US20150067768A1 - Zone policy administration for entity tracking and privacy assurance - Google Patents

Zone policy administration for entity tracking and privacy assurance Download PDF

Info

Publication number
US20150067768A1
US20150067768A1 US14/533,901 US201414533901A US2015067768A1 US 20150067768 A1 US20150067768 A1 US 20150067768A1 US 201414533901 A US201414533901 A US 201414533901A US 2015067768 A1 US2015067768 A1 US 2015067768A1
Authority
US
United States
Prior art keywords
zone
entity
policy
managed
mobile
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Abandoned
Application number
US14/533,901
Inventor
Eric Horvitz
Ruston John David Panabaker
William Jefferson Westerinen
Alexander Frank
Johannes Klein
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Microsoft Technology Licensing LLC
Original Assignee
Microsoft Technology Licensing LLC
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Microsoft Technology Licensing LLC filed Critical Microsoft Technology Licensing LLC
Priority to US14/533,901 priority Critical patent/US20150067768A1/en
Assigned to MICROSOFT TECHNOLOGY LICENSING, LLC reassignment MICROSOFT TECHNOLOGY LICENSING, LLC ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: MICROSOFT CORPORATION
Publication of US20150067768A1 publication Critical patent/US20150067768A1/en
Assigned to MICROSOFT CORPORATION reassignment MICROSOFT CORPORATION ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: HORVITZ, ERIC, PANABAKER, RUSTON JOHN DAVID, FRANK, ALEXANDER, KLEIN, JOHANNES, WESTERINEN, WILLIAM JEFFERSON
Abandoned legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/29Geographical information databases
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F30/00Computer-aided design [CAD]

