y ^ , ^ U ], for example, corporate PC or laptop) 'and will be at home Have a personal environment - or multiple computer environments. In the process of maintaining multiple computer environments, the computer user is responsible for synchronizing the self-deactivation & α = target preferences and settings between many different computer environments. This is a very difficult task for the dog, and it is often frustrated by the inability of computer users to access the required data and/or computer applications between different computer environments. For example, 'computer users will want to be at any time. Manage your monthly financial plan management data from your own financial planning (for example, Quicken, Hall (10), to handle possible payment payments (approximate bills). Apply the current plan Computer users need to install financial planning management computers on each: brain environment (including corporate computers, which may violate corporate computer operating policies and procedures) Programs and materials to allow access to the information you want. By contrast, companies will want to efficiently and immediately terminate all access to the confidential company's materials from dismissed employees. fBased on device-centric computer operations In the current implementation, the staff will be asked to know their computer environment (for example, a laptop, a personal computer, a mobile bag, or a personal digital assistant). In addition, the company’s corporate directory will be terminated by the employee who will be dismissed. Information, so that the use of company information by 96374.doc 1255626 for the reason of the right to work from the enterprise computer environment based on the current implementation, to the limit. However, the collection of such devices and the termination of the storage time. This period of operation will Caused the staff to file for future use. In this case, confidential corporate information may be disclosed. As described in the article, we need to overcome the current implementation. [Summary of the Invention] / Invention Revealed - A mobile device that protects the security of mobile computer operations. In an exemplary implementation, an exemplary electronic device includes: a mobile device operable to communicate with at least one computer environment via a communication interface, and wherein the mobile device is operable to process and store secure web services; a communication network operable to communicate data and computer applications using a web service; and a mobile device management server operable to generate, process, store and encrypt the fun of the mobile device. In addition, the mobile device management server is operable to perform one or more actions, to provide an encryption key to the cooperative mobile device, and to authenticate and confirm the request to the mobile device management server. A mobile device for the cooperation of services. The mobile device management server and the mobile device are further operative to perform authentication and confirmation using user identification and password information. In operation, the exemplary mobile device is configured to operate in a cooperative computer environment. In addition, the mobile device establishes communication with one or more mobile device management servers and attempts to manage the server using the selected authentication and confirmation information by one or more mobile device management servers. To be identified. After identification and confirmation, one or more of these collaborations will use the Web service to process the data and computer application requirements from the example 96374.doc 1255626 Sexual Mobile Devices. The cooperation - or the eve of the server, uses the exemplary selected authentication and confirmation information (eg, a key) to encrypt the Web service to allow one of the combinations = Or a plurality of mobile device management word servers and the exemplary mobile device = fully communicating the required data and computer applications. The following description f further illustrates the system and the other features of the description described herein. [Embodiment] Overview: The systems and methods described herein refer to a "user-centric" approach to computer operations and mobile computer operations. Current computer work programs (enterprise or individual) are generally designed to use a "device-centric" model. The device-centric model is designed to manage and track users based on device assignments and assignments. For example, in the context of corporate computer operations, the corporate computer environment can include several computer environments and many client-side computer environments. In general, every user in the enterprise has a client-side computer environment (for example, a personal computer or a laptop-type eagle.) The network of the client computer (4) is connected to the corporate communication interface. The server computer environment H, if the two are in the (4) enterprise communication network, is connected to the enterprise communication network through the virtual private network / Qing client computer environment. Another 'in the smart enterprise computer In the environment, the user's user information and password information will be provided through the directory service used to establish the user right...~ the relevance of the industry and the computer application. , Brother, Tong "Only allow users to use their own 96374.doc -10- 1255626 preferences and settings from the computer environment, so that if users roam across the network and board a non-owned computer With the ring material, you can't access your own custom preferences and 夂§ 疋 and 5 疋. This problem usually occurs in business users, and you will want to maintain it. Corporate computer Preferences and settings between the environment and its personal computer (plus - 丄) self-clothing ^ (for example, a computer in 豕) (such as browser bookmarks, desktop appearance and operation, color configuration, application Layout and file directory structure) synchronization, which usually requires manual synchronization. In addition, 'using the existing enterprise computer environment to manage many client-side computer environments becomes a heavy task. ##, the company's information technology department employs dozens of People (and not hundreds of people) support the computer environment of many users and users. In addition to the actual management, it also proposes a device-centric computer operation model for enterprise data integrity and security. Enterprise computer users usually need to copy and contain confidential corporate materials at their own discretion. Since it is a heavy work to prevent unauthorized copying of enterprise slots and data, most companies ignore this. For businesses and individuals, the limitations of this existing implementation may be extremely costly. The system and method of this article is intended to provide The shortcomings of the existing implementation are improved by a mobile device platform (MDp) designed with a "user-to-center" fork. In an exemplary implementation, the mobile device includes at least one mobile device (MD), the mobile device Operable to communicate through communication interfaces (eg Universal Serial Port (USB), IEEE 1394 communication interface (Firewire), 802.XX communication interface, blumet〇〇th (Bluetooth) communication interface, PC interface small computer serial interface and wireless Application Protocol (WAP) communication 96374.doc 1255626) to communicate with one or more cooperating computer environments (eg, personal computers, personal digital assistants, mobile phones, networked computers, and other computer environments). Additionally, the mobile device platform includes one or more mobile device management servers (MDMS) that operate to authenticate, validate, and provide user management for the cooperating mobile device and its users. In operation, the mobile device can cooperate with one or more computer environments for invoking - or multiple work environments to handle web services. The web services can be executed from data and computer applications located in the MD native, or the MD can cooperate with one or more MDMSs to obtain the requested web services. The MDMS operates to authenticate the requesting party MD, thereby ensuring that the claiming party MD has rights and rights regarding the required web services. In addition, the MDMS can also collaborate with third-party web service providers to obtain the required web services. In this context, the MDMS can take actions to translate the non-MD native web service format into a native MD web service. When a Web service is communicated from the MDMS to a plurality of cooperating MDs, both the MDMS and the MD use user and device authentication and confirmation messages for 1028 bit and/or 2056 bit encryption (e.g., PKI encryption). The web services provided by the MDMS to the MD may include, but are not limited to, a computer application and desired information. In addition, the MD can operate to store the custom settings and preferences of the participating users to the MD's local device, allowing the user to obtain custom settings and preferences at any time. By using the mobile device platform in this way, users can work in any number of collaborative computer environments, as long as the user is confident that they can access their custom settings and preferences in a collaborative computer environment, the most important 96374. Doc -12- 1255626 is to securely access your own computer applications and files (for example, as a web service).

