US20140273857A1 - Systems and methods to secure short-range proximity signals - Google Patents

Systems and methods to secure short-range proximity signals Download PDF

Info

Publication number
US20140273857A1
US20140273857A1 US14210240 US201414210240A US2014273857A1 US 20140273857 A1 US20140273857 A1 US 20140273857A1 US 14210240 US14210240 US 14210240 US 201414210240 A US201414210240 A US 201414210240A US 2014273857 A1 US2014273857 A1 US 2014273857A1
Authority
US
Grant status
Application
Patent type
Prior art keywords
location
device
data
server
information
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Abandoned
Application number
US14210240
Inventor
Christopher Jules White
Brian Dougherty
Thomas Charles Clancy, III
David Alexander Hamrick
Grayson Gates Sharpe
Robert Austin Hanlin
Krzysztof Kamil Zienkiewicz
Christopher Michael Thompson
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Optio Labs Inc
Original Assignee
Optio Labs Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date

Links

Images

Classifications

    • H04W4/008
    • GPHYSICS
    • G01MEASURING; TESTING
    • G01SRADIO DIRECTION-FINDING; RADIO NAVIGATION; DETERMINING DISTANCE OR VELOCITY BY USE OF RADIO WAVES; LOCATING OR PRESENCE-DETECTING BY USE OF THE REFLECTION OR RERADIATION OF RADIO WAVES; ANALOGOUS ARRANGEMENTS USING OTHER WAVES
    • G01S5/00Position-fixing by co-ordinating two or more direction or position line determinations; Position-fixing by co-ordinating two or more distance determinations
    • GPHYSICS
    • G01MEASURING; TESTING
    • G01SRADIO DIRECTION-FINDING; RADIO NAVIGATION; DETERMINING DISTANCE OR VELOCITY BY USE OF RADIO WAVES; LOCATING OR PRESENCE-DETECTING BY USE OF THE REFLECTION OR RERADIATION OF RADIO WAVES; ANALOGOUS ARRANGEMENTS USING OTHER WAVES
    • G01S5/00Position-fixing by co-ordinating two or more direction or position line determinations; Position-fixing by co-ordinating two or more distance determinations
    • G01S5/02Position-fixing by co-ordinating two or more direction or position line determinations; Position-fixing by co-ordinating two or more distance determinations using radio waves
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/44Program or device authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network
    • H04L63/0853Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network using an additional device, e.g. smartcard, SIM or a different communication terminal
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to network resources
    • H04L63/107Network architectures or network communication protocols for network security for controlling access to network resources wherein the security policies are location-dependent, e.g. entities privileges depend on current location or allowing specific operations only from locally connected terminals
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATIONS NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/02Services making use of location information
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATIONS NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/80Services using short range communication, e.g. near-field communication [NFC], radio-frequency identification [RFID] or low energy communication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATIONS NETWORKS
    • H04W64/00Locating users or terminals or network equipment for network management purposes, e.g. mobility management
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2111Location-sensitive, e.g. geographical location, GPS
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THIR OWN ENERGY USE
    • Y02D70/00Techniques for reducing energy consumption in wireless communication networks
    • Y02D70/10Techniques for reducing energy consumption in wireless communication networks according to the Radio Access Technology [RAT]
    • Y02D70/12Techniques for reducing energy consumption in wireless communication networks according to the Radio Access Technology [RAT] in 3rd Generation Partnership Project [3GPP] networks
    • Y02D70/122Techniques for reducing energy consumption in wireless communication networks according to the Radio Access Technology [RAT] in 3rd Generation Partnership Project [3GPP] networks in 2nd generation [2G] networks
    • Y02D70/1224Techniques for reducing energy consumption in wireless communication networks according to the Radio Access Technology [RAT] in 3rd Generation Partnership Project [3GPP] networks in 2nd generation [2G] networks in General Packet Radio Service [GPRS] networks
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THIR OWN ENERGY USE
    • Y02D70/00Techniques for reducing energy consumption in wireless communication networks
    • Y02D70/10Techniques for reducing energy consumption in wireless communication networks according to the Radio Access Technology [RAT]
    • Y02D70/14Techniques for reducing energy consumption in wireless communication networks according to the Radio Access Technology [RAT] in Institute of Electrical and Electronics Engineers [IEEE] networks
    • Y02D70/142Techniques for reducing energy consumption in wireless communication networks according to the Radio Access Technology [RAT] in Institute of Electrical and Electronics Engineers [IEEE] networks in Wireless Local Area Networks [WLAN]
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THIR OWN ENERGY USE
    • Y02D70/00Techniques for reducing energy consumption in wireless communication networks
    • Y02D70/10Techniques for reducing energy consumption in wireless communication networks according to the Radio Access Technology [RAT]
    • Y02D70/14Techniques for reducing energy consumption in wireless communication networks according to the Radio Access Technology [RAT] in Institute of Electrical and Electronics Engineers [IEEE] networks
    • Y02D70/144Techniques for reducing energy consumption in wireless communication networks according to the Radio Access Technology [RAT] in Institute of Electrical and Electronics Engineers [IEEE] networks in Bluetooth and Wireless Personal Area Networks [WPAN]
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THIR OWN ENERGY USE
    • Y02D70/00Techniques for reducing energy consumption in wireless communication networks
    • Y02D70/10Techniques for reducing energy consumption in wireless communication networks according to the Radio Access Technology [RAT]
    • Y02D70/16Techniques for reducing energy consumption in wireless communication networks according to the Radio Access Technology [RAT] in other wireless communication networks
    • Y02D70/162Techniques for reducing energy consumption in wireless communication networks according to the Radio Access Technology [RAT] in other wireless communication networks in Zigbee networks
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THIR OWN ENERGY USE
    • Y02D70/00Techniques for reducing energy consumption in wireless communication networks
    • Y02D70/10Techniques for reducing energy consumption in wireless communication networks according to the Radio Access Technology [RAT]
    • Y02D70/16Techniques for reducing energy consumption in wireless communication networks according to the Radio Access Technology [RAT] in other wireless communication networks
    • Y02D70/164Techniques for reducing energy consumption in wireless communication networks according to the Radio Access Technology [RAT] in other wireless communication networks in Satellite Navigation receivers
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THIR OWN ENERGY USE
    • Y02D70/00Techniques for reducing energy consumption in wireless communication networks
    • Y02D70/10Techniques for reducing energy consumption in wireless communication networks according to the Radio Access Technology [RAT]
    • Y02D70/16Techniques for reducing energy consumption in wireless communication networks according to the Radio Access Technology [RAT] in other wireless communication networks
    • Y02D70/166Techniques for reducing energy consumption in wireless communication networks according to the Radio Access Technology [RAT] in other wireless communication networks in Radio Frequency Identification [RF-ID] transceivers
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THIR OWN ENERGY USE
    • Y02D70/00Techniques for reducing energy consumption in wireless communication networks
    • Y02D70/20Techniques for reducing energy consumption in wireless communication networks independent of Radio Access Technologies
    • Y02D70/22Techniques for reducing energy consumption in wireless communication networks independent of Radio Access Technologies in peer-to-peer [P2P], ad hoc and mesh networks
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THIR OWN ENERGY USE
    • Y02D70/00Techniques for reducing energy consumption in wireless communication networks
    • Y02D70/20Techniques for reducing energy consumption in wireless communication networks independent of Radio Access Technologies
    • Y02D70/26Techniques for reducing energy consumption in wireless communication networks independent of Radio Access Technologies in wearable devices, e.g. watches, glasses

Abstract

A system for short-range communications includes a device and a server. The mobile device receives information via short range wireless signals, processes that information, and transmits information to the server. The server uses the information to verify that the information from the device is consistent with a device currently located in the location. Such verification may be done using cryptographic or signal processing techniques.

