WO2005053323A9

WO2005053323A9 - Groupware systems and methods

Info

Publication number: WO2005053323A9
Application number: PCT/US2004/039273
Authority: WO
Inventors: Zona Speasl; Howard Fried; Craig Sparer; Jerry Speasl
Original assignee: Idea Place Corp; Zona Speasl; Howard Fried; Craig Sparer; Jerry Speasl
Priority date: 2003-11-19
Filing date: 2004-11-19
Publication date: 2005-07-14
Also published as: WO2005053323A3; WO2005053323A2

Abstract

A hyper-integration of hardware, software, networking and communication technology is packaged into a groupware system and an easy to buy, easy to deploy and easy to use transportable device. The system allows individuals and small groups, as well as entire large corporations and governments, to benefit from the myriad advances in technology quickly and economically. The result is a sharing and communication system, which scales quickly and easily from one user to millions. The system can include features such as connection, authentication, encryption, processing, transactions, records, data-retention, backup, storage, communication, records sharing, and the like. The system provides authenticated, spam-free, universal use, from any appropriately configured computer, with encryption capabilities. This system benefits from reduction or elimination of the requirement for higher levels of expertise to acquire, install, configure and administer, making the use of collaborative technologies simpler, more reliable and more easily available to less technical or experienced people.

Description

TITLE

Groupware Systems and Methods

CROSS-REFERENCE TO RELATED APPLICATIONS

[0001] This application claims the benefit of priority to U.S. Provisional Application

No. 60/523,706, filed November 19, 2003, which is fully incorporated herein by reference and for all purposes. This application is also related to U.S. Utility Patent Application No. 10/900,013, filed July 26 , 2004, which is also fully incorporated herein by reference and for all purposes.

BACKGROUND OF THE INVENTION

Field of the Invention

[0002] Generally, the present invention relates to collaborative computing and communications. More specifically, the present invention relates to computing systems and a variety of transportable memory storage devices used for secure, transportable and distributed collaborative computing and communications.

Description of the Related Art

[0003] Since the creation of modern electronic computer systems, it has been important for humans to be able to upload, download, install, transfer, move, update, copy and otherwise manipulate digital data to, from and between computing devices and other computing device users. Historically this has been accomplished using various network connection methods or through the use of removable storage media, such as, disk packs, tape cassettes, tape cartridges, floppy disks, CD-R/W, DND-R/W, external hard drives, and other similar devices. More recently, portable devices with large available memory, such as removable flash drives, memory sticks, pen-drives, removable hard drives, mobile phones, personal digital assistants, etc., represent technical tools by which a human can move large quantities of digital data easily from device to device.

[0004] As an example, a typical removable flash drive today is capable of storing in excess of 2GB of data, with versions exceeding 8 GB planned to enter the market in the near future. This transportable memory device is simply coupled to the accompanying interface, for example a USB port, on any compatible computer. In the example of a USB port, once the memory device inserted, a drive icon shows up in the location listing as a memory device. The computer operator then simply clicks on the icon to open it and begins working with the digital data stored on the USB memory device. Thus, the typical transportable memory device is simply used for as a data transport device.

[0005] Additionally, in today's networked computing environment, it has become desirable and commonly available to have the ability to work electronically in a collaborative fashion, using products such as Groove, MS Exchange, MS US, MS SharePoint, Lotus SameTime, Lotus Notes, IBM Domino and others. These typical applications allow collaboration through other applications, including instant messaging, file and bookmark sharing, contact sharing, and other functions. However, these tools are typically loaded onto the host computer, such as a desktop or laptop, and require varying levels of expertise to acquire, install, configure, administer and maintain. These tools also typically require a correspondingly complex infrastructure. These requirements severely limit the collaborative computer users' ability to access, use and transport their applications and data easily, quickly and securely from any computer or communications device.

[0006] Therefore, what is needed is a system that includes a hyper-integration of hardware, software, networking and communication technology that is packaged into a groupware system and an easy to buy, easy to deploy and easy to use secure transportable device.

SUMMARY OF THE INVENTION

[0007] The present invention provides a secure, transportable memory device that enables a collaborative business system to be run from any compatible computing device, for example, turning an ordinary flash drive into an integral part of a business process system. The transportable memory device can have one or more of an internal embedded microprocessor, built in interactive display, controller, buffer, operator controls and peripherals. Further the transportable memory device can include software processes, remote external communications, collaborative-specific business systems. These collaborative- specific business systems can include graphical windows tailored to specific industry needs, methods and system for personalizing and delivering services related content to interactive collaborative users anywhere. [0008] An embodiment of the present invention consists of three parts: Client, Server and protocol. Figure 1 illustrates each of these three parts (as well as others) according to an embodiment of the present invention. As depicted in Figure 1 for exemplary purposes only, the clients 111, 114, 119 are shown as highly portable and self contained memory stick devices, the server 118 is shown as a server computer and the protocol is illustratively shown as the connections between the computing devices 112, 115, 116 and the server 118 via the Internet 113. While this exemplary system shows one client per computing device, it will be readily apparent to those skilled in the art after reading and understanding this disclosure that multiple clients can operate on one computing device. Such component combinations are meant to be within the scope of the present invention.

[0009] The present invention adapts the transportable memory hardware to incorporate user functionality software, including communications, graphical user interfaces, communications interfaces and embedded data encryption, while maintaining the ability to interface with any computer or computer system independently or over the Internet or over any other electronic network, communication system or interface between any other signal remote systems using any wired or wireless communications means. The improved transportable memory of the present invention can be interfaced to any device, such as a cellular phone, personal digital assist, digital appliance, compatible printers, digital cameras, compliant stereo system or other computer device, via a compatible memory interface. For instance, a USB port on a laptop computer can interface to a transportable USB memory stick.

[0010] Therefore, the present invention provides a portable memory device to deliver applications including collaboration systems, instant messaging, file and bookmark sharing, contact sharing, and other functions due to extensive memory and ability to hold and directly run executable code. This is an improvement over products available on the market today, since no software must be first installed, and any computer may be utilized, which in this context means a host device operating under an appropriate operating system. The user of this invention is now able to use any computer as if it were their own personal familiar home or work computer, with immediate, simple, convenient and secure access to their most important work, communications tools, services and people.

[0011] Today, the typical stand alone transportable memory device is no more than a dumb digital memory that has no functions other than to load, store and transfer digital data. The transportable memory device and collaborative system of the present invention improves upon that dumb memory of existing portable memory devices and flash drives by incorporating an internal controller and other means to include software, encryption, controls and internal and external communications features onboard the transportable memory device, thereby making it intelligent and allowing an ordinary flash drive to run software from any computer without administration rights and without installation.

[0012] It may also be interfaced to, wired or wirelessly, to any computer and pointed to a web service to communicate to other improved compatible transportable memory modules/systems under security controls, which enables easy secure sharing and communications. Thus, all of the user's data and relationships (e.g., group, contacts, etc.) are accessible securely from any computer. The security controls and features of the present invention enable users to always know exactly with whom they are communicating and sharing. The transportable memory devices can be connected to the Internet to form collaborative secure workgroups that can share data from libraries, or other third party systems either via local networks, private or public networks, all while the data is secured by encryption.

[0013] The present invention also enables access to third party services as integrated feature in the software applications. Use of the transportable memory device becomes a physical factor of user authentication. The user has no need for a laptop when traveling; he or she only needs to carry the present invention. The user always has access to user data even if it is not on the transportable memory (as long they have an internet connection). If the user loses the transportable memory aspect of the present invention, all data and applications can be easily restored simply by purchasing a new client, connecting to the Internet and downloading securely stored data from the server.

[0014] The transportable memory device of the present invention can be small enough to carry on a keychain or in a pocket or purse, yet store enough data and be fast enough to allow for quick, user-convenient interfaces. Some examples of these interfaces are many types of IR scanners, barcode readers, RF and microwave systems, to include digital hot spots such as those incorporating WiFi and Bluetooth technologies, whereby data can be accepted by the user or transmitted from the improved transportable memory though the use of operator controls. An embodiment of the present invention (client/server or system) provides system-wide security (e.g., email, calendar, instant message, task lists, historical file information by subject, date, file type, author, date sent, WEB address file, favorite folder, etc.) and ability to send and receive all transmissions securely with date received capabilities along with user ID, password and physical or biometric securities. [0015] By adding an internal controller, display, on board battery, interface to external bi-directional communication devices such as infrared communication ports, RF, microwave, WiFi, Bluetooth, magnetic card reader, scanner and the like, the intelligent portable memory device can be used in a stand alone mode as well as collaborate when connected to a computing device's interface port, either physically or via wireless connection. The internal memory with integrated software automatically engages and communicates with the host (any computing device) and begins the user's session. Data can be transported safely and securely and cannot be extracted by others who might steal a client or find a lost client. There are several reasons for including user password and ID, optional biometric security techniques and the fact that data is encrypted in the system. The system can be used to securely communicate with other users through connection to the central server with password and user access providing multiple levels of security.

[0016] One example of a market-specific application of the transportable memory device and collaborative system of the present invention is as a digital cash register with USB interface, which can be fully capable of on-line, or in store purchases utilizing software resident on the improved transportable memory. The data for specific item shopping could be selected several months prior but never concluded until the purchaser goes to a physical store located anywhere in the world and hands the client of the present invention to the store clerk. The clerk simply plugs the device into (or establishes a wireless connection with) the digital cash register or other compatible device or system and completes the sale with detailed customer information becoming resident along with the shipping point and leaving a transaction trail complete with return and warranty information on the improved transportable memory. Any host system that has a compliant memory interface and appropriate operating system will function with the improved handheld transportable memory of the present invention.

BRIEF DESCRIPTION OF THE DRAWINGS

[0017] These and other aspects and features of the present invention will become apparent to those ordinarily skilled in the art upon review of the following description of specific embodiments of the invention in conjunction with the accompanying figures, wherein:

[0018] Figure 1 illustrates each of the client, server and protocol aspects according to an embodiment of the present invention; [0019] Figure 2 illustrates an example of the basic client embodiment according to the present invention;

[0020] Figure 3 illustrates an advanced client embodiment according to the present invention;

[0021] Figure 4 illustrates a camera client embodiment according to the present invention;

[0022] Figure 5 illustrates an audio-video client embodiment according to the present invention;

[0023] Figure 6 illustrates a shopping client embodiment according to the present invention;

[0024] Figure 7 illustrates a phone client embodiment according to the present invention;

[0025] Figure 8 illustrates a ruggedized client embodiment according to the present invention;

[0026] Figure 9 illustrates a top view (inside and out) for the hardware of an advanced client according to an embodiment of the present invention;

[0027] Figure 10 illustrates a back exterior view for the hardware of an advanced client according to an embodiment of the present invention;

[0028] Figure 11 A&B illustrate right and left lengthwise side exterior views for the hardware of an advanced client according to an embodiment of the present invention;

[0029] Figure 12 illustrates an exemplary user interface screen shot according to an embodiment of the present invention;

[0030] Figure 13 illustrates a top level architecture process flow according to an embodiment of the present invention;

[0031] Figure 14 illustrates a session establishment process flow according to an embodiment of the present invention;

[0032] Figure 15 illustrates a data change process flow according to an embodiment of the present invention;

[0033] Figures 16A-D illustrate a synchronization process flow according to an embodiment of the present invention;

[0034] Figure 17 illustrates a group functional flow according to an embodiment of the present invention;

[0035] Figure 18 illustrates a deal functional flow according to an embodiment of the present invention; and [0036] Figure 19 illustrates a project functional flow according to an embodiment of the present invention.