Definitions

  • a parent may want to know when a sexual predator s within a certain distance of their children, A chemist may want a laboratory to report when lithium and water are within some distance of one another. And a self-reporting nano-material may report whenever another nano-material is detected within some sensitive zone.
  • the present examples provide entity tracking and zone policy administration technologies providing for, among other things, the defining of zones and managed entities, and for the creation of zone policies including rules that apply to the managed entities within or in relation to the zones, and privacy policies assuring privacy of sensitive data. These technologies further provide for the definition of sensors and event objects, as well as associations between zones, sensors, managed entities, and event objects so as to create zone policy based on a zone policy framework.
  • a managed entity an entity associated with a mobile device, may be a person, vehicle, animal, or any other object, physical or virtual, for which tracking and zone policy administration may be of value.
  • a privacy policy may restrict access to or set access conditions for data or information. Privacy policies may be used to ensure individual managed entities and their data remain anonymous to a desired degree and that sensitive data is appropriately protected.
  • FIG. 1 is block diagram showing an example entity tracking and zone policy administration system.
  • FIG. 2 is a block diagram showing an example zone policy framework including a zone policy with rules, ozone definition, and two entity definitions.
  • FIG. 3 is a diagram showing an example natural language zone policy.
  • FIG. 4 is a block diagram showing an example process for creating a zone policy.
  • FIG. 5 is a block diagram showing an example computing environment in which the technologies described above may be implemented.
  • FIG. 1 is block diagram showing an example entity tracking and zone policy administration (“ET-ZPA”) system 100 .
  • Elements of ET-ZPA system 100 may include: mobile devices, such as mobile device 114 , associated with entities, such as person 112 , forming managed entities, such as managed entity 110 , 120 , 122 , and 124 ; sensors, such as sensor 130 ; zone policy servers, such as server 140 ; zone policy data stores, such as database 150 ; and communications networks, such as network 180 .
  • Example managed entity 110 includes an entity, such as person 112 , and a mobile device 114 .
  • Mobile device 114 is associated with entity 112 forming a managed entity.
  • An entity may be a person, vehicle, animal, package, or any other physical object for which tracking and zone policy administration may be desirable.
  • a mobile device may be a personal data assistant (“PDA”), cell phone, electronic bracelet, electronic tag, electronic badge, implantable device, computer, or the like such as the computing environment described in connection with FIG. 5 .
  • PDA personal data assistant
  • Such a mobile device may include a means for location sensing and/or tracking, such as global positioning system (“GPS”) position tracking, a coupling to a network access point, a coupling to a radio frequency (“RF”) beacon, user assertion, cell tower and/or wireless fidelity (“Wi-Fi”) triangulation, or the like, and a means for communication, such as wireless communication to a network such as the internet or the like.
  • GPS global positioning system
  • RF radio frequency
  • WiFi wireless fidelity
  • Such a mobile device may also include processing capability such that zone policy software may be operated on the device, and/or the device may be capable of creating and/or joining ad-hoc networks with other devices, participating in a federation of devices, and engaging in communications with such devices.
  • Managed entities such as managed entities 110 , 120 , 122 , and 124 are typically coupled to network 180 via a communication links, such as link 116 .
  • Such communication links may be wireless links or any other type of link suitable to the entity being managed.
  • a link may be provided by a cell phone acting as the mobile device.
  • such a link may be provided by a short range RF transponder.
  • Each mobile device typically includes as unique identifier, such as a global unique identifier (“GUID”) or the like, so as to enable each mobile device to be uniquely recognized by an ET-ZPA system.
  • GUID global unique identifier
  • Each mobile device may also include identification information for the entity to which it is associated.
  • mobile device 114 is shown in FIG. 1 associated with entity 112 , a person, and includes identifying information for person 112 sufficient for entity tracking and zone policy administration purposes.
  • the identity information includes name, address, and other contact information.
  • Other information may include birth date, digital biometric information, license information (such as a driver license number, state, etc.), passport information, employee identification information, health information (such as blood type, disability descriptions, doctor's information, etc.), emergency contact information, or the like.
  • license information such as a driver license number, state, etc.
  • passport information such as a driver license number, state, etc.
  • employee identification information such as a driver license number, state, etc.
  • health information such as blood type, disability descriptions, doctor's information, etc.
  • emergency contact information or the like.
  • One purpose of such identity information is to uniquely identify the entity associated with the mobile device, If the entity s a vehicle, animal, package, or some other object, the identity information may be sufficient for entity tracking and zone policy application purposes of such an object.
  • a mobile device may be a “dumb” tracking device, capable of limited location tracking and limited communication capability.
  • Such limited communication capability may be limited to providing location tracking information along with basic mobile device identification information. Further limitations may include periodic versus continuous communications, limited-range communications, reply-only communications, or the like. With such a dumb device, most or all of zone policy-related processing is typically performed remotely by other mobile device, zone policy servers, such as server 140 , or the like.
  • a “smart” mobile device may include local zone policy storage and processing capability.
  • a smart device may download appropriate zone policy information during communication with zone policy server 140 via network 180 , and be capable of processing such zone-policy information even when later out of communication with zone policy server 140 .
  • Such a smart device may also be capable of establishing “ad-hoc” networks with other devices, of participating in a federation of devices, and of sharing information about associated managed entities, even when unable to or out of communication with zone policy server 140 .
  • a person entity carrying a mobile device such as a cell phone, mobile computer, PDA, or the like
  • authentication and validation may be accomplished by periodically requiring a log-on, such as with a private password, or via a biometric data, such as a finder print, iris scan, voice print, or the like.
  • a biometric data such as a finder print, iris scan, voice print, or the like.
  • such an authentication and validation may be required at a particular point in time as part of a zone policy, such as when entering a particular zone.
  • the purpose of such authentication and validation is to verify that the mobile device is currently in the possession of the associated entity.
  • An ET-ZPA system 100 may also include sensors, such as sensor 130 , with each sensor coupled to network 180 via a communication link, such as link 132 , and thereby copie to devices such as mobile device 114 .
  • sensors may be directly coupled to a mobile device, or the sensors may be coupled to an intermediary device or devices, the intermediary device or devices being coupled to network 180 .
  • Communication links, such as link 132 may be wireless or wired links or any other type of link suitable to the sensor being utilized.
  • Such sensors may be configured to monitor environmental or other conditions suitable for entity tracking and zone policy administration purposes. For example, various sensors may be positioned at or around zones of interest so as to monitor weather conditions, degree of daylight, noise, moisture, or any other environmental condition of interest.
  • a sensor may be a smoke alarm, a burglar alarm, a carbon monoxide detector, or the like.
  • a sensor may be a beacon sensor, capable of receiving data or information from a beacon.
  • a beacon may be a location beacon capable of broadcasting or sending location information, a marker beacon capable of broadcasting or sending information about an object or location the beacon is marking, or any other type of beacon capable of broadcasting or sending data or information useful for entity tracking and zone policy administration purposes.
  • a sensor may monitor for power outages, natural gas shut-offs, phone line functionality, or the like.
  • Other example sensors may monitor speed, altitude, acceleration, or the like.
  • Yet other example sensors may be applied to persons, animals, or other living creatures to monitor vital signs such as heart rate, blood pressure, brain wave activity, stress, or the like.
  • Each such sensor typically includes a unique identifier, such as a global unique identifier (“GUID”) or the like, so as to enable each sensor to be uniquely recognized by an ET-ZPA system.
  • GUID global unique identifier
  • An ET-ZPA system 100 also typically includes zone policy servers, such as server 140 , coupled to network 180 via communication links, such as link 142 .
  • Such communication links may be wireless or wired links or any other type of link suitable to the server being utilized.
  • Such servers may be coupled 160 to zone policy data stores, such as database 150 , that may be local or remote to a server.
  • zone policy server 140 is a computing environment such as that described in connection with FIG. 5 .
  • Such servers typically host zone policy software sufficient to enable the configuration and management of zones, entities, sensors, zone policies, and event objects.
  • Zone policy servers may alternatively be implemented as a web service providing zone policy functionality, or as some other type of centralized or distributed service.
  • FIG. 2 is a block diagram showing an example zone policy framework 200 including an example zone policy with rules, a zone definition 220 , and two managed entity definitions 230 and 240 .
  • a zone policy framework includes a collection of zone definitions, entity definitions, sensor definitions, zone policies, and associations.
  • Such a framework may be an object model, a schema, or any other description, representation and/or definition of zone policy, its structure and/or scope.
  • Example zone definition 220 defines Zone A that, in one example, includes a zone name, description, and border information sufficient to describe the physical borders of the zone.
  • a zone may be defined, at least in part, in terms of a perimeter (such as sides of a lot, a radius around a location center point, or other boundary descriptions or the like), an area, a volume, or the like.
  • Such a definition may include physical coordinates as well as sub-zones definitions.
  • the zone definition may include information sufficient to describe the building floor plan including multiple levels, room descriptions, hall ways, doors, windows, elevators, stairs, and the like.
  • a zone definition may define a road, trail, home, school, office, park, cave, lake, river, airspace, or any other physical or geographic area, collection of areas (sub-zones), or the like.
  • a zone policy may include any number of zone and/or sub-zone definitions.
  • Example managed entity definitions 230 and 240 define Entity 1 and Entity n respectively that, in one example, include an entity name, description and other identification information appropriate for entity tracking and zone policy administration purposes,
  • a managed entity definition may be associated with one or more rules or sub-rules, as indicated by links 232 and 242 .
  • a zone policy may include any number of managed entity definitions.
  • Example zone policy definition 210 defines Zone Policy 1 and includes example rules, such as rule 212 .
  • a zone policy may be associated with one or more zones.
  • Zone Policy 1 is shown associated with Zone A by link 222 .
  • a zone policy definition is typically comprised of rules and sub-rules that, when taken together, define the zone policy. Rules and sub-rules may have associated with them one or more entities, sensors, rule event objects, and/or zones.
  • rule R 1 is shown in FIG. 2 to have associated with it Entity 1
  • rule Rn is shown to have associated with it Entity n.
  • a zone policy may also have associated with in a default event object, such as object 250 .
  • Example default event object 250 is shown associated with Zone Policy 1 . Such an event object may generate a zone policy event or action on compliance with all rules of the zone policy and/or on violation of any of the rules.
  • Example rule event object 252 is shown associated with rule R 2 and may generate a zone policy event or action on compliance with example rule R 2 and/or on violation of rule R 2 . Such events/actions may be configurable programmatically and/or by ET-ZPA system administrators or users. Zone policy events or actions may be generated by default event objects and rule event objects, and typically indicate compliance with or violation of some aspect of zone policy.
  • Example sensor 260 is shown associated with rule R 2 .
  • a sensor definition may be associated with one or more rules or sub-rules, as indicated by link 262 .
  • a zone policy may include any number of sensor definitions.
  • Example privacy policy 270 is shown optional associated with Zone Policy 1 ( 210 ) and/or Entity n ( 240 ).
  • a privacy policy may also be applied to a zone, a sensor, a rule, an event object, or any element of a zone policy framework.
  • a privacy policy may restrict access to or set access conditions for data or information.
  • privacy policies may be used to ensure individual managed entities and their data remain anonymous to a desired degree and that sensitive data is appropriately protected.
  • a privacy policy applied to a zone may ensure that only certain composite statistics based on specific information about people (managed entities) within the zone may be reported, and that such information cannot be reported unless the number of people in the zone is greater than some predefined number. People may be comfortable with reporting, for example, their income or other personal information if they know that such information gathered within a particular zone will only be reported in the aggregate, and only if greater than some large number of people are in the zone.
  • More sophisticated privacy policies may be developed that are discovered to be acceptable to people within zones of different kinds. For example, a shopper who would never share income and/or preference information might accept a policy within a store zone that reports statistics regarding the income and/or preferences of a number of people within the store zone, but that cannot report statistics about particular income bands unless there are more than “p” people present in each of “b” sets of bands, so as to maintain a bound on the ability of a store to discriminate more specifically about a particular person.
  • a privacy policy may be applied that limits information obtained from different zones about the same managed entity to be combined to make inferences.
  • Such a limitation for combining information from different zones may also be applied to the same zone at different times.
  • Such constraints may be relaxed to allow information to be combined from more than one zone, or the same zone, when the time the managed entity is in the zone is greater than some specified time, which may be a function of the type of information and/or zone.
  • Zone policy configuration software may be utilized to configure a zone policy framework.
  • Such software may include digital maps such as road maps, political maps, and/or terrain maps. Such maps may include places such as homes, schools, cities and towns, stores, hospitals, bars and nightclubs, police stations, parks, or any other place, building, area or the like of value for entity tracking and zone policy administration purposes.
  • Zone policy configuration software may also include means for viewing, importing and/or drawing floor plans of buildings and diagrams of outdoor areas such as parks, trails, and the like. Further, such configuration software typically includes means for creating and editing zone definitions for indoor and/or outdoor locations.
  • Various parties may each have rights to manage different portions of an ET-ZPA system, For example, school administrators may have the ability to define a zone and create policy for a school environment while a mother may have the ability to control an entity and rules corresponding to her child and also create policy making use of the school zone, but without the ability to modify it.
  • Zone policy configuration software typically provides means for defining zones, managed entities (including their associated mobile devices), sensors, privacy policies, event objects, and other elements of a zone policy framework, and providing related identifying information, as well as establishing associations between such.
  • Such software may also make use of managed entity and other data to enable to research and discovery, For example, such software may be used to compute the radius of a circular region around a specific latitude and longitude that contains at least n people with cell phones capable of taking pictures.
  • a store manager may use such software to gather income and/or spending statistics for people (managed entities) within the store zone at a particular t me or over a particular period.
  • a municipal agency may make use of such software to gather statistics about homes and/or businesses (managed entities) within a certain area.
  • FIG. 3 is a diagram showing an example natural language zone policy 300 .
  • a zone policy may be expressed or defined using extensible markup language (“XML”) or any other language, meta-language, format, syntax, or the like.
  • line 310 provides a name for the zone policy.
  • Line 320 provides a description of the zone policy.
  • Example zone policy 300 includes five rules as shown in lines 330 , 340 , 350 , 360 , and 370 , with rules 2 - 5 being sub-rules to rule 1 .