Web services: Services (generally known as Web services or application services) that are provided through communication networks such as the Internet are growing. Similarly, technologies to promote such services are also growing. A web service can be defined as any source of information for executing a business logic program based on a convenient package for use by a user-based application. The growth of Web services means that Web services can be used to provide functionality on the Web. Web services typically include a combination of programming and data that enables users and other network-connected applications to obtain Web services from an application server. Web services cover services such as storage management and customer relationship management, and extend down to more limited services such as providing stock instant quotes and checking auction item bid prices. Actions that focus on defining and standardizing the use of Web services include developing Web Services Description Language (WSDL). WSDL is an Extensible Markup Language (XML) format for describing Web services as being used for A set of end points for processing messages with file-oriented or program-oriented information. The assignments and messages are described in an abstract manner and then bound to the concrete network protocol and the message format defining the end point. The relevant specific end points are combined into an abstract end point (service). At present, the widely used model of Web service usage is as follows: (1) The service system is implemented and deployed on a site (commonly referred to as the server side).

(2) SERVICE is described using WSDL and distributed through UDDI 96374.doc -13-1255626 (Universal Description, Discovery, and Integration; general description, exploration and integration). UDDI is a global enterprise. XML-based registry, which is included on the Internet in accordance with the provided Web services. (3) The client application uses the Web service at other sites (often referred to as the client side) by first interpreting one or more WSDL files. After interpretation, the client can understand the characteristics of the related services. For example, the service characteristics may include service API specifications such as: (tick input data type; (... service input data format; (c) service access mechanism or style (eg, Rpc vs. suffocate service); and (sentence related Encoding format (4) The client application prepares the data in a way that various web services understand. ' (5) The way the client application is specified by a specific service (for example, the way specified in the relevant WSDL file) To invoke the service. The input data format and calling method of various web services are different. For example, suppose an application service provider provides a service (getChy Weather), which requires a custom city name (for example, §...

Lake City's custom city name is SLC). A client application that expects to invoke such a service must write 八 , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , During the execution period, the appropriate symbols are used to transfer the prepared symbols to the getCityWeather service site. However, assume that other application service providers provide similar services but require two input parameters, such as city stone % and postal code. Because the client application is expected to call these two services, it must take into account the required service input parameters to properly analyze and retrieve its information. Therefore, if _ is one early application and it is expected to call these two services, you must use the service-specific API API and program to hard code the application. Another 'if-single-application expectation To invoke many services, you must hard code the application with every API and all service-related API mitigations and programs that the application expects to call. As mentioned above, various web services can provide similar functionality, but in different ways. The systems and methods described herein are directed to improving such differences by providing a mobile device platform with a subscription device management server. In addition to other items, the mobile device management server includes a web service translation module. The web service translation module operates to accept information from the web service provider and to provide the web service as a prototype of the web service model to the cooperative mobile device. Simple Object Access Protocol (SOAP) Overview: Simple Object Access Protocol (SOAP) is a lightweight XML-architecture protocol for exchanging information in a decentralized, decentralized environment. . SOAP supports different styles of information exchange, including: Remote Procedure Call (RPC) style, which allows for request-response processing, where an end point receives a procedure oriented message (procedure oriented message) And reply to a correlated response message. Message-oriented information (Message-oriented information 96374.doc • 15- 1255626 exchange), which supports organizations and applications that need to exchange commercial or other types of documents, which will send a message, but the sender will not expect or wait for a message Respond immediately. In general, SOAP messages consist of a SOAP envelope (which encapsulates two data structure SOAP headers and SOAP bodies) and information about namespaces (used to define SOAP messages). The header is an option; if there is a header, the header carries information about the requirements defined in the SOAP body. For example, the header can contain transaction, security, content, or user profile information. The topic contains a Web service request in XML format or a response to the request. The following diagram shows the high-level structure of SOAP messages. When using SOAP messages to carry web service requests and responses, SOAP messages can follow a web service definition language (WSDL) that defines the available web services, WSDL can define SOAP messages for accessing web services, A protocol that can be used to exchange SOAP messages and an Internet location where Web services can be accessed. WSDL descriptors can reside in UDDI or other directory services, and can also be configured via configuration or other means (eg, SOAP requires a reply) In the main body) to provide WSDL description items. There is a SOAP specification (for example, w3 SOAP specification, please visit www.w3.org for relevant information) to provide standard coding methods for requirements and responses. The XML structure description is used in the specification ( XML Schema) describes the structure and data type of the message payload. The SOAP method for the message and response of the Web service is: 96374.doc -16- 1255626 The SOAP client uses the S〇AP specification and contains The XML file required by the monthly service. The SOAP client transmits the file to a §Ap server, and the SOAP serv executed on the server Let will use (for example, HTTP or HTTPS) to process the file.