DETAILED DESCRIPTION OF THE INVENTION

[0037] The present invention will now be described in detail with reference to the drawings, which are provided as illustrative examples of the invention so as to enable those skilled in the art to practice the invention. Notably, the figures and examples below are not meant to limit the of the present invention. Where certain elements of the present invention can be partially or fully implemented using known components, only those portions of such known components that are necessary for an understanding of the present invention will be described, and detailed descriptions of other portions of such known components will be omitted so as not to obscure the invention. Further, the present invention encompasses present and future known equivalents to the known components referred to herein by way of illustration.

SYSTEM OVERVIEW

[0038] An embodiment of the system consists of three parts: Client, Server and

Protocol. Figure 1 illustrates each of these three parts (as well as others) according to an embodiment of the present invention. As depicted in Figure 1 for exemplary purposes only, the clients 111, 114, 119 are shown as highly portable and self contained memory stick devices, the server 118 is shown as a server computer and the protocol is illustratively shown as the connections between the computing devices 112, 115, 116 and the server 118 via the Internet 113. While this exemplary system shows one client 111, 114 and 119 per computing device 110, 112 and 115, it will be readily apparent to those skilled in the art after reading and understanding this disclosure that multiple clients can operate on any one computing device 110, 112, 116 and 116. Such component combinations are meant to be within the scope of the present invention.

Client Overview

[0039] Referring to Figure 9, a client (discussed in more detail below) may be a combination of hardware or software or both. In one embodiment of the present invention, the client is both hardware and software. The hardware may be a transportable memory device that supports a communication interface, such as a USB, Fire Wire, IDE, PCI, IR, Bluetooth, Ethernet, WiFi or any other network wired or wireless interface. The client may also act as a FireWire hub, USB hub, WiFi hub or any wired or wireless network hub. The client may include memory 308, which may, for example, be an industry standard format such as Flash, SD card, Compact Flash card, MMC Memory, hard disk drive and the like. In this embodiment, the memory 308 is non- volatile, or persistent, memory. However any memory can be used. The client may be coupled to a computing device, such as a laptop or desktop computer, a PDA, a cellular phone, a digital camera, etc. via the communication interface. It will be evident to those skilled in the art that client according to the present invention can easily be incorporated internally to any computing device, such as the easily carried, portable computing devices.

[0040] The software (i.e. client software) is stored in the memory 308 on the transportable device. The client software is used to access data stored on the client and remote data that is stored on a server. The client software can additionally keep copies of data on the client device in local data files of the memory 308. The client may store a unique identifier (or multiple unique identifiers) that is used as a factor (or one of many factors) of identification allowing the client to be employed as one factor of potentially many factors for user authentication. When the client is coupled to the computing device via a communication interface 304, the client software is executed by the computing device directly from the client without requiring software installation of the client software on the computing device, and without requiring administrative access rights to execute on the computing device. However, the client software could just as easily be downloaded to the computing device and executed on the computing device. The software on the client provides complementary services to support the sharing and communication capabilities of the server. In accordance with the principles of the present invention these services are integrated with the client software that is invoked from the client executing on the computing device.

[0041] Referring again to Figure 1, the client 119 can also be used on a non- networked computing device, such as device 110. When used in this mode of operation, the client software will access and update the data files local to the client. The next time the client 119 is coupled to a computing device 112, 115 and 116 that can connect to the server 118, updated data on the client 119 is "pushed" out to the server 118.

Client Hardware

[0042] Figure 2 illustrates an exemplary client 210 according to one embodiment of the present invention. As shown in Figure 2, the client 210 comprises a housing 211, a communication interface/connector 212 on the housing 211 and configured to connect the client 210 to a communication interface, such as USB, compact flash memory or SD card, and an internal client (not shown) contained by housing 211 and adapted to operatively couple to the communications interface/connector 212. The housing 211 may be of a size and shape, however according to this embodiment, it is of a size and shape that can be comfortably held in a user's hand. The client 210 comprises a security device enabling access to a private memory area by some means, such as a password, biometric (such as fingerprint reader, retinal scan, voice recognition or the like), key or any other security mechanism. The client 210 further comprises client software and data files. The client 210 stores a unique identifier, or combination of unique identifiers, that is used as a factor for client identification. This factor may be used for authentication and security policy enforcement. These features are discussed in further detail below. [0043] Figure 2 shows but one of many exemplary clients according to the present invention. The client 210 according to Figure 2 is considered to be one form of a basic client. While further detail of this basic client is provided below, that description is meant to provide a foundations for all other client versions as well. The other client versions are provided to illuminate the breadth of the present invention, not to limit it to these specific embodiments. Each of the features presented for the client versions below is not meant to be exclusive of other presented features of other of the client versions. As discussed above, Figure 2 illustrates an example of the basic client embodiment according to the present invention. As shown in Figure 2, the basic client embodiment 210 includes a standard male USB interface connector 212, device enclosure with molded housing 211 and key chain attachment 213 and 214. This base client 210 is designed to offer password protection of data, and minimal additional hardware features.

[0044] Figure 3 illustrates an advanced client embodiment according to the present invention. As shown in Figure 3, the advanced client version starts with the basic version features and adds a plurality of controls and devices. This advanced client embodiment may have additional features, including display 221, biometric/fingerprint scanner 230, RFID (not shown), RF antennae and transceiver 231, microwave antennae and transceiver (not shown), 802. lx wireless networking antennae and transceiver (not shown but including e.g., 802.11a/b/g, 802.16, etc.), Bluetooth antennae and transceiver (not shown), solar charging system (not shown), rechargeable or disposable battery (not shown), speaker 227 and many others. Additionally, this advanced client can use a plurality of communication and interface standards to transfer data, control and commands to other host devices. It may further be utilized without a host device, using the onboard battery power, display 221 and processor to perform a plurality of functions. These functions may include viewing appointment dates and times, phone numbers, names, physical addresses, email addresses, account information, and so on.

[0045] Figure 4 illustrates a camera client embodiment according to the present invention. As shown in Figure 4, the camera client version starts with one or more of the advanced version features and adds a plurality of camera controls 243 and one or more cameras 240. This camera client can use a plurality of communication and interface standards to transfer photos, video, data, control and commands to other devices. It may further be utilized without a host device, utilizing the onboard battery power (not shown), display 241 and microprocessor control units (not shown) to perform a plurality of functions. These functions may include taking pictures/videos, viewing pictures/videos, editing pictures/videos, deleting pictures/videos and the like.

[0046] Figure 5 illustrates an audio-video client embodiment according to the present invention. As shown in Figure 5, the audio- video client version starts with one or more of the advanced version features and adds a plurality of audio-video controls 252 and devices including audio-video input/output devices 251, 254, 255, 256, 257 and 258 and controls 252. This audio- video client may have additional features, including channel 1 and channel 2 speakers 254 and 255, channel 1 and channel 2 microphones 251 and 258, external microphone jack 257 and speaker audio jacks (not shown), stereo headset jack 256, AM/FM/TV audio-video receiver 253, CB/ham radio transceiver (not shown), and others. This audio- video client can use a plurality of communication and interface standards to transfer recorded voice, sounds, music, DVD, data, control and commands to other host devices. It may further be utilized without a host device, utilizing the onboard battery power (not shown), display 250 and microprocessor control units (not shown) to perform a plurality of functions. These functions may include recording sounds, voices or music, listening to the aforementioned, editing the aforementioned, deleting the aforementioned, and so on. [0047] Figure 6 illustrates a shopping client embodiment according to the present invention. As shown in Figure 6, the shopping client version starts with one or more of the advanced version features and adds a plurality of controls and devices designed for use in the shopping, or retail, environment This shopping client might at least include an extendable, a rewriteable magnetic stripe 261, a bar code reader 260, and the like. In this embodiment, the extendable, rewriteable magnetic stripe 261 is able to extend outward from the shopping client device in a manner such as to allow the magnetic stripe 261 to be read by a standard commercially available credit card/ ATM reader. In addition, this shopping client may include a magnetic stripe read/write head 263, allowing the scanning and collection of various magnetic stripe data (e.g., credit cards, ATM cards, gas cards, affinity cards, club cards, etc.), and the ability to write any of theses scanned data to the extendable magnetic stripe 261. This shopping client also may contain a bar code (e.g., UPC) scanner 260, permitting the scanning and collection of bar code data from various products, packages, labels, promotions, and so on. This scanner is capable of reading and interpreting a variety of commercially used bar codes. This shopping client can use a plurality of communication and interface standards to transfer collected data, control and commands to other host devices. It may further be utilized without a host device, utilizing the onboard battery power, display and microprocessor control units to perform a plurality of functions. These functions may include scanning and collection of product bar codes, product identification, and many others. [0048] Figure 7 illustrates a phone client embodiment according to the present invention. As shown in Figure 7 the phone client version starts with one or more of the advanced version features and adds a plurality of controls and devices designed for use in a telephony environment. This phone client might at least include a standard analog phone jack 272 (e.g., RJ-11, RJ-45, etc.), wireless phone connectivity (not shown), a plurality of speakers (not shown), microphones (not shown) and headset jacks 271 and so on. This client can use a plurality of communication and interface standards to transfer collected data, control and commands to other host devices. The telephone connectivity may be via a standard analog or digital phone connection, via one or more cellular networks or may use voice-over-internet-protocol (VOIP), using public or private networks. It may further be utilized without a host device, utilizing the onboard battery power, display 270 and microprocessor control units (not shown) to perform a plurality of functions. These functions may include recording, editing playback and deletion of voice messages, music or sounds, and the like.

[0049] Figure 8 illustrates a ruggedized client embodiment according to the present invention. As shown in Figure 8 the ruggedized client version starts with one or more of the advanced version features and adds a plurality of controls and devices designed for use in a more rugged environment. This phone client might at least include a reinforced, hardened case 280 (e.g., water resistant, shock resistant, ESD resistant, nuclear hardening, thermal hardening, etc.) and sealed, locking cap 282 (i.e., the locking cap can also include, for example, biometric authentication for unlocking), latching mechanism 283, and the like. This client can use a plurality of communication and interface standards to transfer collected data, control and commands to other host devices. It may be combined with any other version of the client listed above to provide extraordinary protection of the data and device. Example users for this ruggedized client version might include firemen, policemen, soldiers, underwater divers, construction workers, hazardous materials personnel, outer space workers, extreme sports enthusiasts and so on.

[0050] Figure 9 illustrates a top view (interior and exterior) of the hardware of an advanced client according to an embodiment of the present invention. As shown in Figure 9, the client includes at least a molded hardware device 300 of a size which would fit conveniently into the palm of a persons hand, that supports a communication interface, such as a USB, FireWire, IDE, PCI, JH, Bluetooth, Ethernet, WiFi, LAN, WAN, MAN, or any other network wired or wireless interface. Figure 10 illustrates a back exterior view for the hardware of an advanced client according to an embodiment of the present invention. Figure 11 A&B illustrate right and left lengthwise side exterior views for the hardware of an advanced client according to an embodiment of the present invention. Figures 9, 10 and 11 A&B should be referenced in relation to the following two hardware description sections (i.e., Modes of Operation and Functional Description).