Description

    CROSS-REFERENCE TO RELATED APPLICATIONS
  • [0001]
    Some of the aspects of the methods and systems described herein have been described in U.S. Provisional Application Nos. 61/780,408 entitled “Systems And Methods To Synchronize Data To A Mobile Device Based On A Device Usage Context”, filed Mar. 13, 2013; 61/781,252 entitled “Systems And Methods To Secure Short-Range Proximity Signals”, filed Mar. 14, 2013; 61/781,509 entitled “Systems And Methods For Securing And Locating Computing Devices”, filed Mar. 14, 2013; 61/779,931 entitled “Systems And Methods For Securing The Boot Process Of A Device Using Credentials Stored On An Authentication Token”, filed Mar. 13, 2013; 61/790,728 entitled “Systems And Methods For Enforcing Security In Mobile Computing”, filed Mar. 15, 2013; and U.S. Non-Provisional application Ser. No. 13/735,885 entitled “Systems and Methods for Enforcing Security in Mobile Computing”, filed Jan. 7, 2013, each of which is hereby incorporated by reference herein in its entirety.
  • BACKGROUND OF THE INVENTION
  • [0002]
    The present invention is in the technical field of communications security. More particularly, the present invention is in the technical field of secure short-range communications using a mobile device.
  • [0003]
    Stores, such as grocery stores, coffee shops, pharmacies, convenience stores, clothing stores, and other stores, offer customer loyalty programs to provide discounts and other incentives to loyal customers. A key challenge of existing frequent customer and customer loyalty programs is that they require the use of external barcodes, RFID tags, ID numbers, or other identification mechanisms. For example, some grocery stores provide barcodes on keytags (i.e. small cards that may be attached to the customers' key rings) to scan at checkout to obtain discounts. These existing approaches to identifying frequent customers rely on extra objects, such as keytags, that must be carried by customers or codes that must be memorized. These existing approaches are inconvenient for customers, do not provide information about where a user is located in a store, and do not provide avenues for aiding or delivering advertising or benefits, such as coupons, more effectively to users.
  • [0004]
    One alternative approach provides virtual “keytags” for scanning or otherwise inputting the barcode or ID number into an application on a mobile device. While this approach removes the physical card, fob or keytag, it still requires the customer obtain a physical keytag or other item with the relevant identifying information. Also, this approach is no less inconvenient, since the customer still has to scan the screen of the device with the virtual keytag, which is also less likely to work than scanning the original keytag.
  • [0005]
    Some other approaches have suggested using mobile devices to transmit customer loyalty information to the store upon entry, but do not provide location-specific information (e.g. in which aisle the customer is located) that can be effectively detected with a mobile device. A need exists for methods and systems that overcome the inconvenience of current systems.
  • SUMMARY OF THE INVENTION
  • [0006]
    The present invention includes a system for short-range communications between a mobile device and another device to securely provide location and location identification information.
  • [0007]
    The present invention also includes a method for securely locating a device by receiving one or more short range signals from a beacon in a location, obtaining time-dependent and location-dependent data from at least one of the short range signals, and communicating the information related to the data obtained from at least one of the short range signals to the server. The information is suitable for use by the server to securely determine the location of the device, including verifying that the information is consistent with the information expected to be received from a device currently located in the location.
  • [0008]
    Embodiments of the present invention may use short range signals such as Bluetooth LE beacon signals, Bluetooth signals, near field communication signals, acoustic signals, infrared signals, or visual signals. The data obtained from the short range signals may include time-dependent cryptographic data, location-dependent cryptographic data, time-dependent data, location-dependent data, or a digitally signed location identifier. The information communicated to the server may additionally include an identifier indicating the user of the device. Additionally, the device may execute an application based on additional data received from the server.
  • [0009]
    In embodiments of the present invention, secure determination of the location of the device may include cryptographic processing, signal analysis, table lookup, machine learning, or matching of the received data. Based on the secure determination of location, sensitive data may be provided or not provided to the device, access to a network accessible resource may be granted or not granted, and financial transactions may be authorized or not authorized. In embodiments where the data received by the server includes a user identifier indicating the user of the device, the server may additionally identify a user account associated with the user of the device based on the user identifier, or may request a separate server to do so. The user account may be credited, debited, rewarded, or otherwise affected based on the result of the secure determination. In some embodiments, the location is communicated to a computational service, where the communicated location determination may be treated as a command such as controlling access to data within the computational service, changing the control flow of computation in the computational service, querying a database of the computational service, or authenticating the device with another server.
  • [0010]
    The present invention may provide customer location information in addition to the customer identification information. In some embodiments, the present invention may also use certain events sent over an inter-process communication (IPC) mechanism to securely trigger execution of an application on the device.
  • BRIEF DESCRIPTION OF THE FIGURES
  • [0011]
    FIG. 1 depicts certain components of a system for providing customer location and identification according to certain preferred embodiments described herein.
  • [0012]
    FIG. 2 describes an embodiment of the invention performed by a device.
  • [0013]
    FIG. 3 describes an embodiment of the invention performed by a server.
  • [0014]
    FIG. 4 illustrates the data flowing between a device and a server in an embodiment of the invention.
  • DETAILED DESCRIPTION
  • [0015]
    Referring to FIG. 1, a device 102 may include one or more of a processor 103, a memory 105, a communication facility 108, a location-aware facility 110 that may be adapted to send and receive transmissions through the communication facility 108 via a network 106, and an IPC facility 112 that may be adapted to send and receive communications between processes executing on processor 103. Communication facility 108 may provide an input and/or output mechanism to communicate with other network devices such as business server 116. Such transmissions may include short-range proximity information from one or more short-range proximity radios 118A-C. Such transmissions may also include information to and from a business server 116. The communication facility 108 may also provide communication with, for example, other gateways, wireless access nodes, and other servers to send and receive data such as packets and messages. The communication facility 108 may provide connectivity to 3G, 4G, WiFi, or other network types. Processor 103 runs software which uses the communication facility 108, the location-aware facility 110, and the memory 105. Memory 105 comprises storage media such as a tangible, non-transitory computer readable medium, a programmable read only memory (PROM), or flash memory. Processor 103 may be any computer chip that is capable of executing program instruction streams that are part of a software program. Processor 103 may have multiple cores for executing multiple streams of program instructions simultaneously. The processor 103 may also have multiple sub-processors which are optimized for executing particular categories of program instructions and are controlled by the processor. The memory 105 is capable of storing and retrieving program instructions, program data, or any other data that is used by the processor. The processor 103 may store and retrieve data from the memory as a software program is executed.
  • [0016]
    The location-aware facility 110 may provide information to one or more applications via IPC facility 112. In some embodiments, an application process 114A may, in response to information provided by the location-aware facility 110, transmit an event indicating a business location change via the IPC facility 112 to a second application process 114B. The second application process 114B may be dynamically launched to execute logic from the application.
  • [0017]
    The business server 116 may be part of a business system 104, which may transmit data to the device 102 for determining the location of the device 102 and/or for providing information to the device 102 based on the location of the device 102.
  • [0018]
    We now describe a method for providing a secure short-range proximity signal that may include providing a device 102, wherein the device 102 includes a location-aware facility 110 and a communication facility 108; and providing a business system 104 to provide information to the device 102 based on the location of the device 102, wherein the business system 104 may include one or more short-range proximity radios 118A-C for identifying the location of the device 102, and a business server 116 for providing the information.
  • [0019]
    FIG. 2 illustrates one embodiment of this method. In step 200, the device receives one or more short range signals from a plurality of locations. In step 201, the device obtains data from at least one of the one or more short range signals. Such data may be obtained directly from the short range signal or may be derived from the short range signal or otherwise obtained by processing of the short range signal. In step 202, the device transmits information related to the data obtained from the short range signal to a server to serve as basis for a secure location determination.
  • [0020]
    The device 102 may be a mobile phone, a tablet, personal digital assistant, a watch, a laptop, or some other device. The device 102 may have one or more applications executing. In some embodiments, the applications may execute in one or more processes 114A-B. The processes 114A-B may be connected to an inter-process communications facility 112 to facilitate communication between one or more processes 114A-B, and between one or more processes 114A-B and the location-aware facility 110. In some embodiments, the inter-process communications facility 112 may be an inter-process communications firewall to enforce rules governing communication between two subsystems.
  • [0021]