  • An ET-ZPA system may store and process such zone policies, along with definitions and information about entities, sensors and zones, and monitor zone policy compliance and generate zone policy events or actions as prescribed by the policy. For example, a system using the “Bobby at school” zone policy 300 automatically applies zone policy 300 to Bobby based on the rules of the zone policy and/or when Bobby is located in the “school” zone.
  • Example rule 1 , line 330 includes an association between an entity, “Bobby”, and a zone, “school”, both of which are typically defined via zone policy configuration software.
  • “Bobby” is defined as an entity and associated with a mobile device.
  • Characteristics of the zone “school”, such as “school hours” and “school grounds”, and the like are generally defined as part of the zone “school”.
  • a zone policy event may be generated if Bobby is found to not be in the “school” zone “during school hours.”
  • Example sub-rule 2 , line 340 includes the condition “raining” which may be indicated by an association with a sensor,
  • the characteristic of “inside the school” may be defined as a sub-zone of the zone “school”.
  • a zone policy event may be generated if Bobby is found to not be “inside the school” when the condition “raining” is indicated.
  • Example sub-rule 3 , line 350 includes an association with another managed entity, “Jane”, Bobby's sister.
  • jane is also defined as an entity and associated with a mobile device.
  • Location information such as current GPS information, related to both Bobby and Jane may be used by the system, in conjunction with information about the “school” zone, to determine if Bobby is with Jane when he leaves the school.
  • Example sub-rule 4 line 360 , includes an association with another managed entity, “John Peters”, which may be defined as an entity and associated with a mobile device by a law enforcement agency, for example. Location information, such as current GPS information, related to both Bobby and John Peters may be used by the system to determine if Bobby is within 100 yards of John Peters. As a sub-rule, rule 4 may only be active when rule 1 is active, such as “during school hours”.
  • Example sub-rule 5 line 370 , identifies a condition that, if not met, may result he generation of a zone policy event.
  • Bobby's mobile device may request a log-in using a secure password every 15 minutes.
  • the mobile device may use some other means to validate and authenticate that Bobby and the mobile device are not separated.
  • Bobby may have an implanted mobile device that may override or automatically satisfy this example periodic log-on sub-rule.
  • Event objects may be implicitly or explicitly defined, including the trigger conditions for such event objects and the corresponding zone policy events or actions.
  • Events/actions may include actions such as information logging, email, telephone calls, alarms, managed entity feedback including via the mobile device, or any other action, or set of actions, suitable for entity tracking and zone policy administration purposes. For example, if an entity “dog” were restricted to a zone “yard” via a zone policy, and the dog were to attempt to leave the yard, an event object may generate entity feedback via an electric shock collar worn by the dog. Should the dog still flee the yard, a telephone call explaining the event may be made to the dog's owner and current location information may be made available via a website.
  • a zone may also be mobile,
  • a bus may be defined as a zone as well as an entity, and defined sub-zones may include each seat on the bus, the luggage storage compartments on the bus, etc. Because the bus is mobile, information about the bus may include its current location or other dynamic information such as speed, acceleration, or the like.
  • Other example mobile zones that may be defined include taxi cabs, freight trucks, airplanes, bicycles, ambulances, ferries, partitioned packages, or the like.
  • an entity may be any object for which entity tracking and zone policy administration may be of value.
  • a package may be associated with a mobile device and a zone policy may be defined to trigger an instant message event at the moment the package arrives at its destination.
  • a whale may be tagged with a mobile device and a zone policy defined to alert researchers when the whale enters it's “breeding grounds” zone.
  • a rental car may be associated with a mobile device with a zone policy event being generated should the rental car enter a “restricted” zone. Such an event may, for example, disable the rental car and notify the rental office of the violation and the car's current location.
  • mobile devices may form ad-hoc networks or join in a federation of devices. For example, when two soldiers on a “battlefield” zone are within proximity of each other, a “proximity” event may cause their mobile devices to form an ad-hoc network and exchange information regarding currently available weaponry or other important resources/intelligence in the possession of each soldier. Such network formation and communication may take place regardless of communication status with any other device or server.
  • zone policy may be used to define a “crawl management” policy.
  • web crawl has been a competitive area among search engine competitors and has largely been constrained to cyberspace.
  • crawlers may include flying devices, such as drone aircraft, miniature aircraft, and other types of flying devices, some of which are currently in-use for aerial surveillance and exploration.
  • Other crawler examples include, but are not limited to, robots or remotely controlled craft operable for land and/or water traversal, or miniature craft such as those designed to inspect buildings, ventilation systems, or even the human body or the like.
  • Zone policy may be utilized to specify crawling policies for zones or the like.
  • policies may include rules such as, “no crawls for information of type x”, rules placing specific limits on a total numbers of crawls of different types in a zone, and/or rules that limit crawling based on statistics such as max mum rate of crawls or the like.
  • “Crawl allowance” policies may allow for physical crawls at particular times and days, at particular locations, altitudes, specifying allowed crawler types, or the like.
  • FIG. 4 is a block diagram showing an example process 400 for creating a zone policy.
  • a zone policy s typically structured in accordance with the zone policy framework described in connection with FIG. 2 .
  • a zone policy may or may not include each of the elements of the zone policy framework.
  • Each step of process 400 may be performed or accomplished programmatically, via a user interface, and/or via any other technique.
  • Block 410 indicates the selection of a zone or sub-zone to which the zone policy will apply. Typically this is done by selecting a zone or sub-zone definition, such as from a list of such definitions. For example, a zone definition for the “CorpY Headquarters” zone may be selected. Such as zone definition may have been previously defined, or may be defined at selection step 410 .
  • Block 420 indicates defining a rule, typically that applies to the selected zone.
  • a zone policy may include any number of rules.
  • An example rule expressed in natural language maybe, “Visitor A must be within 20 feet of Employee 432 while at CorpY Headquarters.”
  • a rule may be defined using natural language, code or the like, symbols, a diagram or the like, and/or using any representation useful in defining a rule.
  • Block 430 indicates selecting a managed entity, typically in association with a rule.
  • a managed entity typically in association with a rule.
  • “Visitor A” may have been defined as a managed entity when the visitor checked-in at a reception desk, the associated mobile device being an electronic badge.
  • “Employee 432 ” may have been defined as a managed entity upon hire.
  • Block 440 indicates selecting a sensor, typically in association with a rule.
  • the term “within 20 feet” may be associated with one or more location sensors.
  • the rule term “while at CorpY Headquarters” may be associated with a marker beacon sensor or with a location sensor. In another example, such terms may be evaluated based on data other than that obtained via a sensor.
  • Block 450 indicates defining a rule event object, typically in association with a rule.
  • an example rule event object might be “Alert Security” and result in an action to contact security with violation information. This step may also involve selecting a managed entity in some scenarios, such as selecting a specific security entity to receive an alert.
  • Block 460 indicates defining a default event object, typically in association with a zone policy.
  • a default event object may be defined so as to generate a zone policy event or action on compliance with all rules of the zone policy and/or on violation of any of its rules, For example, using the example rule defined in connection with block 420 , an example default event object might result in zone policy action maintaining a “green” indication on a monitoring console and indicating the location of “Visitor A” during compliance with security policy rules.
  • Block 470 indicates defining sub-rules, typically in association with a rule or sub-rule.
  • Sub-rules tend to be active only when their parent rules are active. For example, using the example rule defined in connection with block 420 , an example sub rule “Visitor A's electronic badge must continuously detect Visitor A's heartbeat signature” would only be active when the parent rule is active, such as “while at CorpY Headquarters.”
  • Block 480 indicates defining privacy policy, typically in connection with one or more elements of the zone policy framework. Privacy policy tends to control what information can be accessed and under what conditions that information can be accessed. For example, a privacy policy limiting access to “Visitor A's” non-work related personal information may limit access by “CorpY” to such information.
  • FIG. 5 is a block diagram showing an example computing environment 500 in which the technologies described above may be implemented.
  • a suitable computing environment may be implemented with numerous general purpose or special purpose systems. Examples of well known systems may include, but are not limited to, cell phones, personal digital assistants (“PDA”), personal computers (“PC”), hand-held or laptop devices, microprocessor-based systems, multiprocessor systems, servers, workstations, consumer electronic devices, set-top boxes, and the like.
  • PDA personal digital assistants
  • PC personal computers
  • microprocessor-based systems multiprocessor systems
  • servers workstations
  • consumer electronic devices set-top boxes, and the like.
  • Computing environment 500 typically includes a general-purpose computing system in the form of a computing device 501 coupled to various components, such as peripheral devices 502 , 503 , 504 and the like.
  • System 500 may couple to various other components, such as input devices 503 , including voice recognition, touch pads, buttons, keyboards and/or pointing devices, such as a mouse or trackball, via one or more input/output (“I/O”) interfaces 512 .
  • the components of computing device 501 may include one or more processors (including central processing units (“CPU”), graphics processing units (“GPU”), microprocessors (“uP”), and the like) 507 , system memory 509 , and a system bus 508 that typically couples the various components.
  • processors including central processing units (“CPU”), graphics processing units (“GPU”), microprocessors (“uP”), and the like
  • Processor 507 typically processes or executes various computer-executable instructions to control the operation of computing device 501 and to communicate with other electronic and/or computing devices, systems or environment (not shown) via various communications connections such as a network connection 514 or the like.
  • System bus 508 represents any number of several types of bus structures, including a memory bus or memory controller, a peripheral bus, a serial bus, an accelerated graphics port, a processor or local bus using any of a variety of bus architectures, and the like.
  • System memory 509 may include computer readable media in the form of volatile memory, such as random access memory (“RAM”), and/or non-volatile memory, such as read only memory (“ROM”) or flash memory (“FLASH”).
  • RAM random access memory
  • ROM read only memory
  • FLASH flash memory
  • a basic input/output system (“BIOS”) may be stored in non-volatile or the like.
  • System memory 509 typically stores data, computer-executable instructions and/or program modules comprising computer-executable instructions that are immediately accessible to and/or presently operated on by one or more of the processors 507 .
  • Mass storage devices 504 and 510 may be coupled to computing device 501 or incorporated into computing device 501 via coupling to the system bus.
  • Such mass storage devices 504 and 510 may include non-volatile RAM, a magnetic disk drive which reads from and/or writes to a removable, non-volatile magnetic disk (e.g., a “floppy disk”) 505 , and/or an optical disk drive that reads from and/or writes to a non-volatile optical disk such as a CD ROM, DVD ROM 506 .
  • a mass storage device, such as hard disk 510 may include non-removable storage medium.
  • Other mass storage devices may include memory cards, memory sticks, tape storage devices, and the like.
  • Any number of computer programs, files, data structures, and the like may be stored in mass storage 510 , other storage devices 504 , 505 , 506 and system memory 509 (typically limited by available space) including, by way of example and not limitation, operating systems, application programs, data files, directory structures, computer-executable instructions, and the like.
  • Output components or devices may be coupled to computing device 501 , typically via an interface such as a d splay adapter 511 .
  • Output device 502 may be a liquid crystal display (“LCD”).
  • Other example output devices may include printers, audio outputs, voice outputs, cathode ray tube (“CRT”) displays, tactile devices or other sensory output mechanisms, or the like.
  • Output devices may enable computing device 501 to interact with human operators or other machines, systems, computing environments, or the like.
  • a user may interface with computing environment 500 via any number of different I/O devices 503 such as a touch pad, buttons, keyboard, mouse, joystick, game pad, data port, and the like.
  • I/O devices may be coupled to processor 507 via I/O interfaces 512 which may be coupled to system bus 508 , and/or may be coupled by other interfaces and bus structures, such as a parallel port, game port, universal serial bus (“USB”), fire wire, infrared (“IR”) port, and the like.
  • I/O interfaces 512 may be coupled to system bus 508 , and/or may be coupled by other interfaces and bus structures, such as a parallel port, game port, universal serial bus (“USB”), fire wire, infrared (“IR”) port, and the like.
  • USB universal serial bus
  • IR infrared
  • Computing device 501 may operate in a networked environment via communications connections to one or more remote computing devices through one o more cellular networks, wireless networks, local area networks (“LAN”), wide area networks (“WAN”), storage area networks (“SAN”), the Internet, radio links, optical links and the like.
  • Computing device 501 may be coupled to a network via network adapter 513 or the like, or, alternatively, via a modem, digital subscriber line (“DSL”) link, integrated services digital network (“ISDN”) link, Internet link, wireless link, or the like.
  • DSL digital subscriber line
  • ISDN integrated services digital network
  • Communications connection 514 typically provides a coupling to communications media, such as a network.
  • Communications media typically provide computer-readable and computer-executable instructions, data structures, files, program modules and other data using a modulated data signal, such as a carrier wave or other transport mechanism.
  • modulated data signal typically means a signal that has one or more of its characteristics set or changed in such a manner as to encode information in the signal.
  • communications media may include wired media, such as a wired network or direct-wired connection or the like, and wireless media, such as acoustic, radio frequency, infrared, or other wireless communications mechanisms.
  • Power source 590 such as a battery or a power supply, typically provides power for portions or all of computing environment 500 .
  • power source 590 may be a battery.
  • power source 590 may be a power supply designed to connect to an alternating current (“AC”) source, such as via. a wall outlet.
  • AC alternating current
  • an electronic badge may be comprised of a coil of w re along with a simple processing unit 507 or the like, the coil configured to act as power source 590 when in proximity to a card reader device or the like.
  • a coil may also be configure to act as an antenna coupled to the processing unit 507 or the like, the coil antenna capable of providing a form of communication between the electronic badge and the card reader device.
  • Such communication may not involve networking, but may alternatively be general or special purpose communications via telemetry, point-to-point, RF, IR, audio, or other means.
  • An electronic card may not include display 502 , I/O device 503 , or many of the other components described in connection with FIG. 5 .
  • Other mobile devices that may not include many of the components described in connection with FIG. 5 , by way of example and not limitation, include electronic bracelets, electronic tags, implantable devices, and the like.
  • a remote computer or storage device may store computer-readable and computer-executable instructions in the form of software applications and data.
  • a local computer may access the remote computer or storage device via the network and download part or all of a software application or data and may execute any computer-executable instructions.
  • the local computer may download pieces of the software or data as needed, or distributively process the software by executing some of the instructions at the local computer and some at remote computers and/or devices.
  • DSP digital signal processor
  • PLA programmable logic array
  • discrete circuits and the like.
  • DSP digital signal processor
  • electronic apparatus may include computing devices or consumer electronic devices comprising any software, firmware or the like, or electronic devices or circuits comprising no software, firmware or the like.
  • firmware typically refers to executable instructions, code or data maintained in an electronic device such as a ROM.
  • software generally refers to executable instructions, code, data, applications, programs, or the like maintained in or on any form of computer-readable media.
  • computer-readable media typically refers to system memory, storage devices and their associated media, and the like.