Modes of Operation

[0051] The client has a plurality of modes which it may operate in, examples of which are described below.

[0052] A first mode is denoted as "connected", whereby the client is able to utilize one or several of its communication interfaces to connect to a network or multiple networks. Further, while in "connected" mode, the client may additionally have access to electrical power through one of its interfaces 304, and proceed to charge and or power one or more onboard devices, including accumulator batteries 310, capacitors (not shown), transceivers (not shown), transformers (not shown) or any other device capable of being installed within or connected to the client. In this mode, the client may be operating using local or remote data, local or remote control, local or remote operations, and local or remote instructions. [0053] A second mode is "local," whereby the client is not utilizing one of its communication interfaces to connect to a network, and is operating using local data, control, operations, and instructions. Further, while in "local" mode, the client may additionally have access to electrical power through one of its interfaces 304, and proceed to charge and or power one or more onboard devices, including accumulator batteries 310, capacitors (not shown), transceivers (not shown), transformers or any other device capable of being installed within or connected to the client.

[0054] A third mode is "mobile", whereby the client may or may not utilize one or several of its communication interfaces to connect to a network or multiple networks, but has no physical connection, allowing the client to be freely moved about. Further, while in "mobile" mode, the client may additionally have access to electrical power through one of its interfaces, and proceed to charge and or power one or more onboard devices, including accumulator batteries 310, capacitors (not shown), transceivers (not shown), transformers (not shown) or any other device capable of being installed within or connected to the client. In this mode, the client may be operating using local or remote data, local or remote control, local or remote operations, and local or remote instructions.

Functional Description

[0055] The client is powered on through either of insertion into a host device utilizing a communication interface such as USB 304, or connection through one of its other communication interfaces, or a switch operated by a user, or a timer, or other means. [0056] Pluralities of initialization operations may be performed to bring all included devices into a powered, operational and ready state. This includes testing and initializing memory components 308, controls 321, controllers 311, 312 and 315, processors 316 and 317, communications interfaces 313 and 304, transceivers, biometric input devices 306, and so on. Status of the hardware initialization sequence may be indicated on the display 305, such as "Starting system" or "Welcome, please wait..." or "Memory Check Succeeded," and the like. The display 305 is managed by the display controller 315, located along one or several of the internal communication buses.

[0057] Client devices using biometric identification options may then prompt the user to scan their finger, retina or other biological entity of the human body or plurality of biological entities of the human body. Client devices without biometric identification will prompt the user to enter a user identification string and password or series of passwords or challenges and responses. Having properly entered the appropriate identification, the user is then considered to be authenticated for that session.

[0058] After authentication is performed, as further described elsewhere in more detail, the device is then fully available to the user, as per established policies, configurations, access privileges, rights and so on. All aspects and features of the client are so empowered to perform, as per either default settings, or user-defined settings. Specifically, the memory 308 and processors 316 and 317 are accessible, and the client software may be fully utilized. The user may then determine which mode of operation to enter, as illustrated in the examples above.

[0059] User input is accomplished in a plurality of ways, including user controls 321 and devices on the client hardware, user interface controls of the software as instantiated on the host device, or by voice or other means.

[0060] When operating the controls 321 on the client, signals may be sent to the processor indicating various requests from the user such as to move up or forward through a data file or record, back or down, to cancel a request or command, to pause, to select, to play, to shoot a picture, to record audio or video, or other such signals as may be required to communicate the users commands to the software. Additionally, voice or sound instructions may be issued, and interpreted by the onboard processor 316 and 317. [0061] The controls 321 and other operating components and devices are connected internally via a plurality of communication buses connection each device in an appropriate manner to as indicated. These communication buses serve to transfer data and instructions between any and all of the onboard devices, including the memory 308, processors 316 and 317, interfaces 313, controllers 311, 312 and 315 and the like.

[0062] The client may contain onboard RF antennae and receivers and/or transmitters or transceivers, 802. lx wireless antennae and receivers and/or transmitters or transceivers, Bluetooth antennae and receivers and/or transmitters or transceivers, microwave antennae and receivers and/or transmitters or transceivers and IR receivers and/or transmitters or transceivers 318. These may be used to communicate to other individual devices directly, or through a network, or through a relay of devices or networks. These communication interfaces 318 and devices are integrated and connected to an input/output controller 311. [0063] The client further may include a radio frequency identification device (RFID)

302, allowing interoperation with a variety of inventory, sales management, package shipping, tracking and other identification operations, using industry standard techniques. [0064] In addition to power obtained from onboard batteries 310 and capacitors (not shown) and other power devices, the client may include a plurality of photovoltaic or the solar energy cells 335, enabling the client to use the sunlight to charge and or power the batteries 310 and other devices.

[0065] The client may contain a speaker or plurality of speakers 330 and 336 or other sound emitting devices used to signal the user for a variety of purposes, such as when a requested action has been completed, a timer has expired, a notification or reminder of an appointment or calendar item, an incoming VOIP phone call, listening to music, recorded sound, streaming sound, am or fm or TV or CB/ham radio and so on. [0066] The client may also contain a microphone or plurality of microphones 333 and 334, electrically connected in such a manner as to allow the transfer of audio signals to the audio processor 319 and or memory 308 and or one or several interfaces. The client further may include audio jacks 343 and 344 for input, output, headsets or other audio devices. [0067] The client may contain a display device or plurality of display devices 305, used to communicate visual information to the user, such as graphical user interface screens, menu options, selection lists, and the like. The user may view appointment dates and times, phone numbers, names, physical addresses, email addresses, account information, or any other information or data stored in the clients memory, or received by the client via one of its interfaces. [0068] The client may also include a camera or plurality of cameras 320, used to capture digital images to be stored locally in memory on the client and or transferred via one of the available interfaces to another network or device. The camera is operated through a software control and utilizes external button controls 321 to initiate the capture sequence. ' These functions may include taking pictures, viewing pictures, editing pictures, deleting pictures and the like. [0069] The client may contain a citizens band radio receiver and or transmitter and or transceiver (not shown), using one or several of the onboard microphones 333 and 334 and speakers 330 and 336 for input and output to the user. Onboard battery 310 and antennae system, display and other controls and devices are implemented as appropriate to create a working CB radio system. [0070] The client may contain a global positioning satellite (GPS) receiver (not shown), allowing geographical determination of location, motion, speed, velocity, and other positional aspects of the client's physical location. This information can be transferred and or communicated to any or all devices and functions onboard via an integrated communications bus. [0071] The client may contain a laser pointing device 301 , of the type commonly used by presenters, speakers, lecturers, professors, and others to indicate a specific location at a distance, or on a slide or presentation or other use. The laser system 301 is powered via the onboard power management system 314, and may be controlled through a button on the external surface of the client 321, or through other means. [0072] The client may further contain a magnetic stripe reader and encoder 303, which is used to either input or output magnetic data onto or from a variety of magnetic stripes as may be found on credit cards, ATM cards, gas cards, and so on. The client additionally may include an extendable, rewritable magnetic strip 337, capable of being physical extended from within the client enclosure in a manner such as to allow the magnetic stripe 337 to be read by a standard commercially available credit card/ ATM reader. [0073] The client may also contain a bar code scanner (not shown), permitting the scanning and collection of bar code data from various products, packages, labels and so on. This scanner is capable of reading and interpreting a variety of commercially used bar codes using infra-red or other means, and transfers this data to one or several of the onboard memories 308 or controllers 311, 312 and 315 or processors 316 and 317 for use by the client software for a plurality of operations. This client can use a plurality of communication and interface standards to transfer collected data, control and commands to other host devices. It may further be utilized without a host device, utilizing power from the onboard battery 310 and using the display 305 and microprocessor control units 316 and 317 to perform a plurality of functions. These functions may include scanning and collection of product bar codes, product identification, etc.

[0074] The client may also contain a standard analog telephone jack 346 (e.g., RJ-11 ,

RJ-45, etc.), interfaced to the communications bus in such a fashion as to allow the speaker 330 and 336 and microphone 333 and 334 in an analog telephone to be utilized for audio input output.

[0075] The client may further contain one or a plurality of mobile phone headset adapter jacks 342 and 343. These jacks allow the connection of standardized mobile phone headsets such as made by Nokia, Siemens or Sony, interfaced to the communications bus in such a fashion as to allow the speaker and microphone to be utilized for audio input output, such as to place voice-over-internet-protocol (VOIP) phone calls, using public or private networks. The headsets and or analog telephones may further be utilized without a host device, utilizing the onboard battery 310, display and microprocessor control units 316 and 317 to perform a plurality of functions. These functions may include recording, editing playback and deletion of voice messages, music or sounds. [0076] The client may include a power management logic 314, enabling the monitoring and management of the power levels of the onboard batteries 310, consumption rates of each device, and other functions. The client may include one or more processors 316 and 317, capable of executing client software and other code as required. The client may further be constructed in such a manner as to include a structurally reinforced case and enclosure, providing protection from extreme blunt forces, water and other liquids, and may incorporate a lock mechanism integrated with the biometric authentication. [0077] In order to provide electrical power for operating any features of the client when not connected to a host computer system, the client may be equipped with a small accumulator battery 310 which may receive a charging surge every time it is used, for example introduced into a host computer system, payment terminal, building access control system, public computer terminal or other device. Alternatively, or as a supplementary feature, the client may be operated by solar cells 325 that may then also serve to charge the accumulator battery 310.

Client Software

[0078] The client software is a set of applications that are executed directly from the client device. However, this software could alternatively be run from a computing device directly. The client software applications may, for example, provide one or more of the following capabilities: document management, document sharing, directory structure, activity sharing such as calendar sharing, instant messaging, electronic mail, notifications and the like. These applications may include vertical market applications (discussed in more detail below) that target markets such as Knowledge Workers, Shopping and E-commerce, Advertising, Defense and Law, Enforcement, Education, Finance, Government, Healthcare, Legal, Insurance, Real Estate, Transportation, Automotive, Manufacturing and Retail, Sporting and Outdoor Deployment, Entertainment, News and Publishing, Sales and Marketing, just to name a few.

[0079] The client software stores data in one or more local data file. In an embodiment of the present invention, these local data files may be encrypted. This feature allows the client software applications to function without an internet connection. The client software connects over a network using one or more secure network protocols, such as SSL or HTTPS over the Internet, to the server computer. The connection is used to send and receive information to and from the server computer. The client software, when connected to a server service, will allow a user to view, share and communicate information via client applications such as document sharing, instant messaging, activity sharing, bookmark sharing, group task management and contact sharing, in a secure manner. [0080] All messages that the client software creates may be stored in local data files.

The client software may also integrate third party services as features in the application. The client software may also contain a universal file application that may allow the member to view, print, convert and edit a file that is in an industry standard format such as MS Word, MS Excel, AutoCAD, Lotus Ami pro and so on.

[0081] The client may have an access policy or other configuration or setting which may allow any individual member of the system or plurality of members to obtain, load, use or otherwise enjoy a policy based dynamically modifiable user interface. Said user interface may provide a user interface or other interface, which may be customized for their use. This customization may include the ability to have some menus or controls or buttons or other user interface aspects appear and or not appear and be usable or not usable based upon a policy or plurality of policies, configurations or settings.