    In at least some embodiments, Wi-Fi, cellular, Bluetooth, or Bluetooth Low Energy (Bluetooth LE) network events may indicate entrance or exit from a business location. In some embodiments, network events may be sent over the inter-process communication facility 112 to automatically trigger the execution of logic contained within a business aiding application running in a process 114 A and/or B. Such networking events indicating a business location change may be generated in a first process 114A, transmitted over an inter-process communication facility 112, and then delivered to a second process 114B that is dynamically launched to execute logic from the business aiding application. This aspect of the disclosure allows the business aiding application's code to be dynamically loaded into memory and executed upon a networking event, such as a device 102 with a specific Wi-Fi SSID coming into range, which may indicate a business location has been entered or exited. Once this application code is loaded into memory, the application may interact with the user of the device 102 by doing one or more of the following: 1.) using business logic to devise and present personalized discounts based on the user's location in the business and their buying history, 2.) providing a mechanism for requesting help from a customer representative of the store, 3.) offering one or more personalized advertisements, and 4.) offering help and/or directions to a specific product.
  • [0022]
    The location-aware facility 110 may be adapted to send and receive transmissions through a communication facility 108 via a network 106. The location-aware facility 110 may use a hybrid positioning system; triangulation, trilateration or multilateration using signals such as from a plurality of short-range proximity radios 118A-C, wireless internet signals, Bluetooth sensors; and/or some other positioning system to identify the location of device 102.
  • [0023]
    The transmissions between the communication facility 108 and the network may utilize one or more short-range proximity signals, such as, but not limited to, cellular, Bluetooth, Bluetooth LE, near-field communication, RFID, Wi-Fi, infrared, and an acoustic signal, such as ultrasonic sound. The transmissions may include short-range proximity information from one or more short-range proximity radios 118A-C. Such transmissions may also include information associated with the location of the device 102 to and/or from the business server 116. For example, the information may include customer loyalty information, store information, store navigation information, purchasing information, a coupon, barcode scanning information, product browsing information, shopping cart information, sensitive information, and/or other business-aiding information.
  • [0024]
    The business server 116 may be part of a business system 104. In some embodiments, the business server 116 may include a location calculator 120, a business operations system 122, an advertising operations system 124 and one or more other operations systems 126. The location calculator 120 may, in response to data associated with a customer device 102, and received via one or more short-range proximity radios 118A-C, identify the location of the customer device 102. The advertising operations system 124 may identify advertisements to be delivered to a customer device 102 based on a location identified by the location calculator 120. The business operations system 122 may process a business transaction in response to a location of a customer device 102 identified by the location calculator 120. For example, the location calculator 120 may identify that a customer device is standing in front of an end cap for some cookies that are on sale. In the same example, in response to the identification by the location calculator 120, the advertising operations system 124, may deliver a coupon for the cookies to the customer device 102. Continuing with the same example, in response to the same identification by the location calculator 120, the business operations system 122 may project that, based on the rate of cookie sales to people who have stood in the same location, the store should submit an order for more of the cookies. In another example, in response to an identification by the location calculator 120, the business operations system 122 may generate date/time specific suggestions/reminders based on the customer demographic. The other operations systems 126 may be any other systems, such as, but not limited invoice printing, security, CRM, or other systems.
  • [0025]
    An aspect of the current disclosure is that the short-range proximity signal may transmit time-dependent cryptographic, identity, and/or session data that the device 102 may collect and use to indicate its location via one or more messages to the business server 116. Because the data is time-dependent, the secure location determination cannot be spoofed by playback of earlier-recorded information obtained from signals. The device 102 may either directly transmit the data received over the short-range proximity signal to the business server 116 to indicate location, or use the data to create derivative data that the device 102 may send to the business server 116. Such derivative data may be a cryptographic hash, a signature, or other data.
  • [0026]
    FIG. 3 displays one embodiment by which the business server processes the location indication data. At step 300, the server transmits a short range signal from a first location. At step 301, the server receives data related to the short rang signal from the device. At step 302, the server securely determines the location of the device. Such secure determination may further incorporate verification of the devices location. The business server may use a variety of methods to analyze and/or verify the authenticity of the device's location indication data in order to make a secure location determination, including, but not limited to, cryptographic verification, time-based verification, a lookup table verification, a signal analysis, machine learning classification, or some combination thereof.
  • [0027]
    Once the location has been securely determined, the business server may send sensitive data to the device. For example, in one embodiment, the business server may send trade secret data, such as pricing information to the device. In another embodiment, the server may send a personal shopping history or wishlist to the device. In yet another embodiment, the server may send payment information to the device.
  • [0028]
    Another embodiment of the invention may use the secure location determination to ensure that a customer is in the location where a financial transaction associated with the user's account is being processed. The server may use the secure location determination to confirm that the customer is in the location of the financial transaction and authorize the transaction. The server may also determine that the customer is not in the location associated with the transaction and not authorize the transaction.
  • [0029]
    In some embodiments, the device may include an identifier for the user of the device so that the server can securely determine both the location of the device and the user of the device. The server may use a cryptographic protocol or database lookup to verify the authenticity of the user identifier. The server may use the identification of the user to determine a customer account, such as a loyalty or rewards program account associated with the user. As a result of the location determination and identification of the user's account, the user may be rewarded in some fashion, including, but not limited to, receiving points, credit, coupons, or other incentives.
  • [0030]
    In another embodiment, the server may use the location determination to authorize or not authorize access to a network resource. For example, the server may authorize use of a printer or wireless network that is associated with the location. In another example, the server may authorize access to a healthcare medical records system as a result of determining that a device is within a healthcare setting. The network resource may be accessed via a variety of network communication protocols, including but not limited to, the hyper-text transfer protocol, secure hyper-text transfer protocol, user datagram protocol, and transmission control protocol.
  • [0031]
    The business server may control access to a variety of network resource types, including but not limited to, retail business, healthcare, military, financial, or trade secret resources. For example, the business server may grant access to healthcare resources based on location of a user device within a hospital, or may deny access to military resources based on location of a user device outside of a secure military network. Further, the resource may be data, a computational resource, such as a web service, or some combination thereof. For example, the access to healthcare resources may include access to medical charts, access to prescription information, or access to hospital communications systems, while access to financial resources may include access to stock trading systems, access to quantitative analysis computation services, or access to a transaction processing system.
  • [0032]
    The server may also provide the location and/or user determination to the network resource so that it can adapt its behavior based on the user and/or location, including but not limited to altering the control flow or branching of the program's execution; parameterizing, selecting, or constructing database queries; or authenticating with another server using some combination of the user, location, and/or first server's identity or other information provided by it. For example, the location of a device outside a location may trigger a database query to a location database to determine the next likely location of the device, while the location of a device inside a location may authenticate the user of the device to a second server in order to allow the user to access computation resources within the second server. In another embodiment, product information retrieved from a network resource may be adapted based on the location provided to the network resources.
  • [0033]
    In an exemplary embodiment of the invention, the location of the device is used to authorize a financial transaction. The device receives and processes a short range signal to obtain data. The data is used to encrypt a user financial account identifier. The encrypted user financial account identifier is transmitted to a server. The server decrypts the data and securely determines whether the device is in a location wherein a transaction is occurring utilizing the user financial account. If the secure location determination indicates the device is in the location, the server authorizes the financial transaction. Otherwise, the server does not authorize the financial transaction. FIG. 4 illustrates the communication of data in the above exemplary embodiment.
  • [0034]
    A secure location determination may be part of determining a device context as described in U.S. Provisional Patent Application No. 61/780,408, at pages 3-4, which is incorporated herein by reference. Secure location determination may also be used as described in U.S. Provisional Patent Application No. 61/785,109 at paragraphs [0004] and [0027]-[0033], which is incorporated herein by reference, by securely locating the device for use in location-based authorization, and may further be of use in securely authenticating a user prior to enabling an operating system, as described in U.S. Provisional Patent Application No. 61/779,931 at paragraphs [0013]-[0014], which is incorporated herein by reference. Secure determination of a location may be performed in a trusted zone of a processor in some embodiments as described in U.S. Provisional Patent Application No. 61/790,728 at paragraphs [0095], which is incorporated herein by reference.
  • [0035]
    While the foregoing written description of the invention enables one of ordinary skill to make and use what is considered presently to be the best mode thereof, those of ordinary skill will understand and appreciate the existence of variations, combinations, and equivalents of the specific embodiment, method, and examples herein. The invention should therefore not be limited by the above described embodiment, method, and examples, but by all embodiments and methods within the scope and spirit of the invention.