The web service receives the SOAP message and dispatches the message as a service invocation to the application for providing the requested service. Again using the SOAP protocol, a response from the service is passed back to the SOAP server, and the message is sent back to the original sA client 0, although this article describes s〇Ap as applicable to the description herein. Communication protocols for systems and methods, but the description is merely illustrative, and the systems and methods described herein may employ various communication protocols and messaging standards. Illustrative computer environment diagram 1. An exemplary computer system that does not according to the systems and methods described herein is capable of executing various operating systems (10) and computer applications that can be operated on the operating system. Program, (for example, WeM Liu Yu and m Wang Electric System to shake the face environment) • —— Wen: Ren Yiyue Ε » Computer-readable type of the body, the main? Day 7 Where and how to store and access this flip. Such software can be left _ _ in the central processing early (CPU) 11 0 line to promote the data processing vehicle, first 100 operations. In many known 1 servers, the disk &I + is used to connect the microelectronic chip 0:1}11 to the 96374.doc 1255626 workstation and PC central processing unit 丨i 〇. The secondary processor i 1 5 is - an optional processor different from the primary CPU 110 for performing additional functions = * secondary CPU 110. The CPU 11〇 can be connected to the sub processor - U5 via the interconnect H2. One general type of secondary processor is a floating point arithmetic secondary processor, also referred to as a numerical or mathematical secondary processor, which is designed to perform numerical calculations faster than the general purpose CPU 110. It will be apparent that although the illustrative computer environment shown in the figures includes a single CPU 110, this description is merely illustrative and the computer environment (10) may include a number of CPUs 110. In addition, the computer environment 100 can also utilize resources of the remote CPU (not shown) through the communication network xin 160 or other data communication components (not shown). During operation, the CPU 110 retrieves, decodes, and executes the instructions, and transmits and transmits information to the poor source via the computer's primary data transmission path (system bus i 0 5). This system bus connects the components in the computer environment 100 and defines the data exchange medium. The system bus 105 typically includes a data line for transmitting data, an address line for transmitting an address, and a control line for transmitting the k/f and for operating the system bus. A common example of this system is the PCI (Peripheral Component Interconnect) bus. Some of today's advanced bus bars provide a function called bus arbitration for managing expansion card, controller and CPU 110 access to the bus. Devices that are attached to their busbars and arbitrate to take over the busbar are called bus masters. The ribbed bus master also allows the multiprocessor configuration of their busbars to be established by attaching busbar master cards containing processors and supporting chips. - The memory device coupled to the system bus 105 includes random access memory 96374.doc -18· 1255626 body (RAM) 1 25 and read only memory (ROM) 1 3 0. Such memory contains circuitry that allows storage and operation of information. ROM 130 typically contains stored material that cannot be modified. The CPU 110 or other hardware device can read or change the data stored in the RAM 150. Access to RAM 125 and/or ROM 130 can be controlled by memory controller 12A. The memory controller 12 can provide a address translation function for translating the virtual address into the physical address of the instruction. The memory controller 120 can also provide a memory protection function for isolating the processing sequence in the system and the isolation system processing sequence (system ^ (10) to ^ and the user process (user process). Therefore, executing the program in the execution mode Generally, only the memory mapped by the processed virtual address space can be accessed, and the memory in the other processing virtual address space cannot be accessed unless the memory sharing between the processing sequences is set. 100 may include a peripheral device controller 135 that is responsible for communicating instructions from the CPU 11 to peripheral devices, such as printer 14 键盘, keyboard 145, mouse 15 〇, and data storage 155. Display 165 ( The purpose of the controlled display controller 163) is to display the visible output produced by the computer system 100. Such visible output can include text, graphics, animation, and video. CRT type video display, lcd type flat panel display, gas power can be used. A display device 165 is implemented in the form of a paddle flat panel display, a touch panel or other display device. The display controller 163 includes a display controller 163 for generating a transport to display The electronic components required for the video signal of the device i 6 5. In addition, the computer system and the system 1 can also include a network card 17〇, and the purpose of the network card 17 is to connect the computer system (four) to the external mail. Network _. Communication network 160 provides a means for computer users to electronically communicate and transmit software and information 96374.doc -19-1255626. In addition, communication network 16-inch processing involves several computers and will be in two = type processing, decentralized = collaboration. It should be understood that the network connection shown in the figure is an exemplary network = connection, and that (4) his device to establish communication between computers should understand 'exemplary computer system丨It is merely an illustrative computer environment suitable for the rate described in this article, = method operation, and not limited to the implementation of the 2 = method described in the computer environment with different components and configurations, in various components and configurations The various inventive concepts of the invention. Brothers _ can be used to describe the illustrative computer network environment: - computer system 1 () () can be described above (four) computer (four) up two previous text on the computer environment Suitable for deployment on the web The server computer and the client computer in the road. The field shows an exemplary network connection computer environment of the system and method described in this paper, and the feeding service with the communication between the user and the computer via the communication network. 2 2 not 'Health 5 2G5 can be connected via communication network 16G (may be fixed line or ^ LAN, side, internal network, external network, peer-to-peer network, network y road or other communication network) It is interconnected with a number of (four) client computer environments, such as 'tablet PC 210, mobile phone 215, phone 220, personal computer _ and personal digital assistant 225. In addition, the system described herein can be communicated via a communication network. 16〇 Conforms with the automotive computer environment (not shown in the figure), the computer environment of the money-saving electronic device (not shown) and the building automation " brain environment (time-cutting). For example, in a network environment where the communication network (10) is the Internet 96374.doc -20-1255626 network, the server 205 may be a dedicated computer environment server that is operable to process web services and via any number of known communications. Agreement (for example, Hypertext Transfer Protocol (HTTP), file transfer protocol (FTP), Simple Object Access Protocol (SOAP) or wireless application communication protocol (wireless) Application protocol ; WAP)), the web service is passed in and out of the client computer environment 100, 210, 215, 220 and 225. Each of the client computer environments 100, 210, 215, 220, and 225 can also be equipped with a browser operating system 180 (which can operate to support one or more computer applications such as a web browser (not shown)). Or equipped with a mobile desktop environment (to obtain an access server environment 205). During operation, the user (not shown) can interact with the computer application executed on the client's computer environment to obtain the desired data and/or computer application. The data and/or computer application can be stored on the server computer environment 205 and communicated through the exemplary communication network 1 60 to users cooperating through the client computer environments 100, 210, 215, 220, and 225. Participant users will use Web service transactions to request access to specific data and applications that are fully or partially loaded on the server computer environment 