Server

[0082] Referring again to Figure 1, the server 118 is a computer or many computers and may be in a single location or distributed across many locations within a wired, wireless or combination wired/wireless network. The server 118 is coupled to a network 113 via a standard network interface. The server 118 may provide application services (discussed in more detail below) such as authentication, session management, document management, document sharing, directory, activity sharing such as calendar sharing, instant messaging, electronic mail, etc. to the client. All application services transactions are logged on the server 118. The server 118 that provides application services may contain logic to provide a specific service and an object store to store persistent user data. The object store may be, for example, a database that is relational or XML based. Some example databases could be Oracle, DB2, MySQL or the like. The data in the object store may be stored in encrypted form. In some cases, the server 118 is used as a gateway to third party services 117. When used in this mode, the server will receive and transfer data on behalf of the client 111, 114 and 119 to a third party, such as, for example, Kinko's or American Express. These third party services 117 are enabled in the client 111, 114 and 119 as application features. [0083] The data in the object store may be stored in a way that the data cannot be altered.

Protocol

[0084] A client 111, 114 and 119 coupled to a computing device 110, 112, 115 and

116 may connect directly to a server 118 on a network 113 using any network protocol, such as SSL, TLS, IPSEC, WTLS and so on. This protocol is used to transfer data between the client 111, 114 and 119 and the server 118 when the client 111, 114 and 119 is operating in an online mode.

Architecture

[0085] An illustrative architecture suitable for implementing the systems and methods of the present invention is described in Figure 1. This architecture comprises computing devices 112 and 115 with clients 111 and 114, respectively. These clients 111 and 114 are connected to communication interface connectors of the computing devices 112 and 115. The computing devices 112 and 115 execute the client software from the client 111 and 114. While this exemplary system shows one client 111 and 114 per computing device 112 and 115, it will be readily apparent to those skilled in the art after reading and understanding this disclosure that multiple clients can operate on any one computing device. Such component combinations are meant to be within the scope of the present invention. The computing devices 112 and 115 are coupled through a network 113, for example a network using TCP/IP like the Internet to the server computer 118. Another computing device 116 can use, for example, a browser to interact with the server computer 118. However, any suitable user interface may be used. Figure 12 illustrates an exemplary user interface screen shot generally at 350 according to an embodiment of the present invention.

[0086] A standalone computing device 110 with client 119 can operate in an offline mode when no Internet connection is established. The standalone computing device 110 executes client software from the client 119. The standalone computing device 110 uses the client software to access local data files. Thus, computing devices 110, 112, 115 and 116 may be standalone computers or may be connected to the Internet thru a local area network. Computing devices 112, 115, 116 and 110 may be IBM personal computers or take the form of other devices such as Personal Digital Assistants or cellular telephones. [0087] In this exemplary embodiment, the server computer 118 is coupled to Internet

113. The server computer 118 provides services to clients 111, 114. In some cases, the server computer 118 is used as a gateway to third party services 117. The server consists of a set of application servers and a set of databases. These databases are usually relational and could be Oracle, DB2 or MySQL, for example. User data may be stored with access control lists associated with it. When a user requests an action on data (e.g., Read, update, delete, etc), the access control list is checked to see if the user has rights to take the action. If the user does not have rights then the action is denied. If the user does, then the action is taken. [0088] Figure 13 is a top level architecture process flow according to an embodiment of the present invention and showing the operation of a client. Figure 13 should be viewed with Figure 1 for the purposes of this description. The process begins when a client 111 is coupled to a computing device 112 at step 500. Software on the computing device 112 checks for autoplay capability at step 501 and if autoplay is available, executes client software automatically at step 504. If autoplay is not available, user initiates execution of client software at step 502 which typically entails manually starting autoplay software within the client software at step 503.

[0089] Next, authentication is initiated at step 505 causing the user to be prompted for user ID and password at step 506. If authentication fails at step 507, another attempt is typically made at step 505 et seq. When the user is authenticated, mode of operation is determined a at step 508. If no adequate network connection is available or by user selection the network 113 is unusable, then local mode is selected at step 509.

[0090] When a network 113 is available, the client 111 connects to a server 116 using

SSL at step 510 (described below and in Figure 14) and establishes a session between client 111 and server 112 at step 511. Having established the session, transactions may be initiated as shown at step 512. The transactions include one or more synchronizations of data between the client 111 and the server 112 at step 513 (see description below and Figures 16A - 16D). Once synchronized, the system operates in connected mode at step 514. [0091] Referring now to Figure 14 an illustration of a session establishment process flow according to an embodiment of the present invention is provided. Before the client can interact with the server computer it must establish a session key or ID. To establish a session key the client must be authenticated by the server computer. When the client is executed on the computing device, a login screen with prompts for Login ID and Password will appear. The user will enter a login id and password. The client then attempts to establish a session with the server. The client will then open a SSL or other secure connection to the server computer at step 550. The client then requests a login and passes the login id and client unique identifier to the server computer at step 551. The server computer checks to see that the login id and client unique identifier match the login id and identifier pair that is stores in the servers object store at step 552. If they are not identical, an error message is sent by the server to the client at step 559. If they are identical, the server computer then sends a challenge to the client at step 553. The client uses the password to create a response. The response is sent to the server computer at step 554. If the response is valid at step 555, the server computer creates a session key for the user session at step 556, sends the session key and server public key to the client at step 557 and stores it in its data store at step 558. If the response is not valid the server computer sends an error message to the client at step 559. [0092] The SSL connection is the channel that the client maintains with the server computer. The channel is persistent for message requests that the client makes to the server for the duration of the session. The channel is also used for the server to send messages to the client. All message requests that are sent from the client to the server can be encrypted using the server public key and can include the login id and session key. If the session key is invalid then the server will not process the message. The server processes the message by sending it to the appropriate application service (such as instant messaging, document management, calendar, etc.) or third party service gateway (such as, for example, Cingular for mobile messaging, Kinko's for printing, J2 for fax, AOL for instant messaging, etc.) and sends the result as a message to the client software. The client receives and processes the response.

[0093] The channel may also be used by the server to send messages to the client.

These messages may include real time communications and data updates. These messages are used to gain access to services provided by the server including instant messaging, document sharing, calendar sharing, email, etc. These messages can also be used to gain access to third party services such as fax via J2.com, printing at Kinko's, conference calling via Qwest, etc. The client software gains access to these third party services either thru the server computer or by connecting directly to the third party services over SSL or a similar secure connection.

[0094] The client software typically has third party services integrated as features inside the applications. An example of this would be a "print to Kinko's" button integrated into the library application. When a user is in the file sharing application, the user can click the Kinko's button and fill out a form that provides printing instructions to Kinko's. The server computer may then transmit the file and instructions to Kinko's. Kinko's will print the file and delivery it as per the instructions. Kinko's will also send updates on the status of the print job to the server. The server may forward these status messages to the client. These features are implemented by coupling the computing devices and thru a network such as the Internet to third party services.

[0095] The local data files on the client typically store a local copy of the user's data.

The local data files are kept synchronized with the user's data that is stored in the server computers database. When the data that the user has access to is changed on the server, a copy of that data is sent to the client. The client software updates the local data files. Conversely, when the data in the local data files is changed locally, the client software sends a copy of that data to the server computer. If the client is connected to a computing device that does not have an internet connection, then the changes to the local data files are queued on the client. These changes are sent to the server computer the next time the client software connects to the server computer (i.e., synchronization occurs).

[0096] Referring now to Figure 15, together with Figure 1, a data change process flow according to an embodiment of the present invention is illustrated. The process begins when the client 111 encrypts a data change request using the server's 118 public key at step 600. The client sends the request to the server using an SSL connection at step 601. The server 118 checks the validity of session information at step 602 and, if the session is invalid, the server 118 creates an encrypted error response using a public key provided associated with the user at step 603. The server 118 sends the error response to the client 111 by SSL connection at step 604 and, upon receipt, the client 111 decrypts the response at step 605 and processes the error message at step 606.

[0097] Where the session is deemed invalid, an error message is prepared at step 610 for encryption at step 620, transmittal to the client 111 at step 621 where the error message is decrypted at step 622 and the client processes the error message at step 623. Otherwise, the server 118 decrypts the request at step 607 and transmits the request to an appropriate application service at step 608. If the user is determined at step 609 to have sufficient access rights, then the application service makes the requested changes to data storage at step 611. At step 613, if no other members need to receive the changed data, then the application service provides a confirmation response at step 612 for encryption at step 620, transmittal to the client 111 at step 621 where the confirmation response is decrypted at step 622 and the client processes the response at step 623.

[0098] In the event that it is determined that another member needs the changed data at step 613, a test is performed at step 614 to establish if the another member is online and, if not, the data is maintained for future transmission to the another member at step 615. If one or more other members are found to be online at step 614, the server 118 encrypts the data change at step 616 and sends the encrypted data change to the one or more other members' associated clients at step 617. The associated clients receive and decrypt the encrypted data change at step 618 and process the data change at step 619.

[0099] Figures 16A-D illustrate a synchronization process flow according to an embodiment of the present invention. When the client is logged into the server the local data files on the client are kept synchronized with the related data stored in the server's database. [00100] At step 650, a client encrypts a synchronization request and, at step 651, sends the request to a server using SSL. If the server determines the session to be invalid at step 652, the server encrypts a first error response at step 653 and sends the first error response to the client using SSL at step 654. At step 655, the client receives and decrypts the encrypted first error message and processes the error at step 656. Where the session is valid, the server decrypts the request at step 657 and transmits the request to a Sync service at step 658. The Sync service notifies the server of readiness at step 659 and encrypts a ready message for the client at step 660. The encrypted ready message is transmitted to the client at step 661 and upon receipt, the client decrypts the encrypted ready message at step 662. The client then encrypts data changes at step 663 and transmits the changes to the server at step 664. [00101] If the server determines the session to be invalid at step 700, the server encrypts a second error response at step 701 and sends the second error response to the client using SSL at step 702. At step 703, the client receives and decrypts the encrypted second error message and processes the error at step 704. Where the session is valid, the server decrypts the data changes at step 705 and transmits the request to the Sync service at step 706. The Sync service transmits the data changes to application services at step 707. [00102] If the user is determined at step 708 to have sufficient access rights, then the application service makes the requested changes to data storage at step 710. If the user does not have sufficient access rights, a result message indicating an error is prepared for transmission to the server at step 709. At step 712, if no other members need to receive the changed data, then the application service provides a confirmation response as the result message for the server at step 711. Where it is determined that another member needs the changed data at step 712, a test is performed at step 713 to establish if the another member is online and, if not, the data is maintained for future transmission to the another member at step 714. If one or more other members are found to be online at step 714, the server encrypts the data change at step 715 and sends the encrypted data change to the one or more other members' associated clients at step 716. The associated clients receive and decrypt the encrypted data change at step 717 and process the data change at step 718. [00103] At step 750, the server encrypts the result message and sends the encrypted result message to the client at step 751. The client receives and decrypts the encrypted result message at step 752 and processes the response. At step 754, the client may encrypt an all- data change request for transmission to the server at step 755. Upon receipt of the encrypted all-data request, the server determines if the session is valid at step 756 and, if not, the server encrypts another error response at 757 and transmits the encrypted another error response to the server at step 758. The client, upon receiving and decrypting the encrypted another error message at step 759, processes the another error message at step 760. [00104] At step 770, the server decrypts the encrypted all-data change request and transmits the all-data change request to the Sync service at step 771. The Sync server obtains all changes to data from the object storage at step 772 and sends the all-data changes to the server at step 773. The server encrypts the all-data at step 774 and transmits the encrypted all-data to the client at step 775. The client receives and decrypts the encrypted all-data at step 776 and processes the changes at step 777.