Claims (20)

  1. 1. A method for securely proving the location of a device, comprising:
    receiving one or more short range signals from a beacon in a location;
    obtaining data from at least one of the short range signals, wherein the data is location-dependent and time-dependent; and
    securely determining the location of the device by verifying that information related to the data obtained from the at least one of the short range signals is consistent with expected information for a device currently located in the location.
  2. 2. The method of claim 1, wherein the short range signals comprise one or more of Bluetooth LE beacon signals, Bluetooth signals, near field communication signals, acoustic signals, infrared signals, or visual signals.
  3. 3. The method of claim 1, wherein the obtained data comprises one or more of cryptographic data or a digitally signed location identifier.
  4. 4. The method of claim 1, further comprising communicating the information related to the data obtained from the at least one of the short range signals to a server and wherein the communicated information further comprises an identifier indicating the user of the device.
  5. 5. The method of claim 4, further comprising receiving additional data from the server and executing an application on the basis of the additional data.
  6. 6. The method of claim 1, further wherein the securely determined current location of the device is provided to one or more applications or services on the device through inter-process communication.
  7. 7. A method for securely proving the location of a device, comprising:
    transmitting a time-varying and location-dependent short range signal from a beacon at a location;
    receiving data related to the short range signal from a device; and
    securely determining that the device is in the location by determining if the received data is consistent with data expected to be received from a device currently located in the location.
  8. 8. The method of claim 7, wherein securely determining comprises one or more of cryptographic processing, signal analysis, table lookup, machine learning, or matching of the received data.
  9. 9. The method of claim 7, further comprising providing sensitive data to the device upon securely determining the device's location.
  10. 10. The method of claim 7, further comprising not providing sensitive data to the device upon securely determining the device's location.
  11. 11. The method of claim 7, further comprising authorizing a financial transaction on the basis of the secure determination of the device's location.
  12. 12. The method of claim 7, further comprising not authorizing a financial transaction on the basis of the secure determination of the device's location.
  13. 13. The method of claim 7, wherein the received data further comprises a user identifier indicating the user of the device.
  14. 14. The method of claim 13, further comprising identifying a user account associated with the user of the device based on the user identifier.
  15. 15. The method of claim 14, further comprising awarding a reward to the user account based on the result of the secure determination.
  16. 16. The method of claim 7, further comprising granting the device access to a network accessible resource based on the result of the secure determination.
  17. 17. The method of claim 7, further comprising communicating the location determination to a computational service.
  18. 18. The method of claim 17, wherein the communicated location determination is a command to change behavior of the computational service.
  19. 19. The method of claim 18, wherein the command comprises one or more of controlling access to data within the computational service, changing the control flow of a computation performed by the computational service, querying a database of the computational service, or authenticating with another server.
  20. 20. A system comprising:
    a device comprising:
    a receiver capable of receiving a short-range signal from a beacon at a location;
    a processor capable of obtaining data from the short-range signal, wherein the data is location-dependent and time-dependent; and
    a transmitter capable of communicating information related to the obtained data to a server; and
    a server comprising:
    a receiver capable of receiving the data related to the obtained data from the device; and
    a location facility capable of securely determining the location of the device, wherein securely determining the location of the device comprises verifying that the received data is consistent with the data expected to be received from a device currently located in the location.
US14210240 2013-03-13 2014-03-13 Systems and methods to secure short-range proximity signals Abandoned US20140273857A1 (en)