Abstract

The present invention includes entity tracking, privacy assurance, and zone policy administration technologies allowing for the creation of zone policies, including the definition of zones and managed entities, the zone policies including rules that apply to the managed entities within or in relation to the zones, and privacy policies assuring privacy of sensitive data. The technologies also provide for the definition of sensors, rule event objects, and default event objects, and for the establishment of associations between rules and managed entities, sensors, and rule event objects so as to create zone policies. Event objects may generate zone policy events or actions upon compliance with or violation of various rules of zone policy. Managed entities are defined as entities associated with mobile devices capable of location tracking and communication with zone policy servers. Entities may be persons, vehicles, animals, or any other object for which tracking and zone policy administration is of value. Zone policy may include privacy policy that may restrict access to or set access conditions for data or information. Privacy policies may be used to ensure individual managed entities and their data remain anonymous to a desired degree and that sensitive data is appropriately protected.

Description

    RELATED APPLICATION(S)
  • This Application is a Continuation of and claims benefit from U.S. patent application Ser. No. 11/468,039 that was filed on Aug. 26, 2006, and that is incorporated herein by reference in its entirety.
    • BACKGROUND
  • In many cases it is desirable to track, receive notifications and/or apply various rules as a person (or other entity) moves about, as time passes, or as different people (or entities) enter or leave the proximity of the tracked person or entity. Consider the case of a convict in a work release program. It is desirable for a parole officer to monitor the convict, to ensure, for example, that he is physically at work when he should be, that he is not violating any restraining order, etc. But such monitoring can be labor-intensive and costly. Also, consider a parent desiring to monitor the location of a mentally handicapped child prone to wander off. In other examples, a Department of Homeland Security agent may wish to know when a large quantity of ammonium nitrate is approaching particular locations. A parent may want to know when a sexual predator s within a certain distance of their children, A chemist may want a laboratory to report when lithium and water are within some distance of one another. And a self-reporting nano-material may report whenever another nano-material is detected within some sensitive zone. These and many other scenarios for monitoring physical and/or virtual entities based on a set of rules and in relation to various zones tend to be difficult and expensive manual efforts at best.
    • SUMMARY
  • The following presents a simplified summary of the disclosure in order to provide a basic understanding to the reader. This summary is not an extensive overview of the disclosure and it does not identify key/critical elements of the invention or delineate the scope of the invention. Its sole purpose is to present some concepts disclosed herein in a simplified form as a prelude to the more detailed description that is presented later.
  • The present examples provide entity tracking and zone policy administration technologies providing for, among other things, the defining of zones and managed entities, and for the creation of zone policies including rules that apply to the managed entities within or in relation to the zones, and privacy policies assuring privacy of sensitive data. These technologies further provide for the definition of sensors and event objects, as well as associations between zones, sensors, managed entities, and event objects so as to create zone policy based on a zone policy framework. A managed entity, an entity associated with a mobile device, may be a person, vehicle, animal, or any other object, physical or virtual, for which tracking and zone policy administration may be of value. A privacy policy may restrict access to or set access conditions for data or information. Privacy policies may be used to ensure individual managed entities and their data remain anonymous to a desired degree and that sensitive data is appropriately protected.
  • Many of the attendant features will be more readily appreciated as the same becomes better understood by reference to the following detailed description considered in connection with the accompanying drawings.
    • DESCRIPTION OF THE DRAWINGS
  • The present description will be better understood from the following detailed description read in light of the accompanying drawings, wherein:
  • FIG. 1 is block diagram showing an example entity tracking and zone policy administration system.
  • FIG. 2 is a block diagram showing an example zone policy framework including a zone policy with rules, ozone definition, and two entity definitions.
  • FIG. 3 is a diagram showing an example natural language zone policy.
  • FIG. 4 is a block diagram showing an example process for creating a zone policy.
  • FIG. 5 is a block diagram showing an example computing environment in which the technologies described above may be implemented.
    •
  • Like reference numerals are used to designate like parts in the accompanying drawings.
    • DETAILED DESCRIPTION
  • The detailed description provided below in connection with the appended drawings is intended as a description of the present examples and is not intended to represent the only forms in which the present example may be constructed or utilized. The description sets forth the functions of the example and the sequence of steps for constructing and operating the example. However, the same or equivalent functions and sequences may be accomplished by different examples.
  • Although the present examples are described and illustrated herein as being implemented in a computing and networking environment, the environment described is provided as an example and not a limitation. As those skilled in the art will appreciate, the present examples are suitable for application in a variety of different environments.
  • FIG. 1 is block diagram showing an example entity tracking and zone policy administration (“ET-ZPA”) system 100. Elements of ET-ZPA system 100 may include: mobile devices, such as mobile device 114, associated with entities, such as person 112, forming managed entities, such as managed entity 110, 120, 122, and 124; sensors, such as sensor 130; zone policy servers, such as server 140; zone policy data stores, such as database 150; and communications networks, such as network 180.
  • Example managed entity 110 includes an entity, such as person 112, and a mobile device 114. Mobile device 114 is associated with entity 112 forming a managed entity. An entity may be a person, vehicle, animal, package, or any other physical object for which tracking and zone policy administration may be desirable. A mobile device may be a personal data assistant (“PDA”), cell phone, electronic bracelet, electronic tag, electronic badge, implantable device, computer, or the like such as the computing environment described in connection with FIG. 5. Such a mobile device may include a means for location sensing and/or tracking, such as global positioning system (“GPS”) position tracking, a coupling to a network access point, a coupling to a radio frequency (“RF”) beacon, user assertion, cell tower and/or wireless fidelity (“Wi-Fi”) triangulation, or the like, and a means for communication, such as wireless communication to a network such as the internet or the like. Such a mobile device may also include processing capability such that zone policy software may be operated on the device, and/or the device may be capable of creating and/or joining ad-hoc networks with other devices, participating in a federation of devices, and engaging in communications with such devices.
  • Managed entities, such as managed entities 110, 120, 122, and 124 are typically coupled to network 180 via a communication links, such as link 116. Such communication links may be wireless links or any other type of link suitable to the entity being managed. In one example, such a link may be provided by a cell phone acting as the mobile device. In another example, such a link may be provided by a short range RF transponder.
  • Each mobile device typically includes as unique identifier, such as a global unique identifier (“GUID”) or the like, so as to enable each mobile device to be uniquely recognized by an ET-ZPA system. Each mobile device may also include identification information for the entity to which it is associated. For example, mobile device 114 is shown in FIG. 1 associated with entity 112, a person, and includes identifying information for person 112 sufficient for entity tracking and zone policy administration purposes. In one example, when the entity is a person the identity information includes name, address, and other contact information. Other information may include birth date, digital biometric information, license information (such as a driver license number, state, etc.), passport information, employee identification information, health information (such as blood type, disability descriptions, doctor's information, etc.), emergency contact information, or the like, One purpose of such identity information is to uniquely identify the entity associated with the mobile device, If the entity s a vehicle, animal, package, or some other object, the identity information may be sufficient for entity tracking and zone policy application purposes of such an object.
  • In another example, a mobile device may be a “dumb” tracking device, capable of limited location tracking and limited communication capability. Such limited communication capability may be limited to providing location tracking information along with basic mobile device identification information. Further limitations may include periodic versus continuous communications, limited-range communications, reply-only communications, or the like. With such a dumb device, most or all of zone policy-related processing is typically performed remotely by other mobile device, zone policy servers, such as server 140, or the like.
  • In yet another example, a “smart” mobile device may include local zone policy storage and processing capability. For example, such a smart device may download appropriate zone policy information during communication with zone policy server 140 via network 180, and be capable of processing such zone-policy information even when later out of communication with zone policy server 140. Such a smart device may also be capable of establishing “ad-hoc” networks with other devices, of participating in a federation of devices, and of sharing information about associated managed entities, even when unable to or out of communication with zone policy server 140.
  • In some situations, such as with a person entity carrying a mobile device such as a cell phone, mobile computer, PDA, or the like, it may be desirable to periodically validate that the correct person is in current possession of the mobile device. In one example, such authentication and validation may be accomplished by periodically requiring a log-on, such as with a private password, or via a biometric data, such as a finder print, iris scan, voice print, or the like. In another example, such an authentication and validation may be required at a particular point in time as part of a zone policy, such as when entering a particular zone. In general, the purpose of such authentication and validation is to verify that the mobile device is currently in the possession of the associated entity.
  • An ET-ZPA system 100 may also include sensors, such as sensor 130, with each sensor coupled to network 180 via a communication link, such as link 132, and thereby co pied to devices such as mobile device 114. Alternatively, sensors may be directly coupled to a mobile device, or the sensors may be coupled to an intermediary device or devices, the intermediary device or devices being coupled to network 180. Communication links, such as link 132, may be wireless or wired links or any other type of link suitable to the sensor being utilized. Such sensors may be configured to monitor environmental or other conditions suitable for entity tracking and zone policy administration purposes. For example, various sensors may be positioned at or around zones of interest so as to monitor weather conditions, degree of daylight, noise, moisture, or any other environmental condition of interest. In another example, a sensor may be a smoke alarm, a burglar alarm, a carbon monoxide detector, or the like. In another example, a sensor may be a beacon sensor, capable of receiving data or information from a beacon. A beacon may be a location beacon capable of broadcasting or sending location information, a marker beacon capable of broadcasting or sending information about an object or location the beacon is marking, or any other type of beacon capable of broadcasting or sending data or information useful for entity tracking and zone policy administration purposes.
  • In yet another example, a sensor may monitor for power outages, natural gas shut-offs, phone line functionality, or the like. Other example sensors may monitor speed, altitude, acceleration, or the like. Yet other example sensors may be applied to persons, animals, or other living creatures to monitor vital signs such as heart rate, blood pressure, brain wave activity, stress, or the like. Each such sensor typically includes a unique identifier, such as a global unique identifier (“GUID”) or the like, so as to enable each sensor to be uniquely recognized by an ET-ZPA system.
  • An ET-ZPA system 100 also typically includes zone policy servers, such as server 140, coupled to network 180 via communication links, such as link 142. Such communication links may be wireless or wired links or any other type of link suitable to the server being utilized. Such servers may be coupled 160 to zone policy data stores, such as database 150, that may be local or remote to a server. In one example, zone policy server 140 is a computing environment such as that described in connection with FIG. 5. Such servers typically host zone policy software sufficient to enable the configuration and management of zones, entities, sensors, zone policies, and event objects. Zone policy servers may alternatively be implemented as a web service providing zone policy functionality, or as some other type of centralized or distributed service.