205. These web service transactions can be communicated between the client computer environments 100, 210, 215, 220, and 225 and the server computer environment for processing and storage. The server computer environment 205 can load computer applications, processes, and applets to generate, authenticate, and communicate Web services, and can be used with other server computer environments (not shown), Third party 96374.doc -21 - 1255626 Serving spear, k donor (in the picture), network attached storage device (4) medical attached storage; NAS) and storage area network (Cana NET netW〇rk; SAN) Collaboration to enable their Web services transactions. Therefore, in a computer network environment with a client computer environment for accessing the network A, and a server computer environment for interacting with the user. Utilize the systems and methods described herein. As a result, various network architectures can be used to implement the systems and methods for providing mobile device platforms, and therefore should not be limited to what is not the case. The system and method described herein will now be described in detail by reference to this illustrative embodiment. Collaboration of Mobile Device Platform Components: Figure 3 illustrates an exemplary interaction between components of an exemplary mobile device platform. As shown in FIG. 3, the exemplary mobile device platform 300 (in short) may include an exemplary mobile device 31 that uses a communication protocol (not shown in the figure) to transport you & s ρ People) continuous overnight; | face 3〇5 to cooperate with the client computer%•境10 0 cooperation 0 In addition, the display of the warehouse drop and said that the alternative device platform 300 can further include the network #160 (As shown in Figure )) and the server computer environment 2〇5. In operation, the action can be used to collaborate with the client computer environment 100 through the communication interface to enable the AA staff to perform one or more computers originating from the mobile device 310. The application 1 80, and the day 玎 # buckle summer is not visible on the client computer environment 100 for user interaction. The computer application 180 may include, but is not limited to, a browser application, a word processing application, a spreadsheet, a police ancestor, a tycoon application, and a web application for providing a look and operation of the mobile system. Service application and user management 'preferences application. In addition, the mobile device 310 can use the client computer environment 1 (8) to communicate with the 96374.doc -22-1255626 server computer environment 205 via the communication network 160 to obtain data and/or computer applications in the form of web services. 4 illustrates the interaction between components of an exemplary mobile device platform 400. As shown in FIG. 4, the exemplary mobile device platform 400 includes a mobile device (MD) 405, a computer environment 410, a communication network 435, a mobile device management server (MDMS) 420, and a third party web service provider 440. Further, as further shown in the MD decomposition diagram, the MD 405 further includes a processing unit (PU), an operating system (OS), a storage memory (RAM/ROM), and an MD communication interface. Moreover, MDMS 420 further includes a translation engine 425, a web service 430, and an encryption engine 445. In operation, the MD 405 communicates with the computer environment 415 via the MD/computer environment communication interface 410 using one or more of the MD components PU, OS, RAM/ROM and MD communication interfaces. When communicating with the computer environment 415, the MD 405 can launch one or more computer applications (not shown), which can include, but are not limited to, a mobile desktop environment, user customization, and authentication as part of the configuration. Identify administrators and web service applications. Once the configuration has been set, the MD 405 can further cooperate with the computer environment 415 to process one or more web services (eg, web service profiles and/or computer applications). In this context, the MD 405 can use the communication network 435 to request web service data and/or computer applications from the cooperating MDMS 420 to handle their web services. In this case, the MDMS 420 can operate to identify the MD 405, thereby ensuring that the participant user (not shown) and the mobile device 405 have the correct permissions for the required data and/or computer application. Such an authentication procedure may also be employed as one or more of the security peripherals of the user's authentication section '96374.doc -23-1255626 including but not limited to biometric security peripherals (not shown) The retinal scanning safety peripheral device (not shown) and the security speech recognition peripheral device (not shown). If properly identified, MDMS 420 may further operate to locate the required data and/or computer application on the MDMS 420 and to communicate the required data and/or computer applications via the communication network 435 ( For example, a web service is provided to the authenticated MD 405, or the MDMS 420 is operable to cooperate with the third party service provider 440 to obtain a web service to be communicated to the authenticated MD 405. When collaborating with the two-party web service provider 440, the MDMS 420 can operate to translate the web service 430 originating from the third party web service provider 440 into an MD native format using the translation engine 425. Additionally, MDMS 420 can operate to encrypt the required web service using encryption engine 445 when the web service requirements from authenticated MD 405 are met. In addition, MDMS 420 can be further operative to cooperate with a file system (not shown) using a selected encryption protocol (e.g., PKI encryption) to obtain a Web service to be communicated to MD 405. The cooperative broadcast system may include (but is not limited to) a file allocation table (FAT) file system and a new technology files system (NTFS). FIG. 5 illustrates an example mobile device platform. Another example implementation. As shown, the exemplary mobile device platform 500 includes an MD 505 through an MD/computer environment communication interface 5 10 and a plurality of computer environments (computer environment, eight, '515, computer environment, 8, 525, Until the computer environment "^ 520", 96374.doc -24-1255626. In addition, the mobile device platform 500 further includes a communication network 530, a third-party web service provider 585, a java virtual machine (JVM) simulator and a provider, A plurality of MDMSs (MDMS ''A" 535 handles web services 540, MDMS" ΒΠ process web service 550 until MDMS ''N' 555 processes web service 560). Additionally, as shown by the dashed lines, in another exemplary implementation, the mobile device platform 500 can further include an MDMS nCn communication network 570 and a firewall 565 that processes the web service 580. In an exemplary operation, a mobile device 505 that cooperates with one or more computer environments 515, 525 to 520 can process browsing and controlling web services in computer environments 515, 525 through 520. In this context, MD 505 can request web services 540, 550 or 560 from cooperating MDMS 535, MDMS 545 through MDMS 555 via communication network 530. In this case, MDMS 535, MDMS 545 until any MDMS in MDMS 555 operates to authenticate the requesting party MD 505, thereby ensuring that the MD 505 has rights, usage rights, and rights with respect to the requested Web service. After successful authentication and validation, MDMS 535, MDMS 545, until MDMS 555 is operational to process MD 505 requirements and provide the required web services. MDMS 535, MDMS 545 until MDMS 555 can further operate to translate the required web services (e.g., web services originating from third party web service providers 585 if needed) into MD 505 native web service formats. In addition, MDMS 53 5, MDMS 545, until MDMS 555 is operational to encrypt and authenticate the required web services using authentication and confirmation information to ensure that the required web services are communicated through communication network 530 in a secure manner. In addition, the mobile device platform 500 can operate to obtain pre-data and/or computer applications by using the java virtual machine 96374.doc -25 - 1255626. In this context, md can be used with the dynamic JVM simulator and provider (although not shown in the figure, it can constitute MDMS 535, 545 until 555 or a part of multiple help (10)) to the front version system 590 requires data and / or computer applications. The dynamic JVM simulator and provider 595 can operate to cooperate with the front-end system 59 to obtain the front-end data and/or computer application required by the requesting party MD 505. In this context, the dynamic JVM simulator and provider can generate one or more >va virtual