[00105] If the computing device to which the client is coupled is offline, then the local data files in the client are updated the next time the client is coupled to a computing device that is networked with the associated server. Conversely, updated data on the client is "pushed" out to the corresponding server when the client is connected to the server. [00106] The client software may manipulate and update data in the computing device memory, or the operator of the computing device may perform operations that update data in the computing device memory using software not on the client. In the latter case, the computing device will store in memory on the client any data stored in the computing device memory that is related to software applications. If the operator updates related data when the client is not coupled to the computing device, then software on the client, upon coupling of the client with the computing device, may request that the updated data get transferred to the client memory to sync up the client with the computing device.

[00107] After the client has established a session with the server, the server will send a message to the client that contains the latest client software version number. The client will check to see if it is the latest version by comparing the latest version number to its version number. If it is not the latest version the client will download the latest version of the client software and install it onto the client.

Client function

[00108] Referring again to Figure 1, client software executes directly from client 114 without the need for software installation the computing device 115 or administrative rights on the computing device 115. In this example, the computing device 115 includes a USB port configured to receive the USB connector of the client 114. The computing device 115 recognizes the client 114 as a removable drive. When the client software is invoked for the first time on the computing device 115, an auto launch utility from the client may be installed on the computing device 115. The auto launch utility will automatically invoke the client software the next time the client 114 is inserted into the computing device 115. [00109] The client device may also be connected to the computing device using wireless protocols such as 802.11, 802.16, radio, infrared, microwave, Bluetooth and so on. Additionally, the client may have a wireless phone such as GSM or CDMA built into it.

Client Authentication

[00110] The client may store a unique identifier, or a set of unique identifiers, that is used as a factor of identification allowing the client to be employed as a factor, or one or many factors, for user authentication. The server associates the identifier with the client owner's login ID. When the client connects to the server, the client sends the user's login JJD, password and the client unique identifier. The server checks whether the login ID matches the client identifier. If so, the server then verifies the password and generates a session key. The server then will transfer the session key to the client. If not, then access is denied.

BUSINESS METHODS

Group

[00111] A member can define and create a collection of members, referred to as a

"Group" in which that member is a participant. A group enables a collection of members to view, communicate and share information. A group consists of a list of members and guest contacts and their access level, some information about the group, a sharing structure and a communications list.

[00112] There are many types of groups such as a deal, a project, a sales lead, bug tracking, issue tracking, order tracking, support tracking, etc. The information about a group will be different depending on the type of group. In a deal group, information includes company, amount, start date, stage, etc. For example, a sales lead group will contain the sales lead contact information. Other groups will do likewise.

[00113] A group also will be configured with sharing structures. Depending on what the group type is, the sharing structures might be Library, which may contain files and bookmarks, Calendar, which may contain Appointments and Tasks Notes, Orders, Bug details, and so on.

[00114] The data may be appointments, files, bookmarks, tasks, group information that is specific to group types such as deal information, description, project tracking information, group member list, and the like. A data container for a group may be an activity list or library list.

[00115] The group may also allow the recording of certain goals and objectives, which may be further associated with specific tasks and other items within the system. [00116] The list of members and guest contacts, referred to as group members, may serve as an access control list for data that has been associated with the group. Different group members could have different access rights to the data associated with a group. These access rights may include read only, read and write, manager and owner. Read access rights grants the group member the ability to read any data associated with the group. If the group member has read and write access they are have all the rights of read access as well as the capability to add data to the group. They also may be modify and delete the group data that they own. If the group member has manager rights, they have all the rights of a group member that has read and write access rights. In addition they can invite new members to the group and assign them access rights. They cannot assign these new group members access rights that are manager or admin. A group member with manager rights can modify the access rights of group members that have read or read/write access. A group member with manager rights can remove a group member who have read or read/write access. Group members with management access rights have the ability to modify add, modify and delete data in the group. If the group member has owner rights, they have all the rights of a group member that has manager access rights. In addition they can invite new members to the group and give them management access rights. If the group member has owner rights, they can remove any group member and can modify any group members rights. A group usually has one group owner at a time. A group owner may transfer their group ownership to another group member. A group member can remove themselves from a group at anytime by deleting the group. This will only remove the group member from the group. A group member that has owner access rights can delete the group, which will remove the group from the server. A group owner can change the access rights of any group member. [00117] Referring to Figure 17, an exemplary method for the creation of a group may be understood. Group is created by user at step 800 and the user provides information describing the group at step 801. The user is designated as the group owner and is then able to add members to the group and set appropriate access rights for the members at step 802. Upon saving the group configuration and information at step 803, server creates structures, files and directories to support the group at step 804. the group name is then published to group members at step 805. [00118] Group Owners or Group managers may only be able to add members to a group if the member has previously authorized interactions with them. When a member or guest is added to the group, they may get invitations requesting their participation in a group at step 806. Members who deny a group invitation request at step 808 may not receive access to the groups data such as activities, group information, files, URLs or other data or data types that may be associated with the group, and may not have the group listed in their directories. Members who accept a group invitation request at step 809 may receive access to activities, information, files, URLs or other data or data types that may be associated with the group, and may have the group listed in their directories. This access is based on their access rights. Members who ignore or postpone responding to a group invitation may get reoccurring invitation messages. These members do not have access to the group data until they accept membership to the group.

[00119] Once a member becomes a group member they can set group notification preferences for themselves. These preferences may include being notified when data is added, changed or deleted. A group member also may be notified when group members or a group members access rights are added, modified or deleted. The group member may be notified by quick note, mobile message, etc.

[00120] There may exist the ability to allow multiple teams of individuals or groups to be part of the same group or a plurality of groups.

[00121] A group may be used as a access control list object to assign access to rights to different methods in the system. A member may establish a group and give group members of the group access rights to particular services. For example, a member may assign a first group of members have read/write access to his calendar, a second group that only has read access to his calendar, a third group that has read access to his contacts information. [00122] When data is associated with a group such as an appointment or task, it is accessible by group members regardless of whether they have member level access rights to the data. An example of this would be an appointment where members Joe and Ralph have access rights. There is also a Group called A that has group members: Joe with owner permissions and Mike with read write permission. When this appointment is associated with Group A, Mike will have the ability to view the appointment data because he has group member rights to view data that is associated with the group.

[00123] As indicated above, a group can of a specific type that includes a deal form and a project form. Figures 18 and 19 show alternative arrangements of specific types of group forms, which is similar to the group form set forth in figure 17. For the purpose of clarity, Figure 18 and 19 are shown with similar numerals as Figure 17 for the similar steps. Accordingly, Figure 18 shows the creation of a deal form with similar numbers as the group form of Figure 17. Likewise, Figure 19 shows the creation of a project form with similar numbers as the group form of Figure 17.

Tracker (Group type)

[00124] There may exist a group type tracker. The tracker group type may include all of the features and capabilities of a group as defined above, and may include additional capabilities allowing the tracking of one or more types of information. Examples of types of trackers would be a software defect tracker, a hot issue tracker, a support tracker, a request tracker or any other tracker. The system may include a plurality of features to enable a process, organize a workflow, or any other feature for which a tracker may be suitable. An example tracker may include support or help desk tracking, and the client may have an integrated support tracker. A support tracker may be a software system and database for recording and following up on requests for help or support. Requests for help or support that have been entered in the system may be known as cases, or incidents or tickets or trouble tickets. A support case may be associated with the person requesting help, the customer, and with the person responsible for providing that help, the support tech or representative. [00125] The client may include a support tracker that may operate one or more modes.

There may be a 'customer' mode. The customer mode may allow a system member to create a support case or ticket in the database and so request support through the system. The customer mode may allow the system member to add notes to the support case at creation or later. The customer mode may allow a display of support cases the system member created and may allow the system member to open, view and update those cases. The system member may be allowed to add notes to the support case. The system member may not be allowed to change or edit notes that have already been added to the support case. Long text fields of notes that behave like this are sometimes known as a support history. [00126] The support tracker may also operate in 'support mode.' Support mode may be enabled for a specific group of system members. System members that are members of certain groups may be enabled to operate the support tracker in support mode by default. Such system members may be called 'support techs.' Support techs operating the support tracker in support mode may access and update support cases that have been created by other system members. Support techs may only be able to access the support cases of a specific group or groups of system members. Support techs may update and edit support cases. Support techs may be able to add to a case's notes, but may not be able to edit past notes also called the case history.

[00127] A system member may create a support case, using the notes to explain the problem. Once created, the case may be assigned to a support tech. An assigned case is associated with a support tech. The system may allow a support case to be re-assigned. Reassigning a support case associates it with a different support tech. Assignment may be handled automatically by the system. The system may follow some rotation in assigning cases to members of a group of support techs. Assignment may be to a designated default support tech who may then be enabled to reassign cases.

[00128] The cases notes may be used by the system member and the support tech to communicate in an ongoing manner regarding an issue, case, bug, defect or other item or problem. The support case may become part of a permanent database of support cases. The support case may include additional data. The support tracker may include some data, such as the versions of the client being used automatically. The support case may include a status field. The status may include values such as 'open, new, closed, etc' to aid the support business process.

[00129] Support techs may have access to additional data, data field or functions in support mode. Support techs may be able to create cases on behalf of other system users. Support techs may be able to search databases of previously reported problems or to look up designated customer data. Support techs may have an escalation function that associates an additional (probably senior) support tech with the case. Support techs may have access to an additional notes field logging a history that is only viewable by support techs. [00130] The client may indicate updates assignments and reassignments of a support case to the associated support techs or system members. Updates by the customer may prompt an indicator or alert to the associated support tech. Updates by the support tech may prompt an indicator or alert to the customer.

Gallery (Group Type)

[00131] The system may include a group type called a gallery. The gallery may be similar to a group as defined above, having additional features, functions and capabilities which may include the ability to browse thumbnails of photos, movies, videos or audio, select any of a plurality of these for further processing, zoom, edit, enhance or otherwise modify, transfer, communicate, transmit, convert or share same. Further functions which may be included are automatic creation of a website or other web service allowing members and guests and others to examine, review, select, arrange and otherwise manipulate the items in the gallery. It may be possible to add comments, notations, additional recordings, or other media types to the items in the gallery and associate them in a database.

Guest Services

[00132] The Guest Services are aspects of the system that enable system members to use the same tools methods and procedures to interact with non-system members or "guests" as well as members. A Guest Contact or guest has a record which may have contact information associated with it such as is traditional for address books, such as name, address, city, state, zip code, email address, fax number, phone number, pager number and others. When contact data for a guest contact includes an email address, Guest Services automatically converts quick notes, email, bookmarks, task updates, requests for appointments and access to data files into web accessible files or data or information in a format such as a fax, or other means.