  • FIG. 2 is a block diagram showing an example zone policy framework 200 including an example zone policy with rules, a zone definition 220, and two managed entity definitions 230 and 240. In general, a zone policy framework includes a collection of zone definitions, entity definitions, sensor definitions, zone policies, and associations. Such a framework may be an object model, a schema, or any other description, representation and/or definition of zone policy, its structure and/or scope.
  • Example zone definition 220 defines Zone A that, in one example, includes a zone name, description, and border information sufficient to describe the physical borders of the zone. A zone may be defined, at least in part, in terms of a perimeter (such as sides of a lot, a radius around a location center point, or other boundary descriptions or the like), an area, a volume, or the like. Such a definition may include physical coordinates as well as sub-zones definitions. In one example, when a zone is defined for a building, the zone definition may include information sufficient to describe the building floor plan including multiple levels, room descriptions, hall ways, doors, windows, elevators, stairs, and the like. In other examples, a zone definition may define a road, trail, home, school, office, park, cave, lake, river, airspace, or any other physical or geographic area, collection of areas (sub-zones), or the like. A zone policy may include any number of zone and/or sub-zone definitions.
  • Example managed entity definitions 230 and 240 define Entity 1 and Entity n respectively that, in one example, include an entity name, description and other identification information appropriate for entity tracking and zone policy administration purposes, A managed entity definition may be associated with one or more rules or sub-rules, as indicated by links 232 and 242. A zone policy may include any number of managed entity definitions.
  • Example zone policy definition 210 defines Zone Policy 1 and includes example rules, such as rule 212. A zone policy may be associated with one or more zones. For example, Zone Policy 1 is shown associated with Zone A by link 222. A zone policy definition is typically comprised of rules and sub-rules that, when taken together, define the zone policy. Rules and sub-rules may have associated with them one or more entities, sensors, rule event objects, and/or zones. For example, rule R1 is shown in FIG. 2 to have associated with it Entity 1, and rule Rn is shown to have associated with it Entity n. A zone policy may also have associated with in a default event object, such as object 250.
  • Example default event object 250 is shown associated with Zone Policy 1. Such an event object may generate a zone policy event or action on compliance with all rules of the zone policy and/or on violation of any of the rules. Example rule event object 252 is shown associated with rule R2 and may generate a zone policy event or action on compliance with example rule R2 and/or on violation of rule R2. Such events/actions may be configurable programmatically and/or by ET-ZPA system administrators or users. Zone policy events or actions may be generated by default event objects and rule event objects, and typically indicate compliance with or violation of some aspect of zone policy.
  • Example sensor 260 is shown associated with rule R2. A sensor definition may be associated with one or more rules or sub-rules, as indicated by link 262. A zone policy may include any number of sensor definitions.
  • Example privacy policy 270 is shown optional associated with Zone Policy 1 (210) and/or Entity n (240). A privacy policy may also be applied to a zone, a sensor, a rule, an event object, or any element of a zone policy framework. A privacy policy may restrict access to or set access conditions for data or information. In particular, privacy policies may be used to ensure individual managed entities and their data remain anonymous to a desired degree and that sensitive data is appropriately protected. For example, a privacy policy applied to a zone may ensure that only certain composite statistics based on specific information about people (managed entities) within the zone may be reported, and that such information cannot be reported unless the number of people in the zone is greater than some predefined number. People may be comfortable with reporting, for example, their income or other personal information if they know that such information gathered within a particular zone will only be reported in the aggregate, and only if greater than some large number of people are in the zone.
  • More sophisticated privacy policies may be developed that are discovered to be acceptable to people within zones of different kinds. For example, a shopper who would never share income and/or preference information might accept a policy within a store zone that reports statistics regarding the income and/or preferences of a number of people within the store zone, but that cannot report statistics about particular income bands unless there are more than “p” people present in each of “b” sets of bands, so as to maintain a bound on the ability of a store to discriminate more specifically about a particular person.
  • In yet another example, a privacy policy may be applied that limits information obtained from different zones about the same managed entity to be combined to make inferences. Such a limitation for combining information from different zones may also be applied to the same zone at different times. Such constraints may be relaxed to allow information to be combined from more than one zone, or the same zone, when the time the managed entity is in the zone is greater than some specified time, which may be a function of the type of information and/or zone.
  • Zone policy configuration software may be utilized to configure a zone policy framework. Such software may include digital maps such as road maps, political maps, and/or terrain maps. Such maps may include places such as homes, schools, cities and towns, stores, hospitals, bars and nightclubs, police stations, parks, or any other place, building, area or the like of value for entity tracking and zone policy administration purposes. Zone policy configuration software may also include means for viewing, importing and/or drawing floor plans of buildings and diagrams of outdoor areas such as parks, trails, and the like. Further, such configuration software typically includes means for creating and editing zone definitions for indoor and/or outdoor locations. Various parties may each have rights to manage different portions of an ET-ZPA system, For example, school administrators may have the ability to define a zone and create policy for a school environment while a mother may have the ability to control an entity and rules corresponding to her child and also create policy making use of the school zone, but without the ability to modify it.
  • Zone policy configuration software typically provides means for defining zones, managed entities (including their associated mobile devices), sensors, privacy policies, event objects, and other elements of a zone policy framework, and providing related identifying information, as well as establishing associations between such. Such software may also make use of managed entity and other data to enable to research and discovery, For example, such software may be used to compute the radius of a circular region around a specific latitude and longitude that contains at least n people with cell phones capable of taking pictures. In another example, a store manager may use such software to gather income and/or spending statistics for people (managed entities) within the store zone at a particular t me or over a particular period. In yet another example, a municipal agency may make use of such software to gather statistics about homes and/or businesses (managed entities) within a certain area.
  • FIG. 3 is a diagram showing an example natural language zone policy 300. In other examples, a zone policy may be expressed or defined using extensible markup language (“XML”) or any other language, meta-language, format, syntax, or the like. In the example shown in FIG. 3, line 310 provides a name for the zone policy. Line 320 provides a description of the zone policy. Example zone policy 300 includes five rules as shown in lines 330, 340, 350, 360, and 370, with rules 2-5 being sub-rules to rule 1. An ET-ZPA system may store and process such zone policies, along with definitions and information about entities, sensors and zones, and monitor zone policy compliance and generate zone policy events or actions as prescribed by the policy. For example, a system using the “Bobby at school” zone policy 300 automatically applies zone policy 300 to Bobby based on the rules of the zone policy and/or when Bobby is located in the “school” zone.
  • Example rule 1, line 330, includes an association between an entity, “Bobby”, and a zone, “school”, both of which are typically defined via zone policy configuration software. In configuring the system, “Bobby” is defined as an entity and associated with a mobile device. Characteristics of the zone “school”, such as “school hours” and “school grounds”, and the like are generally defined as part of the zone “school”. In this example, a zone policy event may be generated if Bobby is found to not be in the “school” zone “during school hours.”
  • Example sub-rule 2, line 340, includes the condition “raining” which may be indicated by an association with a sensor, The characteristic of “inside the school” may be defined as a sub-zone of the zone “school”. In this example, a zone policy event may be generated if Bobby is found to not be “inside the school” when the condition “raining” is indicated.
  • Example sub-rule 3, line 350, includes an association with another managed entity, “Jane”, Bobby's sister. In configuring the system, jane is also defined as an entity and associated with a mobile device. Location information, such as current GPS information, related to both Bobby and Jane may be used by the system, in conjunction with information about the “school” zone, to determine if Bobby is with Jane when he leaves the school.
  • Example sub-rule 4, line 360, includes an association with another managed entity, “John Peters”, which may be defined as an entity and associated with a mobile device by a law enforcement agency, for example. Location information, such as current GPS information, related to both Bobby and John Peters may be used by the system to determine if Bobby is within 100 yards of John Peters. As a sub-rule, rule 4 may only be active when rule 1 is active, such as “during school hours”.
  • Example sub-rule 5, line 370, identifies a condition that, if not met, may result he generation of a zone policy event. In one example. Bobby's mobile device may request a log-in using a secure password every 15 minutes. in another example, the mobile device may use some other means to validate and authenticate that Bobby and the mobile device are not separated. In another example, Bobby may have an implanted mobile device that may override or automatically satisfy this example periodic log-on sub-rule.
  • Event objects may be implicitly or explicitly defined, including the trigger conditions for such event objects and the corresponding zone policy events or actions. Events/actions may include actions such as information logging, email, telephone calls, alarms, managed entity feedback including via the mobile device, or any other action, or set of actions, suitable for entity tracking and zone policy administration purposes. For example, if an entity “dog” were restricted to a zone “yard” via a zone policy, and the dog were to attempt to leave the yard, an event object may generate entity feedback via an electric shock collar worn by the dog. Should the dog still flee the yard, a telephone call explaining the event may be made to the dog's owner and current location information may be made available via a website.
  • In some instances a zone may also be mobile, For example, a bus may be defined as a zone as well as an entity, and defined sub-zones may include each seat on the bus, the luggage storage compartments on the bus, etc, Because the bus is mobile, information about the bus may include its current location or other dynamic information such as speed, acceleration, or the like. Other example mobile zones that may be defined include taxi cabs, freight trucks, airplanes, bicycles, ambulances, ferries, partitioned packages, or the like.
  • In other instances an entity may be any object for which entity tracking and zone policy administration may be of value. For example, a package may be associated with a mobile device and a zone policy may be defined to trigger an instant message event at the moment the package arrives at its destination. In another example, a whale may be tagged with a mobile device and a zone policy defined to alert researchers when the whale enters it's “breeding grounds” zone. In yet another example, a rental car may be associated with a mobile device with a zone policy event being generated should the rental car enter a “restricted” zone. Such an event may, for example, disable the rental car and notify the rental office of the violation and the car's current location.
  • In another instance mobile devices may form ad-hoc networks or join in a federation of devices. For example, when two soldiers on a “battlefield” zone are within proximity of each other, a “proximity” event may cause their mobile devices to form an ad-hoc network and exchange information regarding currently available weaponry or other important resources/intelligence in the possession of each soldier. Such network formation and communication may take place regardless of communication status with any other device or server.
  • In yet another example, zone policy may be used to define a “crawl management” policy. In the Internet, web crawl has been a competitive area among search engine competitors and has largely been constrained to cyberspace. However, as technology advances we may see an increase of competitive physical world crawling, such as robotic and or human-guided “crawlers” that crawl and index the physical environment. Such crawlers may include flying devices, such as drone aircraft, miniature aircraft, and other types of flying devices, some of which are currently in-use for aerial surveillance and exploration. Other crawler examples include, but are not limited to, robots or remotely controlled craft operable for land and/or water traversal, or miniature craft such as those designed to inspect buildings, ventilation systems, or even the human body or the like.