Priority Applications (6)

Application Number Priority Date Filing Date Title
US201361780408 true 2013-03-13 2013-03-13
US201361779931 true 2013-03-13 2013-03-13
US201361781252 true 2013-03-14 2013-03-14
US201361785109 true 2013-03-14 2013-03-14
US201361790728 true 2013-03-15 2013-03-15
US14210240 US20140273857A1 (en) 2013-03-13 2014-03-13 Systems and methods to secure short-range proximity signals

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
US14210240 US20140273857A1 (en) 2013-03-13 2014-03-13 Systems and methods to secure short-range proximity signals

Publications (1)

Publication Number Publication Date
US20140273857A1 true true US20140273857A1 (en) 2014-09-18

Family

ID=51529248

Family Applications (4)

Application Number Title Priority Date Filing Date
US14209950 Abandoned US20140282992A1 (en) 2013-03-13 2014-03-13 Systems and methods for securing the boot process of a device using credentials stored on an authentication token
US14210397 Abandoned US20140283136A1 (en) 2013-03-13 2014-03-13 Systems and methods for securing and locating computing devices
US14210240 Abandoned US20140273857A1 (en) 2013-03-13 2014-03-13 Systems and methods to secure short-range proximity signals
US14210376 Active US9578445B2 (en) 2013-03-13 2014-03-13 Systems and methods to synchronize data to a mobile device based on a device usage context

Family Applications Before (2)

Application Number Title Priority Date Filing Date
US14209950 Abandoned US20140282992A1 (en) 2013-03-13 2014-03-13 Systems and methods for securing the boot process of a device using credentials stored on an authentication token
US14210397 Abandoned US20140283136A1 (en) 2013-03-13 2014-03-13 Systems and methods for securing and locating computing devices

Family Applications After (1)

Application Number Title Priority Date Filing Date
US14210376 Active US9578445B2 (en) 2013-03-13 2014-03-13 Systems and methods to synchronize data to a mobile device based on a device usage context

Country Status (1)

Country Link
US (4) US20140282992A1 (en)

Cited By (15)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR101539292B1 (en) * 2014-10-28 2015-07-27 주식회사 퍼플즈 Method of transmitting and receiving data in a wireless communication system using bluetooth low energy beacon and apparatus thereof
US20150276915A1 (en) * 2014-03-28 2015-10-01 Nec Corporation Positioning device, positioning system, positioning method, and computer-readable medium
US9363670B2 (en) 2012-08-27 2016-06-07 Optio Labs, Inc. Systems and methods for restricting access to network resources via in-location access point protocol
EP3029972A1 (en) * 2014-12-02 2016-06-08 Accenture Global Services Limited Smart beacon data security
US20160337353A1 (en) * 2015-05-11 2016-11-17 Interactive Intelligence Group, Inc. System and method for multi-factor authentication
US9514589B2 (en) 2014-08-25 2016-12-06 Accenture Global Services Limited Secure short-distance-based communication and access control system
EP3110179A1 (en) * 2015-06-26 2016-12-28 Samsung Electronics Co., Ltd. A service providing method using a beacon and electronic apparatus thereof
US9578445B2 (en) 2013-03-13 2017-02-21 Optio Labs, Inc. Systems and methods to synchronize data to a mobile device based on a device usage context
US9589402B2 (en) 2014-08-25 2017-03-07 Accenture Global Services Limited Restricted area access control system
US9609020B2 (en) 2012-01-06 2017-03-28 Optio Labs, Inc. Systems and methods to enforce security policies on the loading, linking, and execution of native code by mobile applications running inside of virtual machines
US9633493B2 (en) 2014-08-25 2017-04-25 Accenture Global Services Limited Secure short-distance-based communication and validation system for zone-based validation
US9712530B2 (en) 2012-01-06 2017-07-18 Optio Labs, Inc. Systems and methods for enforcing security in mobile computing
US9773107B2 (en) 2013-01-07 2017-09-26 Optio Labs, Inc. Systems and methods for enforcing security in mobile computing
US9787681B2 (en) 2012-01-06 2017-10-10 Optio Labs, Inc. Systems and methods for enforcing access control policies on privileged accesses for mobile devices
US9922294B2 (en) 2014-08-25 2018-03-20 Accenture Global Services Limited Secure short-distance-based communication and enforcement system

Families Citing this family (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9853864B2 (en) * 2010-09-17 2017-12-26 Printeron Inc. System and method for updating printer location information field
JP5974907B2 (en) * 2013-01-17 2016-08-23 株式会社デンソー Vehicle equipment
US9491033B1 (en) * 2013-04-22 2016-11-08 Amazon Technologies, Inc. Automatic content transfer
JP2015194698A (en) * 2014-03-20 2015-11-05 カシオ計算機株式会社 Display device, display system, and program
US20150326617A1 (en) * 2014-05-06 2015-11-12 DoNotGeoTrack, Inc. Privacy Control Processes for Mobile Devices, Wearable Devices, other Networked Devices, and the Internet of Things
US9246913B2 (en) 2014-06-19 2016-01-26 Verizon Patent And Licensing Inc. Sharing content using a dongle device
US20170012964A1 (en) * 2014-09-29 2017-01-12 Identity Over Ip Providing authentication of control instructions from a control device to a remotely-controllable physical interaction device using a remote control authentication token
CN104320265B (en) * 2014-11-21 2017-10-24 北京奇虎科技有限公司 A method and apparatus for authenticating the authentication software platform
US9743252B2 (en) * 2015-06-11 2017-08-22 Honeywell International Inc. System and method for locating devices in predetermined premises