[00133] Guest Services therefore may make the system accessible and or usable and or otherwise valuable to a plurality of users of the Internet since any Internet user with an e-mail address or fax number or other alternative data receiving equipment can receive data and communications from members. The guest user would require no special software or hardware. A guest simply uses a standard network-capable computing device and web browser, or fax machine, or other device capable of receiving data, to access or obtain the intended information.

[00134] A member may invite a Guest to join a Group or plurality of groups. The guest may then receive a notification or message, for example a clearly formatted email, from the member, sent automatically via the system, which may include information such as the new group name and description, and may include an invitation to participate in said group. When a member schedules appointments and meetings using the system, any of their guests involved in those actions may receive a clearly formatted email, from the member, explaining that they have been invited to an appointment, and the guest may then choose a web link or URL within the message to respond to the invitation. Said response could be to attend, not attend, or tentatively attend, or any other reasonable and typical response to an appointment or meeting invitation. A plurality of details including date, time, location, description and other attendees may be included. When a member sends e-mail the Guest receives a standard email. [00135] A member may share files or data or bookmarks or other data types in a library automatically, or as may be configured according to a schedule or other events or actions. The guest may receive an email or other message from the member, explaining for example that a file or bookmark has been added or changed in a group library. This may include the filename, the name of the member who created it, date, time, size, description and or a link to download the data or file. The link to download the file may be created by the system as a secure one-time URL, which can be configured to work one time, a plurality of times, at certain dates and or times, or other limitations.

[00136] A member may send a quick note to a guest, whereby the guest may receive a clearly-formatted email or other message from the member, which may include the text of the quick note message automatically converted into the body of the email, as well as other details. A member may edit a task which involves a guest, and the guest could receive a similar email or message. This can be applied to any and all features and functions within the system as may be practicable in the art

[00137] Guests and or members may further be provided a means through email or a web browser or phone or fax or other method to access and use, download, view, print, communicate and any other action as may be feasible in the art.

DETAILS OF THE TECHNICAL ASPECTS OF GUEST SERVICES

[00138] Guest contacts are contacts that may be created and maintained by the system member. They normally represent people who are not system members. Guest contacts are associated on the server with the system member who created them. They are part of the creating system member's data and are administered by the creating system member. Guest contacts may contain a variety of information, including, but not limited to a name, home address, a birth date, a job title, spouse's name, etc. Guest contacts may also have a communications list as above.

[00139] Guest services may substitute email messages or other message types for system specific messages, notifications or features.

[00140] If a guest contact has an associated email address, the system may allow a system user to send a quick note to that contact. The server may generate and send an email to the associated email address. The email may include the text of the quick note. The email may include a signature based on information in the system member's my info. The email may include an email return address from the system member's my info. The system may allow the system user to send a quick note to multiple recipients. The multiple recipients may be a mix of member contacts and guest contacts. The system may send email to each guest contact, and a system based quick note to each member contact. The emails may or may not specify other recipients or their addresses.

[00141] If a guest contact has an associated email address, the system may allow a system user to send an instant bookmark to that contact. The server may generate and send an email to the associated email address. The email may include the URL and the text of the instant bookmark. The email may include a signature based on information in the system member's my info. The email may include an email return address from the system member's my info. The system may allow the system user to send an instant bookmark to multiple recipients. The multiple recipients may be a mix of member contacts and guest contacts. The system may send email to each guest contact, and a system based an instant bookmark to each member contact. The emails may or may not specify other recipients or their addresses.

[00142] If a guest contact has an associated email address, the system may allow a system user to add the guest contact to the attendee list of an appointment. The server may generate and send an email to the associated email address. The email may include the text derived from information associated with the appointment. The email may include a meeting location, time, date, time-zone, meeting subject and or description and associated group. The email may include a signature based on information in the system member's my info. The email may include an email return address from the system member's my info. The system may allow the system user to add a mix of member contacts and guest contacts to the attendee list of an appointment. The system may send email to each guest contact, and a system based appointment notification to each member contact. The emails may or may not specify other recipients or their addresses.

[00143] If a guest contact has an associated email address, the system may allow a system user to add the guest contact to a task. The server may generate and send an email to the associated email address. The email may include the text derived from information associated with the task. The email may include a description, due date, status, priority, details and associated group. The email may include a signature based on information in the system member's my info. The email may include an email return address from the system member's my info. The system may allow the system user to add a mix of member contacts and guest contacts to the task. The system may send email to each guest contact, and a system based notification to each member contact. The emails may or may not specify other recipients or their addresses. [00144] If a guest contact has an associated email address, the system may allow a system user to add the guest contact to a group. The server may generate and send an email to the associated email address. The email may include the text derived from information associated with the group. The email may include a group name, details or other associated information. The email may include a signature based on information in the system member's my info. The email may include an email return address from the system member's my info. They system may allow the system user to add a mix of member contacts and guest contacts to the group. The system may send email to each guest contact, and a system based appointment notification to each member contact. The emails may or may not specify other recipients or their addresses.

[00145] If a guest contact has an associated email address, the system may allow a system user to associate the guest contact with a library. The server may generate and send an email to the associated email address. The email may include any URLs stored in the library. The email may include limited duration URLs that allow download of library files. Limited duration URLs may be generated by the server so that they resolve to the system's web site. The limited duration URLs may be limited by time (Ex, expired after one week) or limited by number of downloads (Ex, expired after three downloads). The service may track the duration of a limited duration URL and disable the URL when it expires. The limited duration URLs would enable the email recipient to download the files in a library through a web browser. The limited duration URLs may be over SSL (secure sockets layer) to allow for encrypted transmission. The email may include a signature based on information in the system member's my info. The email may include an email return address from the system member's my info. They system may allow the system user to associate a mix of member contacts and guest contacts with a library. The system may send email to each guest contact, and a system based notification to each member contact. The emails may or may not specify other recipients or their addresses.

[00146] The system also may allow a member or guest, who is so privileged, to examine a detailed record of all the files or bookmarks owned or checked out by himself or another member or guest, that the examining member has access to through the groups feature or other sharing means. Similarly, the system also may allow a member or guest, who is so privileged, to examine a detailed list of all activities, meetings and appointments that the examined member has been invited to, that the examining member also has been invited to. [00147] The system may provide the ability for members and or guests to contribute comments to a running and ordered discussion topic, the ability for the contributions to be monitored and moderated, the ability for the contributions to include web pages and bookmarks, the ability for the contributions to be attached to web pages, wherein the ability for the discussion topic may be about a web page or defined collection of web pages in a manner that makes the web page or web pages an obvious part of the discussion set-up and contribution mechanisms.

Library

[00148] A library is a container of library items. A library item may be a file, bookmark (URLs), web tour or other data item. A library item is associated with one or more contexts. A context for a library item may be a group, contact, appointment, task, and so on. When a library item is associated with a context, the contexts access control list serves as the access control list for the library item.

[00149] For example, when a library item is associated with a group the group membership serves as the library item's access control list. If a group member has read rights they may view all data in the library that is not flagged as 'private'. If the library item is a file, the library stores the file that is represented by a file data item in a local file directory in the memory of the client.

[00150] A group member with write access to a library is able to add a data item.

When a data item is added to a library, In addition to storing the data item, the library will store additional information about the data item such as date, time, description, owner, etc. The data item may be flagged 'private' so that only the owner may see it. The data item owner can change a data item from private to 'shared' , which will allow group members to see the data item if they have access rights to it. If the data item is a file then the file will be copied to the libraries local file directory. By default, the group member who adds the data item becomes the owner. It is possible for the data item owner to assign the ownership to another group member. After the information is saved and once the client is connected server, the data item information is sent in real time to all other group members as long as they are connected to the server. If they are not connected at the time, the changes may be sent to the client the next time the client connects to the server as long as the data item is flagged as 'shared'.

[00151] If the data item is a file, the sync status of the file is displayed. The sync status displays status of the file represented by the data item. The following sync statuses may be displayed: • No local copy - file is not on the client • Local copy older - newer version of the file is on the server • Local copy newer - newer version of the file is on the client • In Sync - file on client matches file on server

[00152] A group member that has appropriate access can 'Get' a local copy of a library file, getting downloads of the version of the file that is currently on the server. If there is a local copy on the client, the local copy can be overwritten if different from the library copy. [00153] Group members can 'View' a library file or URL. 'Viewing' a file downloads the version of the file that is currently on the server if there is no local copy or the local copy is different and then launches the file as 'read-only'. Viewing a URL opens it in a browser window. Viewing a Web Tour opens a browser window with the Web Tour toolbar and displays the first URL of the web tour.

[00154] Group members can 'Check Out' a library file. 'Checking Out' a file downloads the version of the file that is currently on the server if there is no local copy or the local copy is different and prevents the server version from being edited. Other members of the group can continue to 'get' or 'view' the file, but cannot change the server version without appropriate access rights. When other members are logged in, they will see that the file is checked out, and which member has checked it out. If they get or view the file, it will be the last uploaded version.

[00155] Group members can 'Edit' a library file. 'Editing' a file marks the file as

'checked out,' downloads the version of the file that is currently on the server if there is no local copy or the local copy is different and then might open the file. [00156] Group members can 'Check In' a library file when they have it checked out.

'Checking in' a file uploads the local version of the file to the server, overwriting the old copy and unlocks the file for check out by other group members.

[00157] Group members can 'Undo Check Out' of a library file. 'Undoing Check Out' unlocks the file on the server for editing without uploading the local copy. Some group members may have 'manager' status or higher, which will allow them to 'Undo Check Out' of files locked by other group members.

[00158] When files are directly added to the file directory in the memory of the client, they will likely show up in the library as 'local only.' A local only file can be maintained through the operating system and remain associate with the library it is in, but is not available to other members of the group. A local only file can be added to the system, making it available to other group members. [00159] Synchronization of some or all of the files or other data can be performed without direct user interaction, or the end user could choose what files or other data to synchronize at each login, or some combination of the two.

[00160] The system of the invention may permit tracking and maintaining a version history of a file, including a copy of each version of the file through its history of edits, a time/date stamp of who took action on the file and when, the ability to include, as part of the history, specific comments on the file associated with each action taken, by the member or guest taking the action, and the ability for members or guests so privileged to view the version history of the file, or portions thereof.

[00161] The library may also allow local file management, permitting operation and actions upon local files.

Folders in Library

[00162] There may exist the ability to create folders within a library, such as may be typical within an operating systems file system. An example could be the MS Windows Explorer. These folders may be subject to the same features, functions and capabilities of other library items, and can contain multiple files, library objects or other additional folders.

People view

[00163] The system also may allow a member or guest, who is so privileged, to examine a detailed record of all the files or bookmarks owned or checked out by himself or another member or guest, that the examining member has access to through the groups feature or other sharing means. Similarly, the system also may allow a member or guest, who is so privileged, to examine a detailed list of all activities, meetings and appointments that the examined member has been invited to, that the examining member also has been invited to.

Calendar

[00164] The system calendar enables members to request, schedule, accept, reject, change and share appointments and other calendar related data with both members and guests. Members view calendar data on an electronic calendar that is on both the client and server. Members can use the calendar to keep track of all their personal meetings, events and "to-do' s"; or they can use it to schedule meetings and conferences for teams or workgroups. Because guest services allows non-members to receive and respond to appointment or meeting invitations, everyone (system users and non-users alike) can coordinate their schedules. Guests receive e-mail invitations with secure web pages where they can accept or decline appointment invitations.