machines to be run on the pre-system to provide the requested bedding and/or computer applications as web services. Md \〇5. Furthermore, similar to the operation of ^^1)1^3, the dynamic simulator and the provider can first recognize the MD 505 before obtaining the required information. The mobile device platform 500 allows the mobile device 5〇5 to use multiple work environments. In other words, the single mobile device 5〇5 can operate to support multiple "personalities" of multiple participant users. For example, a participant user (not shown in (5)) may choose to use the same mobile device for common use and multi-person use. In this context, the mobile device can operate to provide multiple work environments within the mobile device, prompting the use of the users/devices of the respective group to identify and confirm the work environment for each work environment. According to this, when a participant user (not shown in the figure) wants to retrieve information from his company network (for example, assuming MDMS, A, 535, a company server), it can be used by using The user user identification and identification information of the participant user logs in to the MD 505 and starts the first working environment (not shown). The company MDMS (for example, for the purposes of this illustration, company, A, 535) performs the identification of the user's user identification and confirmation information to identify the use of 96374.doc -26· 1255626, and if After the authentication operation, the Web service requirements of the MD 505 can be handled via the communication network 530 (e.g., for the purposes of this illustration, the communication network is not the corporate LAN). Because the company MDMS "a, has

Using the user of the participating user (4) and the heart information to identify the user, thus ensuring that the data and/or computer application provided to the MD 5〇5 in this case will be communicated to the appropriate Learn from the user of S. "Also if the MG and the user (not shown) want to access the game Web service provider (for example, mdms "c" 58〇) from their corporate computer environment, the participant user can borrow Switching to its "personal" is initiated by launching a second working environment (not shown) on the MD 505. The user can log in to the game work environment by logging out of his company environment and using his game users and Mima (for example, user authentication and confirmation information) to invoke the game environment. In this scenario, the participating users can access MDMS "c" 575 through daisy chaining by storing *MDMS, A"535 through the communication network 530, and then through the company's fire protection (6) and Accessing the game via an external communication network (eg, the Internet) The user of the participating web service can use a multi-user authentication MDMS "C" 580. In this way, there is a single working environment. MD, borrowing and confirming information, in a safe manner, every requirement of the company and personal computer operations. As can be seen from the foregoing, the mobile device platform 500 can operate in a single mobile device and multiple heterogeneous devices. Computer environment interaction. Examples of cooperative computer environments include (but are not limited to) stand-alone computer environment 'network continuous computer 96374.doc -27 - 1255626 w brother and internal computer environment. In the context of embedded computer environment, The systems and methods described herein can be used to allow interaction with the embedded automotive computer environment... from the driving and comfort settings of the vehicle (for example, the action skirt can be configured to be saved) The driving and comfort settings of the participants' users prompt the winter inflammation and the squadrons to travel, and the mobile device cooperates with the embedded car computer environment according to the selected communication: face and agreement, so as to be based on the saved ° 疋 疋 疋 疋 疋 疋 疋 疋 疋 疋 。 。 。 。 。 。 。 。 。 。 。 。 。 。 。 。 。 。 。 。 。 。 。 。 。 。 。 。 。 。 。 。 。 。 。 。 。 。 The digital rights and authorizations of multimedia have been stored in the mobile device and through the selected communication interface and protocol (for example, the Wireless Internet Protocol (Wires Protocol)) and the consumer computer environment with internal environment - or multiple consumer electronics The device agreement 'to obtain the stored multimedia. In other words, it has a number of Mp3 songs stored in the function-only receiver, and can capture Mp3 songs through an external communication network (such as 'internet'). The songs can be accessed by the authorization and/or user authorization. Accordingly, the exemplary mobile device platform 5 can operate to provide participants. By accessing the MP3 functional receivers through a web service application to communicate rights and authorizations to the cooperation, the songs are accessed in this way." Obviously, although the mobile device platform shown in the figure is 5〇〇 There are specific configurations and can operate on various components 'but this description is merely illustrative, and the systems and methods described herein can be implemented with various alternative configurations and components to implement the exemplary mobile device platform 500. Figure 6 illustrates the procedure performed by the exemplary mobile device platform 400 when the group 96374.doc -28-1255626 of the exemplary mobile device platform 40 shown in Figure 4 is configured to operate. As shown in Figure 6, the program begins at step 600 and proceeds to step 61, where the mobile device is configured to operate in conjunction with at least one cooperative computer environment. In this step, the exemplary mobile device platform (although not shown) may initiate communication with at least one computer environment via a selected communication interface using a selected communication interface protocol. After the communication has been established, the exemplary mobile device platform can instruct the mobile device to launch one or more computer applications to operate in a connected computer environment. The desktop application environment can be included in the computer application private. The process proceeds from step 61 to step 620, and the MD and the cooperative MDMS are constructed through an exemplary communication network (not shown) using an exemplary communication network protocol (not shown). Communication between. After the communication between the MD and the cooperating MDMS is established, the MDMS user/1 is established and confirmed for subsequent use in step 63. At step 640, the MDMS uses their authentication and confirmation values to then establish an association between the file system and the group settings. The storage slot is associated with the group and the identification and confirmation values for subsequent use in step 65. Next, a check is performed at step 660 to determine if the MD on the MDMS requires a slot or group association. If the check result at step 660 indicates that the md slot and/or group association has changed, the program returns to step 640 and continues the program. However, if it is determined in step 660 that MD file and/or group association settings are not required, then the process proceeds to step 670, using the generated and stored MD and user authentication and confirmation values to perform md and Communication between MDMS and/or computer applications. The program then terminates at step 680 96374.doc -29- Ϊ 255626. , T7 illustrates the procedure performed when the exemplary mobile device shown in FIG. 4 processes the 400% service request from the exemplary mobile device shown in FIG. 4 in accordance with an exemplary implementation. As shown in Figure 7, the program begins at step 7(8) and proceeds to step 705 where a check is performed to ensure that the exemplary mobile device 405 is communicating with at least one of the cooperating computer environments (415 shown in Figure *). . If the result of the check in step 7〇5 indicates that the exemplary mobile device is not communicating with at least one of the cooperative computer environments, the program returns to step 700 and continues the program. However, if it is determined in step 705 that the exemplary mobile device 4 is communicating with at least one of the cooperating computer environments, then proceed to step 7 to perform a check to determine if the user has been used (eg, by the participant) Whether the user has provided appropriate user identification and password information to identify the mobile device. If the mobile device is not successfully authenticated based on the user, the program proceeds to step 715 to generate an error (and may display the error to the participant user). Next, a check is performed at step 717 to determine whether to attempt the action again to set the user authentication (i.e. 