  • Organizations may aggressively make use of crawlers such that there may be crawlers operating in or around homes and offices at all hours of the day. Zone policy may be utilized to specify crawling policies for zones or the like. Such policies may include rules such as, “no crawls for information of type x”, rules placing specific limits on a total numbers of crawls of different types in a zone, and/or rules that limit crawling based on statistics such as max mum rate of crawls or the like. “Crawl allowance” policies may allow for physical crawls at particular times and days, at particular locations, altitudes, specifying allowed crawler types, or the like.
  • FIG. 4 is a block diagram showing an example process 400 for creating a zone policy. A zone policy s typically structured in accordance with the zone policy framework described in connection with FIG. 2. In practice a zone policy may or may not include each of the elements of the zone policy framework. Each step of process 400 may be performed or accomplished programmatically, via a user interface, and/or via any other technique.
  • Block 410 indicates the selection of a zone or sub-zone to which the zone policy will apply. Typically this is done by selecting a zone or sub-zone definition, such as from a list of such definitions. For example, a zone definition for the “CorpY Headquarters” zone may be selected. Such as zone definition may have been previously defined, or may be defined at selection step 410.
  • Block 420 indicates defining a rule, typically that applies to the selected zone. In general, a zone policy may include any number of rules. An example rule expressed in natural language maybe, “Visitor A must be within 20 feet of Employee 432 while at CorpY Headquarters.” A rule may be defined using natural language, code or the like, symbols, a diagram or the like, and/or using any representation useful in defining a rule.
  • Block 430 indicates selecting a managed entity, typically in association with a rule. For example, using the example rule defined in connection with block 420, “Visitor A” may have been defined as a managed entity when the visitor checked-in at a reception desk, the associated mobile device being an electronic badge. Further, “Employee 432” may have been defined as a managed entity upon hire.
  • Block 440 indicates selecting a sensor, typically in association with a rule. For example, using the example rule defined in connection with block 420, the term “within 20 feet” may be associated with one or more location sensors. The rule term “while at CorpY Headquarters” may be associated with a marker beacon sensor or with a location sensor. In another example, such terms may be evaluated based on data other than that obtained via a sensor.
  • Block 450 indicates defining a rule event object, typically in association with a rule. For example, using the example rule defined in connection with block 420, an example rule event object might be “Alert Security” and result in an action to contact security with violation information. This step may also involve selecting a managed entity in some scenarios, such as selecting a specific security entity to receive an alert.
  • Block 460 indicates defining a default event object, typically in association with a zone policy. A default event object may be defined so as to generate a zone policy event or action on compliance with all rules of the zone policy and/or on violation of any of its rules, For example, using the example rule defined in connection with block 420, an example default event object might result in zone policy action maintaining a “green” indication on a monitoring console and indicating the location of “Visitor A” during compliance with security policy rules.
  • Block 470 indicates defining sub-rules, typically in association with a rule or sub-rule. Sub-rules tend to be active only when their parent rules are active. For example, using the example rule defined in connection with block 420, an example sub rule “Visitor A's electronic badge must continuously detect Visitor A's heartbeat signature” would only be active when the parent rule is active, such as “while at CorpY Headquarters.”
  • Block 480 indicates defining privacy policy, typically in connection with one or more elements of the zone policy framework. Privacy policy tends to control what information can be accessed and under what conditions that information can be accessed. For example, a privacy policy limiting access to “Visitor A's” non-work related personal information may limit access by “CorpY” to such information.
  • FIG. 5 is a block diagram showing an example computing environment 500 in which the technologies described above may be implemented. A suitable computing environment may be implemented with numerous general purpose or special purpose systems. Examples of well known systems may include, but are not limited to, cell phones, personal digital assistants (“PDA”), personal computers (“PC”), hand-held or laptop devices, microprocessor-based systems, multiprocessor systems, servers, workstations, consumer electronic devices, set-top boxes, and the like.
  • Computing environment 500 typically includes a general-purpose computing system in the form of a computing device 501 coupled to various components, such as peripheral devices 502, 503, 504 and the like. System 500 may couple to various other components, such as input devices 503, including voice recognition, touch pads, buttons, keyboards and/or pointing devices, such as a mouse or trackball, via one or more input/output (“I/O”) interfaces 512. The components of computing device 501 may include one or more processors (including central processing units (“CPU”), graphics processing units (“GPU”), microprocessors (“uP”), and the like) 507, system memory 509, and a system bus 508 that typically couples the various components. Processor 507 typically processes or executes various computer-executable instructions to control the operation of computing device 501 and to communicate with other electronic and/or computing devices, systems or environment (not shown) via various communications connections such as a network connection 514 or the like. System bus 508 represents any number of several types of bus structures, including a memory bus or memory controller, a peripheral bus, a serial bus, an accelerated graphics port, a processor or local bus using any of a variety of bus architectures, and the like.
  • System memory 509 may include computer readable media in the form of volatile memory, such as random access memory (“RAM”), and/or non-volatile memory, such as read only memory (“ROM”) or flash memory (“FLASH”). A basic input/output system (“BIOS”) may be stored in non-volatile or the like. System memory 509 typically stores data, computer-executable instructions and/or program modules comprising computer-executable instructions that are immediately accessible to and/or presently operated on by one or more of the processors 507.
  • Mass storage devices 504 and 510 may be coupled to computing device 501 or incorporated into computing device 501 via coupling to the system bus. Such mass storage devices 504 and 510 may include non-volatile RAM, a magnetic disk drive which reads from and/or writes to a removable, non-volatile magnetic disk (e.g., a “floppy disk”) 505, and/or an optical disk drive that reads from and/or writes to a non-volatile optical disk such as a CD ROM, DVD ROM 506. Alternatively, a mass storage device, such as hard disk 510, may include non-removable storage medium. Other mass storage devices may include memory cards, memory sticks, tape storage devices, and the like.
  • Any number of computer programs, files, data structures, and the like may be stored in mass storage 510, other storage devices 504, 505, 506 and system memory 509 (typically limited by available space) including, by way of example and not limitation, operating systems, application programs, data files, directory structures, computer-executable instructions, and the like.
  • Output components or devices, such as display device 502, may be coupled to computing device 501, typically via an interface such as a d splay adapter 511. Output device 502 may be a liquid crystal display (“LCD”). Other example output devices may include printers, audio outputs, voice outputs, cathode ray tube (“CRT”) displays, tactile devices or other sensory output mechanisms, or the like. Output devices may enable computing device 501 to interact with human operators or other machines, systems, computing environments, or the like. A user may interface with computing environment 500 via any number of different I/O devices 503 such as a touch pad, buttons, keyboard, mouse, joystick, game pad, data port, and the like. These and other I/O devices may be coupled to processor 507 via I/O interfaces 512 which may be coupled to system bus 508, and/or may be coupled by other interfaces and bus structures, such as a parallel port, game port, universal serial bus (“USB”), fire wire, infrared (“IR”) port, and the like.
  • Computing device 501 may operate in a networked environment via communications connections to one or more remote computing devices through one o more cellular networks, wireless networks, local area networks (“LAN”), wide area networks (“WAN”), storage area networks (“SAN”), the Internet, radio links, optical links and the like. Computing device 501 may be coupled to a network via network adapter 513 or the like, or, alternatively, via a modem, digital subscriber line (“DSL”) link, integrated services digital network (“ISDN”) link, Internet link, wireless link, or the like.
  • Communications connection 514, such as a network connection, typically provides a coupling to communications media, such as a network. Communications media typically provide computer-readable and computer-executable instructions, data structures, files, program modules and other data using a modulated data signal, such as a carrier wave or other transport mechanism. The term “modulated data signal” typically means a signal that has one or more of its characteristics set or changed in such a manner as to encode information in the signal. By way of example, and not limitation, communications media may include wired media, such as a wired network or direct-wired connection or the like, and wireless media, such as acoustic, radio frequency, infrared, or other wireless communications mechanisms.
  • Power source 590, such as a battery or a power supply, typically provides power for portions or all of computing environment 500. In the case of the computing environment 500 being a mobile device or portable device or the like, power source 590 may be a battery. Alternatively, in the case computing environment 500 is a computer or server or the like, power source 590 may be a power supply designed to connect to an alternating current (“AC”) source, such as via. a wall outlet.
  • Some mobile devices may not include many of the components described in connection with FIG. 5. For example, an electronic badge may be comprised of a coil of w re along with a simple processing unit 507 or the like, the coil configured to act as power source 590 when in proximity to a card reader device or the like. Such a coil may also be configure to act as an antenna coupled to the processing unit 507 or the like, the coil antenna capable of providing a form of communication between the electronic badge and the card reader device. Such communication may not involve networking, but may alternatively be general or special purpose communications via telemetry, point-to-point, RF, IR, audio, or other means. An electronic card may not include display 502, I/O device 503, or many of the other components described in connection with FIG. 5. Other mobile devices that may not include many of the components described in connection with FIG. 5, by way of example and not limitation, include electronic bracelets, electronic tags, implantable devices, and the like.
  • Those skilled in the art will realize that storage devices utilized to provide computer-readable and computer-executable instructions and data can be distributed over a network. For example, a remote computer or storage device may store computer-readable and computer-executable instructions in the form of software applications and data. A local computer may access the remote computer or storage device via the network and download part or all of a software application or data and may execute any computer-executable instructions. Alternatively, the local computer may download pieces of the software or data as needed, or distributively process the software by executing some of the instructions at the local computer and some at remote computers and/or devices.
  • Those skilled in the art will also realize that, by utilizing conventional techniques, all or portions of the software's computer-executable instructions may be carried out by a dedicated electronic circuit such as a digital signal processor (“DSP”), programmable logic array (“PLA”), discrete circuits, and the like. The term “electronic apparatus” may include computing devices or consumer electronic devices comprising any software, firmware or the like, or electronic devices or circuits comprising no software, firmware or the like.
  • The term “firmware” typically refers to executable instructions, code or data maintained in an electronic device such as a ROM. The term “software” generally refers to executable instructions, code, data, applications, programs, or the like maintained in or on any form of computer-readable media. The term “computer-readable media” typically refers to system memory, storage devices and their associated media, and the like.
  • In view of the many possible embodiments to which the principles of the present invention and the forgoing examples may be applied, it should be recognized that the examples described herein are meant to be illustrative only and should not be taken as limiting the scope of the present invention. Therefore, the invention as described herein contemplates all such embodiments as may come within the scope of the hollowing claims and any equivalents thereto.