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20100121567A1 (en) * 2005-05-09 2010-05-13 Ehud Mendelson System and method for providing indoor navigation and special local base sevice application for malls stores shopping centers and buildings utilize Bluetooth
US20120215637A1 (en) * 2010-09-13 2012-08-23 Hermann Mark E System and method for performing social networking and loyalty program functions at a venue
US20130083722A1 (en) * 2010-06-04 2013-04-04 Board Of Regents, The University Of Texas System Wireless communication methods, systems, and computer program products
US20130343198A1 (en) * 2012-06-22 2013-12-26 Apple Inc. Beacon frame monitoring
US20140068778A1 (en) * 2012-09-06 2014-03-06 Qualcomm Incorporated Securing databases against piracy attacks
US20140235270A1 (en) * 2011-09-19 2014-08-21 Qualcomm Incorporated Time of arrival based positioning system
US20140256251A1 (en) * 2013-03-11 2014-09-11 Cellco Partnership D/B/A Verizon Wireless Secure nfc data authentication

Family Cites Families (99)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6317868B1 (en) 1997-10-24 2001-11-13 University Of Washington Process for transparently enforcing protection domains and access control as well as auditing operations in software components
US7194092B1 (en) * 1998-10-26 2007-03-20 Microsoft Corporation Key-based secure storage
US20080278408A1 (en) * 1999-05-04 2008-11-13 Intellimat, Inc. Floor display systems and additional display systems, and methods and computer program products for using floor display systems and additional display system
US6467086B1 (en) 1999-07-20 2002-10-15 Xerox Corporation Aspect-oriented programming
US6901429B2 (en) 2000-10-27 2005-05-31 Eric Morgan Dowling Negotiated wireless peripheral security systems
US7461144B1 (en) 2001-02-16 2008-12-02 Swsoft Holdings, Ltd. Virtual private server with enhanced security
US7207041B2 (en) 2001-06-28 2007-04-17 Tranzeo Wireless Technologies, Inc. Open platform architecture for shared resource access management
GB0123403D0 (en) 2001-09-28 2001-11-21 Tamesis Ltd Publish subscribe system
US20050060365A1 (en) * 2002-01-24 2005-03-17 Robinson Scott L. Context-based information processing
US20030140088A1 (en) * 2002-01-24 2003-07-24 Robinson Scott H. Context-based information processing
US20030149874A1 (en) * 2002-02-06 2003-08-07 Xerox Corporation Systems and methods for authenticating communications in a network medium
US7135635B2 (en) 2003-05-28 2006-11-14 Accentus, Llc System and method for musical sonification of data parameters in a data stream
US8136155B2 (en) 2003-04-01 2012-03-13 Check Point Software Technologies, Inc. Security system with methodology for interprocess communication control
US20040255145A1 (en) 2003-05-06 2004-12-16 Jerry Chow Memory protection systems and methods for writable memory
US7751829B2 (en) * 2003-09-22 2010-07-06 Fujitsu Limited Method and apparatus for location determination using mini-beacons
US8880893B2 (en) 2003-09-26 2014-11-04 Ibm International Group B.V. Enterprise information asset protection through insider attack specification, monitoring and mitigation
US20050138416A1 (en) 2003-12-19 2005-06-23 Microsoft Corporation Object model for managing firewall services
US7574709B2 (en) 2004-04-30 2009-08-11 Microsoft Corporation VEX-virtual extension framework
US20050246453A1 (en) 2004-04-30 2005-11-03 Microsoft Corporation Providing direct access to hardware from a virtual environment
US7530093B2 (en) 2004-04-30 2009-05-05 Microsoft Corporation Securing applications and operating systems
US7584502B2 (en) 2004-05-03 2009-09-01 Microsoft Corporation Policy engine and methods and systems for protecting data
US7490245B2 (en) * 2004-07-24 2009-02-10 Lenovo (Singapore) Pte. Ltd. System and method for data processing system planar authentication
US20060048226A1 (en) 2004-08-31 2006-03-02 Rits Maarten E Dynamic security policy enforcement
US7768420B2 (en) 2004-10-29 2010-08-03 Intel Corporation Operation and control of wireless appliance networks
US7681226B2 (en) 2005-01-28 2010-03-16 Cisco Technology, Inc. Methods and apparatus providing security for multiple operational states of a computerized device
WO2006093917A3 (en) * 2005-02-28 2009-04-30 Majid Shahbazi Mobile data security system and methods
US8266232B2 (en) 2005-10-15 2012-09-11 International Business Machines Corporation Hardware processing of commands within virtual client computing environment
US9864752B2 (en) 2005-12-29 2018-01-09 Nextlabs, Inc. Multilayer policy language structure
US20070186274A1 (en) 2006-02-07 2007-08-09 Matsushita Electric Industrial Co., Ltd. Zone based security model
US8151323B2 (en) 2006-04-12 2012-04-03 Citrix Systems, Inc. Systems and methods for providing levels of access and action control via an SSL VPN appliance
US8387048B1 (en) 2006-04-25 2013-02-26 Parallels IP Holdings GmbH Seamless integration, migration and installation of non-native application into native operating system
US7865934B2 (en) 2006-05-18 2011-01-04 Microsoft Corporation Access-control permissions with inter-process message-based communications
JP5054768B2 (en) 2006-06-21 2012-10-24 ヴィーブ−システムズ アクチエンゲゼルシャフトWibu−Systems Ag Method and apparatus for intrusion detection
KR100792287B1 (en) * 2006-07-27 2008-01-07 삼성전자주식회사 Method for security and the security apparatus thereof
US7917963B2 (en) 2006-08-09 2011-03-29 Antenna Vaultus, Inc. System for providing mobile data security
US7966599B1 (en) 2006-08-29 2011-06-21 Adobe Systems Incorporated Runtime library including a virtual file system
US7774599B2 (en) 2006-09-15 2010-08-10 Panasonic Corporation Methodologies to secure inter-process communication based on trust
US8533530B2 (en) 2006-11-15 2013-09-10 Qualcomm Incorporated Method and system for trusted/untrusted digital signal processor debugging operations
GB0623101D0 (en) * 2006-11-20 2006-12-27 British Telecomm Secure network architecture
WO2008077628A3 (en) 2006-12-22 2009-01-15 Virtuallogix Sa System for enabling multiple execution environments to share a device
US20080235587A1 (en) * 2007-03-23 2008-09-25 Nextwave Broadband Inc. System and method for content distribution
DE102007018096A1 (en) 2007-04-17 2008-10-23 Rohde & Schwarz Gmbh & Co. Kg Method for determining time differences between measured by at least two measuring devices coupled signals and measuring system, and corresponding switching device
US20090025011A1 (en) 2007-07-17 2009-01-22 Tim Neil Inter-process communication at a mobile device
US8626867B2 (en) * 2007-07-27 2014-01-07 Blackberry Limited Apparatus and methods for operation of a wireless server
US8965992B2 (en) * 2007-07-27 2015-02-24 Blackberry Limited Apparatus and methods for coordination of wireless systems
US8225329B1 (en) 2007-09-13 2012-07-17 Juniper Networks, Inc. Tail synchronized FIFO for fast user space packet access
US8505029B1 (en) 2007-11-26 2013-08-06 Adobe Systems Incorporated Virtual machine communication
US8584229B2 (en) 2007-12-21 2013-11-12 Intel Corporation Methods and apparatus supporting access to physical and virtual trusted platform modules