'allow the participant user to re-enter their user identification and password). If the authentication is performed again at step 717, the program returns to step 710 and continues the program. However, if it is determined in step 717 that the user authentication has not been attempted again, then the routine terminates at step 720. However, if it is determined in step 710 that the mobile device has been authenticated by the user, then the program proceeds to step 725 to initiate the mobile device action desktop environment on the at least one cooperating computer environment. The program then proceeds to step 73 0 to perform a check to determine if the MD has an MDMS request data and/or computer application that has cooperated with at least - 96374.doc -30-1255626 of the MD. If the result of the check in step 730 indicates that the authenticated MD has not requested, the process returns to step 730. However, if it is determined in step 730 that the MD has a request for data and/or a computer application, then the program proceeds to step 735 where the local search for the MD has the requested data and/or computer application. Next, a check is performed at step 740 to determine if the local search MD meets the requirement. If the result of the check at step 740 indicates that the local search MD has satisfied the request, then the program returns to step 730 and continues the program. However, if the result of the check at step 740 indicates that the request is not met, then the program proceeds to step 745 to search for the cooperating MDMS using the user authentication information provided in step 710. Next, the MDMS that can recognize the cooperation of the searcher MD uses the user authentication information to authenticate the MD. Next, a check is performed at step 755 to determine if the local search MD has authenticated the MD using the user authentication information in accordance with the MD. If the result of the check at step 755 indicates that the MDMS has authenticated the MD, then the program proceeds to step 760 where the MDMS is provided with the requested data and/or computer application to the requesting party and the now authenticated MD. The program then returns to step 730 and continues the program. However, if it is determined in step 755 that the cooperating MDMS does not recognize the requesting party MD, the program proceeds to step 765 to provide an authentication error to the requesting party MD. Next, the program proceeds to step 770 where a check is performed to determine if the cooperating MDMS is attempting to authenticate the MD again. If the result of the check in step 770 indicates that the authentication is attempted again, the program returns to 96374.doc -31 - 1255626, step 7 5 5 and continues the procedure. . However, if it is determined in step 770 that the purchase (10) has not attempted to authenticate again, then the private sequence proceeds to step 775 and terminates. Figure 8 illustrates a procedure performed when the exemplary walker platform 400 of Figure 4 processes a web service request from the exemplary mobile farm milk shown in Figure 4 in accordance with another exemplary implementation. As shown in Figure 8, the program begins at step 8 and proceeds to step 8〇5, where a check is performed to ensure that the exemplary mobile device 405 is in cooperation with at least a computer environment (shown in Figure 4). 415) Communication. If the result of the check in step 8〇5 indicates that the exemplary mobile device is not in communication with at least one of the cooperating computer environments, the program returns to step 800 and continues the program. However, if it is determined in step 805 that the exemplary mobile device 4〇5 is communicating with at least one of the cooperating computer environments, then proceed to step 81 to perform a check to determine if the user has been used (eg, by the participant) Whether the user has provided appropriate user identification and password information to identify the mobile device. If the mobile device is not successfully authenticated based on the user, the program proceeds to step 8 15 to generate an error (and may display the error to the participant user). Next, a check is performed at step 817 to determine whether to attempt the mobile device user authentication again (i.e., to enable the participant user to re-enter their user identification and password). If the acknowledgment is performed again at step 817, the program returns to step 8 10 and continues the program. However, if it is determined in step 817 that the user authentication is not attempted again, then the routine terminates at step 820. However, if it is determined in step 810 that the mobile device has been authenticated by the user, the process proceeds to step 825 to initiate a mobile device mobile desktop environment on the at least one cooperative computer ring 96374.doc -32-1255626. . Next, user authentication information and MD-specific authentication and confirmation information (e.g., public key/private key) are used to initiate communication with at least one of the cooperating MDMSs. Next, a check is performed at step 835 to determine if at least one of the cooperating MDMSs has properly authenticated the MD. If it is determined in step 835 that at least one of the cooperating MDMSs does not recognize the MD, then the program proceeds to step 840 to generate an error (and possibly display the error to the participant user via the mobile desktop environment). The program then terminates at step 845. However, if it is determined in step 835 that at least one of the cooperating MDMSs has authenticated the MD, then the process proceeds to step 850 to perform a check to determine if the MD has requested data and/or a computer to at least one of the cooperating MDMSs that have authenticated the MD. application. If the result of the check at step 850 indicates that the authenticated MD has not requested, the process returns to step 850. However, if it is determined in step 850 that the MD has requested at least one of the cooperative MDMS request data and/or computer application that has authenticated the MD, then the process proceeds to step 8 5 5 'Local search for MD'. Materials and / or computer applications. Next, a check is performed at step 860 to determine if the local search MD satisfies the request. If the result of the check at step 860 indicates that the local search MD has satisfied the request, then the program returns to step 850 and continues the program. However, if the result of the check at step 860 indicates that the request is not met, then the program proceeds to step 865 to check if the cooperating MDMS has the required information and/or computer application. Next, at step 870, the requested data and/or computer application is provided to the MD that the requesting party has authenticated. The program then returns to step 850 and continues the program. 96374.doc -33- 1255626 Figure 9 illustrates the exemplary action shown in Figure 4

The web service provider collaborates to handle the private order performed by the web service requirements of the exemplary device 405. As shown in Figure 9, the sequence begins at step 900 and proceeds to step j/know 905, where a check is performed to ensure that the exemplary mobile device 4500 is working with at least one of the + brain environments (Fig. 4 Shown 41 5) Communication. If right cow _. ^ If the result of the check in step 9 指 5 does not indicate that the exemplary mobile device is not communicating with the computer environment of at least one person, Wang Hao σ, the program returns to step 9 and continues the procedure. However, if i determines in step 905 that the exemplary mobile device 4 is communicating with at least one of the cooperative computer environments, then proceeds to step 91 to perform a check to determine if the user has been authenticated (eg, the participant user) Whether to provide appropriate user identification and password information to identify the mobile device. If the mobile device is not successfully queried by the user, the program proceeds to step 915 to generate an error (and may display the error to the participant user). Next, a check is performed at step 917 to determine whether to attempt the action again to identify the user (i.e., to enable the participant user to re-enter their user identification and password). If the authentication is performed again in step 917, the private sequence returns to step 910 and continues the program. However, if it is determined in step 91 7 that the user authentication is not attempted again, the program terminates at step 920. However, if it is determined in step 910 that the action description has been authenticated by the user, then the process proceeds to step 925 to initiate the mobile device action desktop environment on the at least one cooperative computer environment. Next, user authentication information and MD-specific authentication and confirmation information (e.g., public key/private key) are used to initiate communication