Claims (20)

1. A method performed on a computing device that includes at least one processor and memory, the method comprising: monitoring a managed entity according to a zone policy, where an entity and a mobile device are together considered the managed entity, and where the zone policy indicates a mobile zone, a relationship between the mobile zone and the managed entity, and physical boundaries of the mobile zone.
2. The method of claim 1 further comprising verifying that the mobile device is in the possession of the entity.
3. The method of claim 1 further comprising generating an event in response to the managed entity entering a particular zone.
4. The method of claim 1 further comprising generating an event in response to the managed is within a particular proximity of another managed entity.
5. The method of claim 1 where the mobile device s an electronic badge, a cell phone, or a mobile computing device.
6. The method of claim 1 where the entity is a person, animal, vehicle, or other physical object.
7. The method of claim 1 where the managed entity is coupled to a network.
8. A system comprising a computing device and at least one program module that are together configured for performing actions, the computing device comprising at least one processor and memory, the actions comprising: monitoring a managed entity according to a zone policy, where an entity and a mobile device are together considered the managed entity, and where the zone policy indicates a mobile zone, a relationship between the mobile zone and the managed entity, and physical boundaries of the mobile zone.
9. The system of claim 8, the actions further comprising verifying that the mobile device is in the possession of the entity.
10. The system of claim 8, the actions further comprising generating an event in response to the managed entity entering a particular zone.
11. The system of claim 8, the actions further comprising generating an event in response to the managed is within a particular proximity of another managed entity.
12. The system of claim 8 where the mobile device is an electronic badge, a cell phone, or a mobile computing device.
13. The system of claim 8 where the entity is a person, animal, vehicle, or other physical object.
14. The system of claim 8 where the managed entity is coupled to a network.
15. At least one computer-readable device storing computer-executable instructions that, when executed by at least one processor of a computing device comprising memory, cause the computing device to perform actions comprising: monitoring a managed entity according to a zone policy, where an entity and a mobile device are together considered the managed entity, and where the zone policy indicates a mobile zone, a relationship between the mobile zone and the managed entity, and physical boundaries of the mobile zone.
16. The at least one computer-readable device of claim 15, the actions further comprising verifying that the mobile device is in the possession of the entity.
17. The at least one computer-readable device of claim 15, the actions further comprising generating an event in response to the managed entity entering a particular zone.
18. The at least one computer-readable device of claim 15, the actions further comprising generating an event in response to the managed is within a particular proximity of another managed entity.
19. The at least one computer-readable device of claim 15 where the mobile device is an electronic badge, a cell phone, or a mobile computing device, or where the managed entity is coupled to a network.
20. The at least one computer-readable device of claim 15 where the entity is a person, animal, vehicle, or other physical object.
US14/533,901 2006-08-29 2014-11-05 Zone policy administration for entity tracking and privacy assurance Abandoned US20150067768A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
US14/533,901 US20150067768A1 (en) 2006-08-29 2014-11-05 Zone policy administration for entity tracking and privacy assurance

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US11/468,039 US8893224B2 (en) 2006-08-29 2006-08-29 Zone policy administration for entity tracking and privacy assurance
US14/533,901 US20150067768A1 (en) 2006-08-29 2014-11-05 Zone policy administration for entity tracking and privacy assurance

Related Parent Applications (1)

Application Number Title Priority Date Filing Date
US11/468,039 Continuation US8893224B2 (en) 2006-08-29 2006-08-29 Zone policy administration for entity tracking and privacy assurance

Publications (1)

Publication Number Publication Date
US20150067768A1 true US20150067768A1 (en) 2015-03-05

Family

ID=39190190

Family Applications (2)

Application Number Title Priority Date Filing Date
US11/468,039 Active 2031-11-07 US8893224B2 (en) 2006-08-29 2006-08-29 Zone policy administration for entity tracking and privacy assurance
US14/533,901 Abandoned US20150067768A1 (en) 2006-08-29 2014-11-05 Zone policy administration for entity tracking and privacy assurance

Family Applications Before (1)

Application Number Title Priority Date Filing Date
US11/468,039 Active 2031-11-07 US8893224B2 (en) 2006-08-29 2006-08-29 Zone policy administration for entity tracking and privacy assurance

Country Status (1)

Country Link
US (2) US8893224B2 (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107204984A (en) * 2017-06-22 2017-09-26 石家庄铁道大学 A kind of location privacy protection method and system
US20190132404A1 (en) * 2005-12-23 2019-05-02 Perdiemco Llc Electronic Logging Device (ELD) For Tracking Driver of A Vehicle in Different Tracking Modes
RU2750434C2 (en) * 2016-05-18 2021-06-28 Тийода Корпорейшн Administration system for objects under surveillance and method for identification of beacon terminals