US9185123B2 (en) 2008-02-12 2015-11-10 Finsphere Corporation System and method for mobile identity protection for online user authentication
US9058483B2 (en) 2008-05-08 2015-06-16 Google Inc. Method for validating an untrusted native code module
US8516095B2 (en) * 2008-05-23 2013-08-20 Research In Motion Limited Remote administration of mobile wireless devices
US8335931B2 (en) 2008-06-20 2012-12-18 Imation Corp. Interconnectable personal computer architectures that provide secure, portable, and persistent computing environments
US8151349B1 (en) 2008-07-21 2012-04-03 Google Inc. Masking mechanism that facilitates safely executing untrusted native code
US20100031252A1 (en) 2008-07-29 2010-02-04 Compuware Corporation Method And System For Monitoring The Performance Of An Application And At Least One Storage Device For Storing Code Which Performs The Method
US8001581B2 (en) * 2008-12-17 2011-08-16 Dell Products L.P. Methods and systems for embedded user authentication and/or providing computing services using an information handling system configured as a flexible computing node
US8607224B2 (en) 2009-05-28 2013-12-10 Yahoo! Inc. System for packaging native program extensions together with virtual machine applications
US20110055890A1 (en) 2009-08-25 2011-03-03 Gaulin Pascal Method and system to configure security rights based on contextual information
US8413241B2 (en) 2009-09-17 2013-04-02 Oracle America, Inc. Integrated intrusion deflection, detection and introspection
US20110151955A1 (en) * 2009-12-23 2011-06-23 Exent Technologies, Ltd. Multi-player augmented reality combat
KR101640767B1 (en) 2010-02-09 2016-07-29 삼성전자주식회사 Real-time virtual reality input/output system and method based on network for heterogeneous environment
US8938782B2 (en) 2010-03-15 2015-01-20 Symantec Corporation Systems and methods for providing network access control in virtual environments
US8533860B1 (en) 2010-03-21 2013-09-10 William Grecia Personalized digital media access system—PDMAS part II
US8887308B2 (en) 2010-03-21 2014-11-11 William Grecia Digital cloud access (PDMAS part III)
US8589667B2 (en) * 2010-04-19 2013-11-19 Apple Inc. Booting and configuring a subsystem securely from non-local storage
EP2572277A1 (en) 2010-05-19 2013-03-27 Hughes Systique India Private Limited Method and system for efficient inter- process communication in a high availability system
WO2011144961A1 (en) 2010-05-20 2011-11-24 Hewlett - Packard Development Company, L.P. Systems and methods for activation of applications using client- specific data.
US8582423B2 (en) 2010-08-04 2013-11-12 Alcatel Lucent Multi-chassis inter-process communication
US8613052B2 (en) 2010-09-17 2013-12-17 Universal Secure Registry, Llc Apparatus, system and method employing a wireless user-device
US8849941B2 (en) 2010-09-30 2014-09-30 Microsoft Corporation Virtual desktop configuration and operation techniques
US8726294B2 (en) 2010-10-01 2014-05-13 Z124 Cross-environment communication using application space API
US9961550B2 (en) 2010-11-04 2018-05-01 Itron Networked Solutions, Inc. Physically secured authorization for utility applications
US8359016B2 (en) 2010-11-19 2013-01-22 Mobile Iron, Inc. Management of mobile applications
US20120258730A1 (en) * 2010-11-29 2012-10-11 Qualcomm Incorporated Estimating access terminal location based on beacon signals from femto cells
US9350809B2 (en) * 2011-01-31 2016-05-24 Nokia Technologies Oy Method and apparatus for automatically determining communities of interest, for use over an ad-hoc mesh network, based on context information
US8612744B2 (en) 2011-02-10 2013-12-17 Varmour Networks, Inc. Distributed firewall architecture using virtual machines
US9202059B2 (en) * 2011-03-01 2015-12-01 Apurva M. Bhansali Methods, systems, and apparatuses for managing a hard drive security system
US8769305B2 (en) 2011-03-21 2014-07-01 Moncana Corporation Secure execution of unsecured apps on a device
US20120255014A1 (en) 2011-03-29 2012-10-04 Mcafee, Inc. System and method for below-operating system repair of related malware-infected threads and resources
US8099596B1 (en) 2011-06-30 2012-01-17 Kaspersky Lab Zao System and method for malware protection using virtualization
US8763112B2 (en) 2011-07-02 2014-06-24 Intel Corporation Systems and methods for power-on user authentication
US20130054812A1 (en) 2011-08-22 2013-02-28 Don DeCoteau System and method for dynamically assembling an application on a client device
US8966004B2 (en) 2011-09-29 2015-02-24 Comcast Cable Communications, LLC. Multiple virtual machines in a mobile virtualization platform
US8695060B2 (en) 2011-10-10 2014-04-08 Openpeak Inc. System and method for creating secure applications
US9936351B2 (en) * 2011-10-26 2018-04-03 Sling Media Pvt Ltd Apparatus systems and methods for proximity-based service discovery and session sharing
US8775784B2 (en) 2011-11-11 2014-07-08 International Business Machines Corporation Secure boot up of a computer based on a hardware based root of trust
US9317702B2 (en) 2011-11-29 2016-04-19 Sony Corporation System and method for providing secure inter-process communications
US8863129B2 (en) 2011-12-06 2014-10-14 International Business Machines Corporation Automated caching and mirroring of immutable data in distributed virtual machines via native interface components
WO2013103989A1 (en) 2012-01-06 2013-07-11 Optio Labs, LLC Systems and meathods for enforcing secutity in mobile computing
US9773107B2 (en) 2013-01-07 2017-09-26 Optio Labs, Inc. Systems and methods for enforcing security in mobile computing
US20130312058A1 (en) 2012-01-06 2013-11-21 Optio Labs, Inc. Systems and methods for enhancing mobile security via aspect oriented programming
US9787681B2 (en) 2012-01-06 2017-10-10 Optio Labs, Inc. Systems and methods for enforcing access control policies on privileged accesses for mobile devices
US9609020B2 (en) 2012-01-06 2017-03-28 Optio Labs, Inc. Systems and methods to enforce security policies on the loading, linking, and execution of native code by mobile applications running inside of virtual machines
US8844032B2 (en) 2012-03-02 2014-09-23 Sri International Method and system for application-based policy monitoring and enforcement on a mobile device
US9572029B2 (en) * 2012-04-10 2017-02-14 Imprivata, Inc. Quorum-based secure authentication
US9191382B1 (en) 2012-06-14 2015-11-17 Google Inc. User authentication using swappable user authentication services
US8898481B1 (en) * 2012-07-18 2014-11-25 Dj Inventions, Llc Auditable cryptographic protected cloud computing communications system
US9507653B2 (en) 2012-09-12 2016-11-29 Microsoft Technology Licensing, Llc Inter-process communication channel
US8655307B1 (en) * 2012-10-26 2014-02-18 Lookout, Inc. System and method for developing, updating, and using user device behavioral context models to modify user, device, and application state, settings and behavior for enhanced user security
US20140282992A1 (en) 2013-03-13 2014-09-18 Optio Labs, Inc. Systems and methods for securing the boot process of a device using credentials stored on an authentication token