with at least one of the cooperating MDMSs. Next, a check is performed at 96374.doc -34-1255626, step 935 to determine if at least one of the cooperating MDMSs has properly authenticated the MD. If it is determined in step 935 that at least one of the cooperating MDMSs does not recognize the MD, then the program proceeds to step 940 to generate an error (and possibly display the error to the participant user via the mobile desktop environment). The program then terminates at step 945. However, if it is determined in step 935 that at least one of the cooperating MDMSs has authenticated the MD, the process proceeds to step 950 to perform a check to determine if the MD has requested data and/or a computer to at least one of the cooperating MDMSs that have authenticated the MD. application. If the result of the check at step 950 indicates that the authenticated MD has not requested, the process returns to step 950. However, if it is determined in step 950 that the MD has requested at least one of the cooperative MDMS request data and/or computer application for the MD, then the process proceeds to step 955 to locally search for the MD for the required information and/or Computer application. Next, a check is performed at step 960 to determine if the local search MD satisfies the request. If the result of the check at step 960 indicates that the local search MD has satisfied the request, then the program returns to step 950 and continues the program. However, if the result of the check at step 960 indicates that the request is not met, then the program proceeds to step 965 to check if the cooperating MDMS has the required information and/or computer application. The program then proceeds to step 970 where the cooperating MDMS collaborates with a third party web service provider to obtain the requested data and/or computer application. Next, at step 975, the requested data and/or computer application is provided to the MD that the requesting party has authenticated. The program then returns to step 950 and continues the program. In summary, the system and method described herein provides a mobile device flat 96374.doc -35-1255626. However, it should be understood that the invention is susceptible to various modifications and alternative constructions. The present invention is not limited to the specific construction as described herein. On the contrary, the present invention is intended to be all modifications and alternatives within the spirit and scope of the present description. Please note that the present invention can be implemented in a variety of computer environments, including non-wireless and wireless computer environments, local computer environments, and real environments. The various technologies described in this article T can be combined with hardware, software or a combination of hardware and software to make apricots. The u-mode can be used in a computer environment where a programmable computer can be maintained. The computer includes a processor and a processor. A read storage medium (including volatile and non-volatile memory and/or storage elements), at least one input device, and at least one output device. The computer hardware logic in conjunction with the various instruction sets 2 is applied to the data' to perform the functions as described above and to generate round-trip information. The output f message is supplied to the ❹ (4) output device. The preferred method is to use a variety of programming languages (including high-order or object-oriented programming languages) to implement the private use of the exemplary computer hardware to communicate with the computer system. . By way of example, the apparatus and methods described herein can be implemented in a combination language or computer language, if desired. In (4) love ^ 'language may be compiled or deposed. Preferably, each computer program is stored in a general or special purpose programmable computer readable storage medium or device (for example, a deleted or a magnetic disk) for the user to read the storage medium or device. Configure and operate the computer to perform the private sequence described in the text. I can also be constructed as computer readable = the configuration is set using a computer program, where the storage medium is configured to cause the computer to operate in a specific or predefined manner. 96374.doc -36- 1255626 Although the exemplary embodiments of the present invention have been described in detail above, it is obvious to those skilled in the art that the exemplary embodiments have many additional modifications that may be made by the present invention without substantial substance. The novel teachings and advantages of the present invention are set forth above. Accordingly, these and all such modifications are intended to be encompassed by the present invention.

Within the domain. The invention is more appropriately defined by the scope of the following patent application. [Simple diagram of the drawing] X The mobile device platform and the method of using the method will now be described in detail with reference to the accompanying drawings: / Figure u will show the brain environment block diagram according to the implementation of the system, method and method described herein; According to the description of the vehicle and the method described in this article, the block diagram of the computer network environment of the computer network that is afraid of saying, dying, and dying; Figure 3 shows the simplification of the system according to the description of the article... Example block diagram of interaction between computer operating components; FIG. 4 illustrates an exemplary embodiment of a system and method according to the description herein; FIG. 5 depicts a mobile device not according to the system and method described herein. Another exemplary implementation block diagram of the platform; FIG. 6 is a flow chart showing the configuration of the implementation of the mobile device according to the implementation of the TM, ., and the mobile device; Description of the system and method of action The illustration of the farm platform is performed by a flow chart of the execution of the program; the figure is illustrated by the action of the system and method described herein. Figure 9 is a flowchart of a routine executed by another exemplary implementation of a mobile device platform in accordance with the systems and methods described herein. [Main component symbol description] 100 Computer system (data processing system, computer working environment) 105 System bus 110 Central processing unit (CPU) 112 Interconnect 115 Microprocessor 120 Memory controller 125 Random access memory (RAM) 130 Read Only Memory (ROM) 135 Peripheral Device Controller 140 Printer 145 Keyboard 150 Slip Air 155 Data Storage Machine 160 Communication Network 163 Display Controller 165 Display 170 Network Card 180 Operating System 180? Computer Application 200 Network Road Connection Computer Environment 210 Tablet PC 96374.doc -38-1255626 215 Mobile Phone 220 Telephone 225 Personal Digital Assistant 300, 400 Mobile Device Platform 305 Communication Interface 310, 405 Mobile Device (MD) 410 MD/Computer Environment Communication Interface 415 Computer Environment 420 Mobile Device Management Server (MDMS) 425 Translation Engine 430 Web Service 435 Communication Network 440 Third Party Web Service Provider 805 Encryption Engine 500 Mobile Device Platform 505 Mobile Device (MD), A, 515, ,B" 525···,,,N" 520 Computer Environment 510 Mobile Device (MD) / Computer Context communication interface 530, a communication network 570 585, 'A,' 535 ,, 'B ,, 545, third-party Web service provider ,, C ,? 575,, 'Nn 555 Mobile Device Management Server (MDMS) 540, 550, 560, 580 Web Services 96374.doc -39- 1255626 565 Firewall 590 Front System 595 Dynamic JVM Simulator and Provider 96374.doc -40-

Claims (1)