[00165] The calendar service application of the invention may include daily, weekly, and monthly views. A member or guest may create meetings and appointments on the calendar, and invite other members or guests to the extent authorized. Meetings may be displayed on a member or guest's personal calendar if invited. An invitee can offer a response to an appointment of meeting invitation (accept, reject or tentative attendance) that is visible to the inviter as part of the inviter's view of the meeting. [00166] In another embodiment, the shared calendar service may further associate meetings and appointments with a group in which that the member or guest is a participant. Meetings associated with the group are visible in the member or guest's view of the group calendar, even if the member or guest is not invited to the meeting. They are also visible on appointment attendees' personal calendars. Details of the meeting associated with the group, including responses of the invitee, may also be visible to members of the group. Meetings associated with a group may also be "private," and are therefore visible only to the invitees, and on their respective group calendars. The calendar may also allow a view of which time slots are not currently committed by a group member when inviting that group member to a meeting.

[00167] The system may also allow an inviter or other authorized member invited to a meeting to contract for a third-party service provider to deliver services to the invitees of the meeting, and to automatically place relevant information about accessing the services in their respective views of the meeting. Such third party services may, for example, include conference calling and voice-conference bridging, catering or internet-based video conferencing. Such third-party services may provide a web-based or browser accessible presentation capability and co-browsing. For all applications mentioned herein, the system may communicate information to guests through automatically generated emails or other communication. For groups, the system may provide a method for selecting and viewing calendar items associated with the groups and a member or guest's personal calendar overlaid on the same calendar view.

[00168] The system may further provide a method for integrating third-party services that have a time-sensitive component (e.g. overnight delivery services) such that relevant time events are automatically placed and updated on a member or guest's calendar based on information provided by the third-party service (e.g., "A FedEx package from MEMBER X is due to arrive before 10:00 am" shows up on the appropriate date). [00169] The methodology behind the calendar is as follows - the calendar may resemble an electronic day timer, and may enable recording and scheduling of meetings or events. The calendar may allow a chronological presentation of meetings. The graphical interface may present one day, multi day, week, multi-week or monthly views of recorded events. The calendar may be shared between members on the system. If a member has access to another member's shared calendar, then that member may overlay the shared calendar with their own calendar and the system might indicate distinction between two calendars. An appointment is a data object that may represent a meeting or represent another activity that happens during a set time. An appointment can be created by a member. [00170] An appointment has one or more attendees. An attendee is a member or guest contact associated with the appointment. Attendees have a name, a time zone and a status. The name comes from the name of the existing member or guest contact. The time zone comes from existing time zone of the member or guest contact. The status is specific to the appointment.

[00171] The status may include owner, accept, decline, tentative or none. An appointment must have an owner, and the member who created the meeting is the default owner. The default status of all other attendees is none. The owner may be enabled to edit the meeting at a later time, but the other attendees may only be able to edit their status. [00172] An appointment has a description. A description is a text field. An appointment has a start time and end time. The start time and end time are time fields. The start time must be before the end time. An appointment may also have start data and an end date. An appointment may have additional text fields. It may have a location, it may have details, it may have notes.

[00173] A member may create an appointment. When a member creates an appointment, the system may provide a default value for the start time and end time, as well as the start data and end date. The member creating the appointment may be an attendee by default with the status of owner. The appointment creator may add members and guest contacts to the attendee list. The default status for these attendees may be none. The appointment creator may not be able to change the name, time zone or status of attendees, only add or remove them. When the member creating the appointment saves the appointment, the system may send a meeting invitation to the members of the attendee list. A meeting invitation may be handled through the system for members. A guest contact may receive an email or mobile message. [00174] A member who receives an appointment invitation may be able to view the meeting and respond. The response may be a change of the member's attendee status. Choosing decline may surrender the right to view the meeting. Tentative and accept may allow continued viewing of the appointment. A member who receives an appointment invitation may ignore it. If ignored, the status remains none. Status of none, tentative or accept may be changed later.

[00175] An appointment owner may edit a meeting. An edited meeting may send new invitations. The status of attendees may automatically revert to the default of none. [00176] A member may delete an appointment. For a non owner attendee, this may be the same as changing the attendee status to 'decline.' If the owner of the meeting deletes the meeting, it may be removed from all other attendee's calendars. The system may send a notice similar to an invitation informing attendees of the deletion. [00177] When created or at a later time, an appointment may be associated with a group. A meeting associated with a group may be visible to members of the group who are not attendee's or who have declined the appointment. Association with a group may populate the attendee list automatically.

[00178] An attendee may be able to configure a notification for a meeting. A notification may be a system generated message that serves as a meeting reminder. An attendee may be able to instruct the system to send one or more messages a set time before an appointment's start time. The attendee may be able to choose the message type as a mobile message, a quick note or an email.

[00179] Appointment owner's may be able to make the appointment recurring. A recurring appointment may be a series of meetings with the same attendee list. Recurring meetings may be on a monthly, daily, weekly, or on any repeating interval. A change to a recurring meeting may affect only one meeting, or may affect the whole series of meetings.

Tasks

[00180] The Tasks functionality of the system helps members and their teams create and organize all the important tasks and activities for their life and projects. Tasks can be used as simple reminders of things "to do" or as a valuable tool for project management and workflow coordination.

[00181] Members can use tasks for themselves to create reminders of important activities. A task can be anything from a note to finish an assignment, call a client or buy milk on the way home. The task will be added to the calendar for the day and time chosen. Tasks can also be used for teams. If a member is working with someone else, or an entire team, they can use Tasks to create assignments for the group. Then, these tasks can be added to both the Member and the team member's calendars and to a specific Group. For example, a member creates a Group called "Research" to facilitate a project where the team is working on proposals for federal grant money. All of the important documents, budgets and proposals are stored and shared in this Research Library. And, the member creates a series of tasks with priorities, current status and due dates to keep the project moving smoothly. [00182] Tasks can be created from different areas of the system interface including from an Activities tab on the Group function and the Calendar interface. Tasks can be viewed from different interfaces including Groups and Calendar. A task is a data object that represents something a user may have to accomplish. Tasks may be displayed or reported as a 'to do' list. A system user may create a task. A task has an owner. The owner is the member who created the task. Ownership may be assignable to another member. [00183] A task may have a delegate. A delegate is a member or guest contact. A member delegate may be able to read or edit the task. A delegate may get system notices of changes to the task. A guest contact may get guest services messages when the task is edited. A task may be associated with a group. A task associated with a group may be visible or editable by members of a group.

[00184] A task may have a description, a one line text field. A task may have a due date. The due date may have a default value. A task may have a status. Status could be a fixed list and could include open, closed, complete, hold, delayed with a default value of open. A task could have a priority filed, with priorities of high medium or low with a default value of medium. A task could have notes or details. Notes or details could be long text fields for ongoing notes.

[00185] The graphical interface may present a display of related tasks called a task list.

A user may be able to display all tasks he has access to, or he may be able to limit the display. The user may be able to display only tasks with status open, or base the display on similar criteria. The task list may have a search function. The task list may have a sort function, allowing the tasks to be displayed in chronological order or similar.

My Info

[00186] The contact information of members is entered by individual members as "My

Info." This data is controlled by the member and stored on the client and server. Only the member has permission rights to enter and edit their "My Info" data. Other members who are authenticated and authorized by the member to share information can view this data. [00187] One of the inherent advantages and completely unique aspects of the system is the fact that when a member updates his or her contact information every other member that has been authorized to view this information will have access to the updated data because it is synchronized between clients, and thus stored on the server. With other electronic contact management systems individuals must personally contact other individuals on a regular basis and manually update this type of data or distribute a request (perhaps by email) for updated information. The problem with older methods is that if a person's phone, email, address or other details have changed it may be impossible to contact them for an update. [00188] This system provides a globally updated record to the individuals who might be authorized to view the record. The practical and substantially unique result is that a member of the system will never lose important data (phone number, address, e-mail, etc.) of their friends and colleagues who are also members and update using My Info. [00189] The specific data stored in the My Info record encompasses a variety of data fields including (but not limited to) title, first name, last name, company, job title, business address, time zone and communications records.

[00190] The communications records are tied to both different types of communications devices such as cell phone, phone, fax, pager and telex as well as different communications carriers around the world. This feature is one of the aspects of the system that makes it possible for members to utilize mobile messaging and other integrated communications.

[00191] A member adds communications "types" to their directory entry using an onscreen form. Member A clicks the "new" button in the Communications pane, and selects the communications type he wishes to add, fills in the details regarding that communications type, and clicks the "save" icon. The details just entered are written to the local database on the memory device (10) by the client software (50), and also passed by the client software (50) to the server computer (60) for storage and accessibility by other authorized members. When another member (Member B) logs in to the server computer (60), if he has been granted rights by Member A, the latest information and changes in Member A's record are passed down to the client software (50) in use by Member B by the server computer (60) and stored in the memory device (10) owned by Member B. From that point on, the updated information is visible to Member B. If member B is logged into the service at the time Member A updates his "My Info" record, Member B immediately receives the updated information by the same process outlined above. This same process occurs for every member that Member A has so authorized to have access to his personal information.

Messaging

[00192] The system may enable several types of electronic messaging, all of which are saved in the system in an unalterable archive. The system may enable Instant Messaging, also known as chat or chatting. Instant messaging is a real time text based communication. Instant messaging may be allowed between two or more system members. Because instant messaging is in real time, it can only take place between system members who are online and logged in to the system. The client may provide a system member with a list or display of all his authorized member contacts who are online and available or willing to engage in instant messaging. A system member may invite or open an instant message session with authorized member contacts that are shown as online in the display list. System members engaged in an instant message session may be able to invite other system members to the current session after it is established. System members engaged in instant messaging may type text at the host computer and transmit or send the text to all system members in the instant message session. The transmitted text may be displayed with the sender's name. The graphical presentation may allow resizing of the text, color coding of text by sender and other tools for clarity. System members engaged in an instant messaging session may be able to end their participation at any time. System members may be able to save the text of an instant messaging session as a file. System members may be able to store saved instant messages in libraries.

[00193] The invention's instant messaging may be transmitted encrypted. Instant messaging communications may pass through the server. Passing through the server may allow the destination host and the identities of participants in the instant messaging session to be encrypted.

[00194] System members may have been required to establish their identities when becoming system members. System members must authorize each other before they can interact through the system. System members must authenticate themselves by password or other factors when logging into the system. Because of this, system members can be confident of the identity of other system members, and consider the invention's instant messaging authenticated and appropriate for business use.

[00195] The messaging system may also allow messages to be addressed to a group of recipients. The user may be able to include the group name on the 'to list' of a message. The system may treat a message addressed to a group as though the 'to list' included each contact that is a member of the group. A group in this way may serve the function of a distribution list (i.e., d-list) or alias feature. The invention may extend this function to allow the same group to serve as a distribution list for other types of messaging.