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20100121567A1 (en) * 2005-05-09 2010-05-13 Ehud Mendelson System and method for providing indoor navigation and special local base sevice application for malls stores shopping centers and buildings utilize Bluetooth
US20130083722A1 (en) * 2010-06-04 2013-04-04 Board Of Regents, The University Of Texas System Wireless communication methods, systems, and computer program products
US20120215637A1 (en) * 2010-09-13 2012-08-23 Hermann Mark E System and method for performing social networking and loyalty program functions at a venue
US20140235270A1 (en) * 2011-09-19 2014-08-21 Qualcomm Incorporated Time of arrival based positioning system
US20130343198A1 (en) * 2012-06-22 2013-12-26 Apple Inc. Beacon frame monitoring
US20140068778A1 (en) * 2012-09-06 2014-03-06 Qualcomm Incorporated Securing databases against piracy attacks
US20140256251A1 (en) * 2013-03-11 2014-09-11 Cellco Partnership D/B/A Verizon Wireless Secure nfc data authentication

Cited By (17)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9609020B2 (en) 2012-01-06 2017-03-28 Optio Labs, Inc. Systems and methods to enforce security policies on the loading, linking, and execution of native code by mobile applications running inside of virtual machines
US9787681B2 (en) 2012-01-06 2017-10-10 Optio Labs, Inc. Systems and methods for enforcing access control policies on privileged accesses for mobile devices
US9712530B2 (en) 2012-01-06 2017-07-18 Optio Labs, Inc. Systems and methods for enforcing security in mobile computing
US9363670B2 (en) 2012-08-27 2016-06-07 Optio Labs, Inc. Systems and methods for restricting access to network resources via in-location access point protocol
US9773107B2 (en) 2013-01-07 2017-09-26 Optio Labs, Inc. Systems and methods for enforcing security in mobile computing
US9578445B2 (en) 2013-03-13 2017-02-21 Optio Labs, Inc. Systems and methods to synchronize data to a mobile device based on a device usage context
US20150276915A1 (en) * 2014-03-28 2015-10-01 Nec Corporation Positioning device, positioning system, positioning method, and computer-readable medium
US9514589B2 (en) 2014-08-25 2016-12-06 Accenture Global Services Limited Secure short-distance-based communication and access control system
US9633493B2 (en) 2014-08-25 2017-04-25 Accenture Global Services Limited Secure short-distance-based communication and validation system for zone-based validation
US9589402B2 (en) 2014-08-25 2017-03-07 Accenture Global Services Limited Restricted area access control system
US9922294B2 (en) 2014-08-25 2018-03-20 Accenture Global Services Limited Secure short-distance-based communication and enforcement system
WO2016068597A3 (en) * 2014-10-28 2016-06-23 주식회사 퍼플즈 Method and device for transmitting and receiving data using low-power bluetooth beacon in wireless communication system
KR101539292B1 (en) * 2014-10-28 2015-07-27 주식회사 퍼플즈 Method of transmitting and receiving data in a wireless communication system using bluetooth low energy beacon and apparatus thereof
US9608999B2 (en) 2014-12-02 2017-03-28 Accenture Global Services Limited Smart beacon data security
EP3029972A1 (en) * 2014-12-02 2016-06-08 Accenture Global Services Limited Smart beacon data security
US20160337353A1 (en) * 2015-05-11 2016-11-17 Interactive Intelligence Group, Inc. System and method for multi-factor authentication
EP3110179A1 (en) * 2015-06-26 2016-12-28 Samsung Electronics Co., Ltd. A service providing method using a beacon and electronic apparatus thereof

Also Published As

Publication number Publication date Type
US20140282857A1 (en) 2014-09-18 application
US20140282992A1 (en) 2014-09-18 application
US20140283136A1 (en) 2014-09-18 application
US9578445B2 (en) 2017-02-21 grant

Similar Documents

Publication Publication Date Title
US8380177B2 (en) Mobile phone payment processing methods and systems
US20130200999A1 (en) Portable e-wallet and universal card
US20140040148A1 (en) Systems and methods for arbitraged enhanced payment processing
US20130256403A1 (en) System and Method for Facilitating Secure Self Payment Transactions of Retail Goods
US20110191237A1 (en) Information Access Device and Data Transfer
US20120245985A1 (en) Method of controlling system and mobile device for processing payment and data
US20120123868A1 (en) System and Method for Physical-World Based Dynamic Contactless Data Emulation in a Portable Communication Device
US20150170149A1 (en) Financial authorization of an online transaction based on a location and an identifier of a user device
US20140040139A1 (en) System and method for dynamic temporary payment authorization in a portable communication device
US20130159186A1 (en) System and Method for One-Time Payment Authorization in a Portable Communication Device
US20130041831A1 (en) Secure and shareable payment system using trusted personal device
US20140279479A1 (en) Nfc paired bluetooth e-commerce
US20120124658A1 (en) System and Method for Providing Secure Data Communication Functionality to a Variety of Applications on a Portable Communication Device
US20140114780A1 (en) Payment Processing Access Device and Method
US20110178883A1 (en) Transactions associated with a mobile device
US20110145152A1 (en) Systems, apparatus, and methods for identity verification and funds transfer via a payment proxy system
US20130124349A1 (en) Methods, systems, and computer readable media for provisioning and utilizing an aggregated soft card on a mobile device
US20140188733A1 (en) Automatic wireless consumer checkins
US20140074655A1 (en) System, apparatus and methods for online one-tap account addition and checkout
US20130238456A1 (en) Systems, methods, and computer readable media for conducting an electronic transaction via a backend server system
WO2011112752A1 (en) Electronic transaction techniques implemented over a computer network
US20130097079A1 (en) Enabling payment for items using a mobile device
US20130198066A1 (en) Fraud Protection for Online and NFC Purchases
US20160232515A1 (en) Systems and methods for facilitating mobile commerce interactions between customers and merchants
US20150120549A1 (en) Mobile authentication for web payments using single sign on credentials

Legal Events

Date Code Title Description
AS Assignment

Owner name: OPTIO LABS, INC., MASSACHUSETTS

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:WHITE, CHRISTOPHER JULES;DOUGHERTY, BRIAN;CLANCY, THOMASCHARLES, III;AND OTHERS;SIGNING DATES FROM 20140530 TO 20140703;REEL/FRAME:034888/0056