Φ + change from the application case (February 1995) Ten Declared Patent Scope: 】· A mobile device platform system, including... a computer environment with independent computer work capability; and μ # operable to mediate The mobile device server is given to the mobile device. 4 heart-shaped devices cooperate to provide information 2. If you apply for patent scope! The system of the project, its operation / including a network of access to information. Direct transmission between the server and the server is as follows: • For the purpose of the mobile device box, 7 for the purpose of the mobile device box, and for the cryptographic cooperation. Λ “ τ τ τ τ 动 动 农 农 传达 传达 传达 τ τ τ τ τ τ τ τ τ τ τ τ τ τ τ τ τ τ τ τ τ τ τ τ τ τ τ τ τ τ τ τ τ τ τ τ τ τ The data storage structure used is 0. 5. If you apply for the patent scope, Hall 4 # p, the 4th member of the system, where the data storage includes any of the following items: 栲宏献止主, # ^ ^ FAT) file system and new technology file system (NTFS) file system. 6. If the scope of patent application is 3, Li ^ Bei 4, and further includes an identification and confirmation group, which allows the mobile device to The mobile device greets and confirms 'to allow for the transmission of information. &quot;^ If the scope of application for patents is 箆6 ^ 糸,, first, where the identification and confirmation module processing includes the following 彳 - - _Bei material: user identification information, user code, public key information and private key information. 96374-950217.doc 1^55626 * . I, as in the system of claim 1, further includes a communication Interface that operates to connect the mobile device 9. The system of claim 8, wherein the communication interface is slain in the mobile device. 10. The system of claim 8 wherein the communication interface comprises any of the following items. Universal Serial Port (USB), IEEE 1394 Communication Interface (Firewire), 802.XX Communication Interface, biutet〇〇th (Bluetooth) Communication Interface, PC Interface, Small Computer Serial Interface and Wireless Application Protocol (WAP) Communication Interface Π·For example, the system of claim 10, wherein the computer environment includes any project of the 歹J, a stand-alone computer environment, a network continuous computer environment, and an embedded computer environment. The system of the third aspect, wherein the computer environment is a car embedded computer environment. 1 3 · The system of claim 1, wherein the computer environment is a consumer electronic device embedded computer Environment 14. The system of claim </ RTI> wherein the computer environment is an embedded computer environment that automatically controls the built-in table. The system of the item, wherein the data includes any data used in conjunction with one or more computer applications and control information. 1 6. The system of claim 1 wherein the communication network includes any of the following items : _ fixed area network (LAN), _ wireless local area network (LAN), a fixed wide area network (WAN), a wireless wide area network (AN) fixed line peer-to-peer communication network, a wireless peer-to-peer通作矣96374-950217.doc ii leak/ pheno, one/knife, 吋 句 纪 ( (TDMA) communication network, a mobile global positioning system (GSM) network, wireless internet and internet network. 1 7 · If you apply for a patent scope 回... 回 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 Server collaboration. 18. If the system of claim 17 is applied for, the operation of the device is to use a start-up, agreement to cooperate with different U-days. 1 9 · As in the patent application scope μ / , the mobile device is for each of the several communication working channels. _ 仏 _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ The only bell of the hi board is 21. If the scope of the patent application is the second item ^ ^ T 5 仃 仃 盥 盥 月 月 月 月 月 月 月 月 月 月 月 月 月 月 月 月 月 月 月 协作 协作 协作 协作 协作 协作 协作 协作 协作 协作 协作 协作 协作 协作 协作The user interface operates to receive the "management, manipulation, and management of data and applications from the user's computer environment to the end of the user's environment. 7 So that the system of claim 21, crying From the / J cut table to set the official servo ~, the other mobile device management server agreement to the mobile device. 仏 仏 Web service 23 · such as the patent application scope 22 system, 1 service crying eve / # ΤThe ordering device management servo 卩人人弟三方Web service provides services to the (four)μ. Collaboration μ provides ah 96374-950217.doc 1255626 Μ. If you apply for the patent scope of the system, list any items: - processing /, The swaying device includes a lower R〇M storage turbulence device communication interface unit, 25: storage device and operating system. • A method for allowing secure communication of data in the environment, including: US supply - with independent computer operation The capability set is operable to interface with a computer environment; and the mobile device server is activated to cooperate with the mobile device to provide information to the mobile device. 6. The method of claim 25 of the patent scope, the method comprising: constructing a communication link between the squirting device and the computer environment, 'A, as in the method of claim 26, further comprising Build-between the communication key between the actuation device and the mobile device (4) server. 28. As claimed in the method of claim 4, the method further comprises identifying the service at the action management device. The mobile device determines the rights and authority of the mobile device. 29. The method of claim 28, further comprising receiving a web service request from the mobile device to the mobile device management server. The method of claim 29, further comprising using a server object access protocol (SOAP) to receive a web service request from the mobile device to the mobile device management server. 3 1 · as claimed The method of clause 29, further comprising using the mobile device to authenticate the information, wherein the mobile device management server retrieves the requested Web service. 96374-950217.doc 1255626 32. 33. 34. 35. 36. 37. 38. 39. If the method of claim 31 is applied, the further step involves translating the web service of the company into a mobile device native web service. The method 'further includes encrypting the retrieved web service using the mobile device&quot; tolerant information. As in the method of claim 33, the method further comprises extracting the extracted web service from the mobile device The management server communicates to the mobile device. ^ As in the method of claim 34, the method further includes processing the communicated encrypted web service at the mobile device for display and control in the cooperative computer environment. A computer readable medium having computer readable instructions for instructing a computer to perform the method of claim 35. A system that securely communicates a Web service, comprising: a first component for interfacing a collaborative computer environment, the first component having independent computer operating capabilities; and a first component for providing security The web service to the first component 0, as claimed in claim 37, further includes a third member for operatively bonding the first member to the second member. For example, if the patent application scope is only for the third party, it further includes a fourth component for identifying and authenticating the right and authority of the component to access the Web service from the second component. , wherein the fourth member is twisted T ^ to include any of the following items: a biometric safety 96374-950217.doc 40 f retinal scanning security mechanism and a security speech recognition mechanism. A system as claimed in claim 39, further comprising a fifth component for cooperating with the fifth component to encrypt the web service for authentication purposes. 41. 42. A system for applying for the scope of the patent scope, wherein the web service comprises any of the following items: the user manages the web service, the computer application and the information. A method for obtaining a secure web service at a remote end, comprising: , and/or a mobile device operating in cooperation with a cooperative computer environment to cause the mobile device to operate to perform an operation capable of processing a web service on the cooperative computer environment a plurality of computer applications; establishing communication with at least a cooperative mobile device management server; &gt; identifying the mobile device at the mobile device management server to determine that the child device access is managed in the mobile device The right, access rights and authority of the service on the server; receiving the web service request from the mobile device at the mobile device management server; 43. using the mobile device to identify the information to process the service request; Taking the Web service to meet the mobile device's request for service; encrypting the Web service according to a selected encryption protocol; and communicating the required mobile service to the mobile computer environment for execution. For example, the method of claim 42 is applied to further identify the mobile device in the cooperative computer environment by using the user 96374-950217.doc 1255626 as the user and user password information. 44. The method of claim 42 of the patent scope further includes automatically executing at least one application or routine found on the mobile device when configuring the mobile device to operate in conjunction with the cooperative computer environment. 45. The method of claim 42, further comprising collaborating with a third party to obtain the requested web service. 47. The method of claim 42 of the patent scope further includes collaborating with a Java suspect machine to obtain the pre-application and data. The method of executing the patent range 42 is a computer readable medium having a computer readable command to indicate a 96374-950217.doc