Families Citing this family (66)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2008103725A1 (en) * 2007-02-20 2008-08-28 Sourcecode Technology Holding, Inc. Methods and apparatus for building and executing natural language policies
US8296843B2 (en) * 2007-09-14 2012-10-23 At&T Intellectual Property I, L.P. Apparatus, methods and computer program products for monitoring network activity for child related risks
US9069599B2 (en) * 2008-06-19 2015-06-30 Servicemesh, Inc. System and method for a cloud computing abstraction layer with security zone facilities
EP2316071A4 (en) 2008-06-19 2011-08-17 Servicemesh Inc Cloud computing gateway, cloud computing hypervisor, and methods for implementing same
US10411975B2 (en) 2013-03-15 2019-09-10 Csc Agility Platform, Inc. System and method for a cloud computing abstraction with multi-tier deployment policy
US9489647B2 (en) 2008-06-19 2016-11-08 Csc Agility Platform, Inc. System and method for a cloud computing abstraction with self-service portal for publishing resources
WO2010006450A1 (en) * 2008-07-18 2010-01-21 Absolute Software Corporation Privacy management for tracked devices
US8140014B2 (en) * 2008-11-24 2012-03-20 Verizon Patent And Licensing Inc. Social interaction tracking
DE102008063454B4 (en) * 2008-12-17 2012-05-31 Siemens Aktiengesellschaft Method for monitoring network nodes
US8185931B1 (en) 2008-12-19 2012-05-22 Quantcast Corporation Method and system for preserving privacy related to networked media consumption activities
US7849206B2 (en) * 2009-01-13 2010-12-07 Microsoft Corporation Service for policy rule specification evaluation and enforcement on multiple communication modes
AU2010207832B2 (en) * 2009-02-02 2015-03-05 Absolute Software Corporation Location dependent monitoring for stolen devices
US8289135B2 (en) * 2009-02-12 2012-10-16 International Business Machines Corporation System, method and program product for associating a biometric reference template with a radio frequency identification tag
US9298902B2 (en) * 2009-02-12 2016-03-29 International Business Machines Corporation System, method and program product for recording creation of a cancelable biometric reference template in a biometric event journal record
US8359475B2 (en) * 2009-02-12 2013-01-22 International Business Machines Corporation System, method and program product for generating a cancelable biometric reference template on demand
US8327134B2 (en) 2009-02-12 2012-12-04 International Business Machines Corporation System, method and program product for checking revocation status of a biometric reference template
US8301902B2 (en) * 2009-02-12 2012-10-30 International Business Machines Corporation System, method and program product for communicating a privacy policy associated with a biometric reference template
US8242892B2 (en) * 2009-02-12 2012-08-14 International Business Machines Corporation System, method and program product for communicating a privacy policy associated with a radio frequency identification tag and associated object
WO2011009495A1 (en) * 2009-07-24 2011-01-27 Nokia Corporation Sensing and secure processing
EP2466524A4 (en) * 2009-08-11 2015-05-06 Lenovo Innovations Ltd Hong Kong Terminal device, communication system, data management method, server device, and recording medium
US8531334B2 (en) * 2009-11-06 2013-09-10 Microsoft Corporation Location proofs
US20110208797A1 (en) * 2010-02-22 2011-08-25 Full Armor Corporation Geolocation-Based Management of Virtual Applications
US8656452B2 (en) * 2010-07-20 2014-02-18 Hewlett-Packard Development Company, L.P. Data assurance
JP5511615B2 (en) 2010-09-30 2014-06-04 インターナショナル・ビジネス・マシーンズ・コーポレーション Method for managing an asset associated with a work order or an element associated with the asset, and system and computer program thereof
US9087213B2 (en) * 2011-02-22 2015-07-21 Fedex Corporate Services, Inc. Systems and methods for rule-driven management of sensor data across geographic areas and derived actions
US20120218080A1 (en) * 2011-02-28 2012-08-30 Honeywell International Inc. System for representing locations of persons in a structure
JP4729137B1 (en) * 2011-03-03 2011-07-20 株式会社データ・テック Operation management device, portable information terminal, operation management server, computer program mounted on a moving body
US9365188B1 (en) * 2011-04-22 2016-06-14 Angel A. Penilla Methods and systems for using cloud services to assign e-keys to access vehicles
US8892082B2 (en) * 2011-04-29 2014-11-18 At&T Intellectual Property I, L.P. Automatic response to localized input
US8516241B2 (en) 2011-07-12 2013-08-20 Cisco Technology, Inc. Zone-based firewall policy model for a virtualized data center
US9424439B2 (en) * 2011-09-12 2016-08-23 Microsoft Technology Licensing, Llc Secure data synchronization
US9454678B2 (en) 2011-12-22 2016-09-27 Intel Corporation Always-available embedded theft reaction subsystem
EP2795516A4 (en) * 2011-12-22 2015-09-02 Intel Corp Always-available embedded theft reaction subsystem
WO2013095587A1 (en) 2011-12-22 2013-06-27 Intel Corporation Always-available embedded theft reaction subsystem
US9507918B2 (en) 2011-12-22 2016-11-29 Intel Corporation Always-available embedded theft reaction subsystem
WO2013095585A1 (en) 2011-12-22 2013-06-27 Intel Corporation Always-available embedded theft reaction subsystem
EP2795512A4 (en) 2011-12-22 2016-01-06 Intel Corp Always-available embedded theft reaction subsystem
WO2013095594A1 (en) 2011-12-22 2013-06-27 Intel Corporation Always-available embedded theft reaction subsystem
EP2795519A4 (en) 2011-12-22 2015-09-02 Intel Corp Always-available embedded theft reaction subsystem
EP2795507A4 (en) 2011-12-22 2015-08-12 Intel Corp Always-available embedded theft reaction subsystem
US20130290199A1 (en) * 2012-04-30 2013-10-31 General Motors Llc Monitoring and Aiding User Compliance with Vehicle Use Agreements
US9668095B1 (en) * 2012-07-10 2017-05-30 Bi Incorporated Systems and methods for supporting zones in a monitoring system
CN102970652B (en) * 2012-10-16 2015-10-07 北京航空航天大学 A kind of location privacy protection system of the inquiry perception towards road network
EP3327606A1 (en) * 2012-10-19 2018-05-30 McAfee, LLC Data loss prevention for mobile computing devices
US9479545B2 (en) * 2013-02-07 2016-10-25 Boaz HYMAN User-to-user selectable location-based information service
CN103337022A (en) * 2013-06-05 2013-10-02 袁义青 A public transport electronic system
US9417777B2 (en) * 2013-07-09 2016-08-16 Google Inc. Enabling quick display transitions between indoor and outdoor map data
EP3055807A4 (en) * 2013-10-10 2017-04-26 Intel Corporation Platform-enforced user accountability
US9754496B2 (en) 2014-09-30 2017-09-05 Elwha Llc System and method for management of airspace for unmanned aircraft
US9711035B2 (en) 2014-11-26 2017-07-18 Elwha Llc Systems and methods for reporting visibility to ground based imaging
US9318014B1 (en) 2014-11-26 2016-04-19 Elwha Llc Systems and methods for reporting visibility to drones
US9832751B2 (en) 2015-01-09 2017-11-28 Fresh Digital, Inc. Systems and methods for providing location specific content and notifications utilizing beacons and drones
US20160240016A1 (en) * 2015-02-17 2016-08-18 Marc M. Ranpour Method of Managing Usage Fares for a Transportation System
US9651944B2 (en) 2015-03-22 2017-05-16 Microsoft Technology Licensing, Llc Unmanned aerial vehicle piloting authorization
JP6459014B2 (en) 2015-03-31 2019-01-30 エスゼット ディージェイアイ テクノロジー カンパニー リミテッドSz Dji Technology Co.,Ltd Geo-fencing device
CN107409051B (en) * 2015-03-31 2021-02-26 深圳市大疆创新科技有限公司 Authentication system and method for generating flight controls
US9769666B2 (en) 2015-09-25 2017-09-19 Harris Corporation Managed access system with monitoring device to determine and change radio equipment
US9736706B2 (en) 2015-09-25 2017-08-15 Harris Corporation Managed access system with monitoring device to determine system operability
US9763095B2 (en) 2015-09-25 2017-09-12 Harris Corporation Managed access system that determines authorized and unauthorized mobile wireless devices
US9584252B1 (en) 2015-09-25 2017-02-28 Harris Corporation Managed access system with mobile wireless device geolocation capability
US9820150B2 (en) 2015-09-25 2017-11-14 Harris Corporation Managed access system having filtered communications using network interface device
US10168696B2 (en) * 2016-03-31 2019-01-01 International Business Machines Corporation Dynamic analysis of real-time restrictions for remote controlled vehicles
US10284559B2 (en) 2016-05-13 2019-05-07 Harris Corporation Managed access system with security assessment equipment
US9681360B1 (en) 2016-05-13 2017-06-13 Harris Corporation Managed access system that provides selective communications and registration of mobile wireless devices
US10405184B2 (en) 2017-01-31 2019-09-03 Harris Corporation Mobile wireless device managed access system providing enhanced authentication features and related methods
US10395151B2 (en) * 2017-10-23 2019-08-27 Symbol Technologies, Llc Systems and methods for locating group members

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040174264A1 (en) * 2003-03-05 2004-09-09 Dmatek Ltd. Monitoring and tracking network
US20050068169A1 (en) * 2002-05-14 2005-03-31 Copley Shuan Michael Personal tracking device

Family Cites Families (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4987406A (en) * 1987-04-13 1991-01-22 Reid Philip L Security system for electrical appliances and other items with electrical circuitry
US6072396A (en) 1994-12-30 2000-06-06 Advanced Business Sciences Apparatus and method for continuous electronic monitoring and tracking of individuals
US6742037B1 (en) 1998-12-01 2004-05-25 Nortel Networks Limited Method and apparatus for dynamic information transfer from a mobile target to a fixed target that tracks their relative movement and synchronizes data between them
GB9826873D0 (en) 1998-12-07 1999-01-27 Simoco Int Ltd Position monitoring system
US7072956B2 (en) 2000-12-22 2006-07-04 Microsoft Corporation Methods and systems for context-aware policy determination and enforcement
US20030008662A1 (en) 2001-07-09 2003-01-09 Stern Edith H. Systems and methods wherein a mobile user device operates in accordance with a location policy and user device information
WO2004104619A1 (en) 2003-05-14 2004-12-02 Hill-Rom Services, Inc. Combined locating, tracking and communications system with active radio frequency and infrared id tags
US7460872B2 (en) * 2004-07-06 2008-12-02 International Business Machines Corporation Method and application for automatic tracking of mobile devices for computer network processor systems
US20060121851A1 (en) 2004-12-06 2006-06-08 Steve Moore Ultra-wideband security system
US7853268B2 (en) 2005-01-26 2010-12-14 Broadcom Corporation GPS enabled cell phone location tracking for security purposes

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050068169A1 (en) * 2002-05-14 2005-03-31 Copley Shuan Michael Personal tracking device
US20040174264A1 (en) * 2003-03-05 2004-09-09 Dmatek Ltd. Monitoring and tracking network

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20190132404A1 (en) * 2005-12-23 2019-05-02 Perdiemco Llc Electronic Logging Device (ELD) For Tracking Driver of A Vehicle in Different Tracking Modes
US10284662B1 (en) * 2005-12-23 2019-05-07 Perdiemco Llc Electronic logging device (ELD) for tracking driver of a vehicle in different tracking modes
RU2750434C2 (en) * 2016-05-18 2021-06-28 Тийода Корпорейшн Administration system for objects under surveillance and method for identification of beacon terminals
CN107204984A (en) * 2017-06-22 2017-09-26 石家庄铁道大学 A kind of location privacy protection method and system

Also Published As

Publication number Publication date
US8893224B2 (en) 2014-11-18
US20080072284A1 (en) 2008-03-20

Similar Documents

Publication Publication Date Title
US8893224B2 (en) Zone policy administration for entity tracking and privacy assurance
US20220201458A1 (en) Systems and user interfaces for emergency data integration
US11902871B2 (en) Systems and methods for identifying and activating emergency response assets
US8862393B2 (en) Systems and methods for monitoring and tracking
US8671143B2 (en) Virtual badge, device and method
US20220014895A1 (en) Spatiotemporal analysis for emergency response
KR20020072562A (en) Systems and methods for monitoring and tracking
WO2014066016A2 (en) Virtual badge, device and method
US20120317202A1 (en) GPS Pathfinder Cell Phone And Method
US20190324151A1 (en) System and Method for Radio and Wireless Measurements, Tracking and Reporting
US10716052B2 (en) Proximity-based communication system applied to earthquake detection
Rehena Internet of things
Bine et al. Leveraging urban computing with the internet of drones
Nellis Eternal vigilance Inc.: The satellite tracking of offenders in “real time”
WO2005041131A2 (en) Systems and methods for monitoring and tracking
US20200305223A1 (en) Systems and methods for personnel accountability and tracking during public safety incidents
Chainey Examining the extent to which hotspot analysis can support spatial predictions of crime
EP4057298A1 (en) System for aggregating multi-source health-based safety information, method therefor, and storage medium
Deshpande et al. The internet of things: vision, architecture and applications
Chu et al. Design and implementation of participant selection for crowdsourcing disaster information
Nellis The GPS satellite tracking of sex offenders in the USA
Hasan et al. iQMS: IoT-based QMS framework for tracking of quarantined subjects
Rashid et al. A survey on social-physical sensing: An emerging sensing paradigm that explores the collective intelligence of humans and machines
Rehena Internet of Things: challenges and its applications
Gupta1 et al. An Analysis of the Internet of Things (IoT) as the Defining Technology of a Generation

Legal Events

Date Code Title Description
AS Assignment

Owner name: MICROSOFT TECHNOLOGY LICENSING, LLC, WASHINGTON

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:MICROSOFT CORPORATION;REEL/FRAME:034819/0001

Effective date: 20150123

AS Assignment

Owner name: MICROSOFT CORPORATION, WASHINGTON

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:HORVITZ, ERIC;PANABAKER, RUSTON JOHN DAVID;WESTERINEN, WILLIAM JEFFERSON;AND OTHERS;SIGNING DATES FROM 20060915 TO 20061012;REEL/FRAME:037251/0776

STCV Information on status: appeal procedure

Free format text: BOARD OF APPEALS DECISION RENDERED

STCB Information on status: application discontinuation

Free format text: ABANDONED -- AFTER EXAMINER'S ANSWER OR BOARD OF APPEALS DECISION