[00196] The messaging system may allow an email to be addressed to a group. When sent, the email may be sent to the email address of each contact that is a member of the group. No message may be sent to a contact that for some reason lacks an email address. [00197] The system may allow a quick note to be addressed to a group. When sent, the quick note may be sent to each contact that is a member of the group. Member contacts may receive a quick note and guest contacts may receive an email, as appropriate. No message may be sent to a guest contact that for some reason lacks an email address. [00198] The system may allow an instant bookmark to be addressed to a group. When sent, the instant bookmark may be sent to each contact that is a member of the group. Member contacts may receive an instant bookmark and guest contacts may receive an email, as appropriate. No message may be sent to a guest contact that for some reason lacks an email address.

[00199] The system may allow a mobile message to be addressed to a group. When sent, the mobile message may be sent to each contact that is a member of the group. No mobile message may be sent to contact that lacks an entry for a mobile phone or pager or cell phone or other device able to accept a mobile message.

[00200] The system may allow an instant message to be opened for a group. The instant message may open or invite each contact that is a system member and logged into the server. Group members who are member contacts but not logged into to server and group members who are guest contacts may not participate in the instant message.

Quick Note

[00201] The system may allow a type of messaging known as a quick note. A system member may use quick notes in a fashion similar to email. A quick note may have a list of addressees, known as a 'to list', and a text field for the text of the message. The 'to list' for a quick note may consist of one or more of the sender's contacts. When sent, the system may distinguish between member contacts and guest contacts. The client may maintain a copy of sent quick notes by default.

[00202] When sent to member contacts, quick notes may be transmitted encrypted.

Quick notes between system members may pass through the server. Passing through the server may allow the destination hosts and the identities of member contacts to be encrypted. If an intended recipient of a quick note is not logged into the server, the quick note may be stored on the server and delivered when the intended recipient next logs in. Once delivered, the quick note may be saved by default to the client's memory.

[00203] The client's graphical interface may display a list of all quick notes, both sent and received. The client may allow quick notes to be viewed, deleted, forwarded, and replied to or other similar functions. The client may allow quick notes to be organized and sorted into folders.

[00204] System members may have been required to establish their identities when becoming system members. System members must authorize each other before they can interact through the system. System members must authenticate themselves by password or other factors when logging into the system. Because of this, system members can be confident of the identity of other system members, and consider the invention's quick notes authenticated and appropriate for business use.

[00205] When sent to guest contacts, the system may generate an email to the guest contact that includes the text of the quick note. A quick note to a guest contact may not have all the authentication and encryption advantages of a quick note to a member contact. [00206] Bookmarks

[00207] The system may allow a type of messaging known as an instant bookmark. A system member may use instant bookmarks in a fashion similar to email, but specifically to send URLs. An instant bookmark may have a list of addressees, known as a 'to list', a URL field for the URL of a web page, and a text field for the text of the message. The 'to list' for an instant bookmark may consist of one or more of the sender's contacts. When sent, the system may distinguish between member contacts and guest contacts. The client may maintain a copy of sent instant bookmarks by default.

[00208] When sent to member contacts, instant bookmarks may be transmitted encrypted. Instant bookmarks between system members may pass through the server. Passing through the server may allow the destination hosts and the identities of member contacts to be encrypted. If an intended recipient of a instant bookmark is not logged into the server, the instant bookmark may be stored on the server and delivered when the intended recipient next logs in. Once delivered, the instant bookmark may be saved by default to the client's memory. [00209] Received instant bookmarks may have a function to open a web browser or web browser window to the included URL. The purpose of sending an instant bookmark is to alert the receiver to an important or interesting web page.

[00210] The client's graphical interface may display a list of all instant bookmarks, both sent and received. The client may allow instant bookmarks to be viewed, deleted, forwarded, and replied to or other similar functions. Viewing may include the message text and opening the web page of the message URL. The client may allow instant bookmarks to be organized and sorted into folders.

[00211] System members may have been required to establish their identities when becoming system members. System members must authorize each other before they can interact through the system. System members must authenticate themselves by password or other factors when logging into the system. Because of this, system members can be confident of the identity of other system members, and consider the invention's instant bookmarks authenticated and appropriate for business use.

[00212] When sent to guest contacts, the system may generate an email to the guest contact that includes the text and URL of the instant bookmark. An instant bookmark to a guest contact may not have all the authentication and encryption advantages of an instant bookmark to a member contact.

Mobile Messaging

[00213] The system may allow a type of messaging known as mobile messaging. A system member may use mobile messaging in a fashion similar to quick notes to send text to a contacts mobile phone or other text enabled device. The system may only allow mobile messaging to a contact who's communications list includes a mobile phone or similar device that is able to accept mobile messages

[00214] A mobile message may have a list of addressees, known as a 'to list' and a text field for the text of the message. The 'to list' for a mobile message may consist of one or more of the sender's contacts. The client may maintain a copy of sent instant bookmarks by default.

[00215] Mobile messages may be transmitted encrypted from the client to the server.

Mobile messages are then forwarded by the server to the contacts mobile device. [00216] The client's graphical interface may display a list of all sent mobile messages.

The client may allow mobile messages to be resent. The client may allow mobile messages to be organized and sorted into folders.

Email

[00217] The client may include an email client. The email client may be based on current email standards, possibly including POP (Post Office Protocol), SMTP (simple Mail Transfer Protocol) and IMAP (Internet Message Access Protocol). The email client may provide all the necessary functions, allowing system members to create, send, receive, forward and reply to emails. The client's graphical interface may display a list of all emails, both sent and received. The client may allow emails to be organized and sorted into folders. [00218] The client may allow the system member to manage multiple email accounts from multiple email providers. The client may allow the system member to attach files. The client may allow HTML mail as well as plain text. The client may allow email to be composed, sent and received while the system member is not logged in to the server.

Web Browsing and Web Tours

[00219] The client may include a web browser. The web browser may include typical web browser features, including but not limited to an address (a URL or bookmark) entry and display, an address history list, forward and back buttons, a home page setting, a return to home page button, a refresh or reload current page button, print web page, stop loading web page, and so on.

[00220] The web browser may have features integrated with the system. The web browser may have a function for saving a URL or bookmark. A saved bookmark or URL may be savable to a list of URLs or bookmarks. This list of URLs or bookmarks may be automatically backed up on the server as part of the services normal operations of backing up system member data.

[00221] The web browser may allow a URL or bookmark to be saved directly to a library. A URL or bookmark saved directly to a library may be automatically made available to others who have access to that library. System members who have access to the saving library may see the bookmark when they view the library's contents. The system may automatically send the saved URL by email to any guest contacts associated with the library. This automatic sharing of library items by email is part of the guest services features further described in this patent. [00222] The client menu may display a list of a system member's saved URLs, sometimes referred to as a list of favorites or a list of bookmarks. The display list may include URLs from libraries the system member has access to regardless of who saved the URL. The display list may organize library URLs by the libraries they are saved in. The display list may provide a way to access a library's URLs without having to access all of the library's data. The client may maintain a local copy of the URL list, allowing the URLs to be accessed when there is no connection to the server. The client could be connected to the web, but not logged into the server. The client copy of the URL list may update automatically whenever the client is connected to the server. The client may have the ability to locally cache web pages and other data for viewing when offline from a network. [00223] The web browser may be integrated with the system's messaging functions.

The web browser may allow an instant URL to be sent directly from the browser. An instant URL sent directly from the browser may by default send the currently displayed URL. A system user browsing the web may be able to quickly and easily send the page he is viewing to any of his contacts. An instant URL sent to member contacts will have the authentication and encryption advantages of system based messages. An instant URL sent to members or guest contacts may automatically be sent as an email or fax or other message type, or sent through any other gateway or service as may be configured. A system user may be able to send the instant bookmark to a plurality of guest contacts and member contacts and rely on the system to automatically generate the appropriate and corresponding formats for each recipient as may be specified.

[00224] Web browsers typically leave copies (cache pages) of recently visited web pages on the hard drive of the host machine and or cookies and or bookmarks. The client web browser may avoid leaving cached web pages or other items on the host device. The client may cache web pages or other items only to the client's own memory, or the client may not cache any web pages or other items. The client may cache web pages or other items to the host's hard drive or other memory, but include a function for deleting or removing the web page cache or other items.

[00225] The system may include feature called a web tour. A web tour is an ordered collection of URLs. A web tour may have a name, a text field called a description, or other associated data, as well as a list of URLs and or cached web pages or notes or comments or threaded discussions. The URL list may have a distinct order. The web tour may have a text field known as a web note for each URL in the list. [00226] Web tours may be created by system users and may be saved to libraries or only locally to the client. The client's web browser may include special functions for use with web tours. It may provide a list of web tours derived from a system user's accessible libraries. It may provide a list of all URLs in the web tour. It may allow display of the web tour description or other associated data. It may allow the web browser to display the web page for each URL in the web tour in order. Each URL may be displayed with its associated web note or other data. Navigation functions may be available, such as: 'next -display next URL on the web tour, Previous - display previous URL on the web tour, autoplay, which would load each web resource in the web tour in an ordered or unordered sequence, etc. A system member may be able to create a web tour, add or remove URLs from an existing web tour, add or edit web notes or display the URL list of the web tour, or add, change or delete any information related to URL's and web tours.

Security

[00227] The system may include security features to protect system and data integrity.

The system may have firewalls, anti-virus, anti-spyware, host and network intrusion detection systems (IDS), encrypted virtual private network (VPN) connections and other security and monitoring systems. Further, the system generates one or more of an ED and a public and private key for each new member.

[00228] The client may include firewall functions. Firewalls prevent unauthorized access to a host computer from the network. The client may include firewall functions to protect its host computer. The client firewall may examine all network traffic leaving or entering the host computer and block traffic that does not fit a defined security policy. The server may also be protected by or integrate firewalls. The server may only allow or be shielded from network traffic that does not match the patterns of the system's clients. The server may be protected by or integrate anti-virus systems. The server may scan files being uploaded and downloaded by clients for computer viruses. The server may be protected by or integrate network intrusion detection systems. Network intrusion detection systems may scan the network traffic to and from the server for patterns that indicate intrusion attempts or for deviations from normal behavior or other methods. The server may be protected by or integrate host based intrusion detection systems. Host based intrusion detection systems may scan the server for patterns that indicate intrusion attempts or for deviations from normal behavior or other methods. [00229] The client may include anti-vims functions. Anti virus programs examine hard drives and other memory storage for computer viruses, called scanning. The anti-virus functions may scan the client or the host computer for viruses. The client may scan files being transferred between the client and host for viruses. The client may scan email, email attachments and web downloads for viruses. The client may examine files being downloaded from or uploaded to libraries. The system may provide periodic or automatic updates of virus profiles to the client.

[00230] The client may include anti-spyware functions. Spyware programs gather information from host computers and record that information locally or send it to another computer. The anti-spyware functions may scan the client or the host computer for spyware. The client may scan the host hard drive or memory for spyware. The system may provide periodic or automatic updates of spyware profiles to the client.

New Item Indicators

[00231] The client may indicate new or changed items. Examples of new or changed items may include alterations to a member's contact information, the arrival of a new message such as a quick note or email, the addition of a file to a library or a change in a library, or any other action that the system may be capable of performing. The member may open or view the new or changed item and cause the indicator so used to return a default setting. [00232] Examples of indicators may be an item or a list of related items, which may be displayed, the name of the changed or new item may be in bold font, or an alternative or flashing icon may be displayed, or an additional icon or other indicator may be included. For example, the display of a system member's contacts may be a list of contact names with adjacent icons with one contact per line. There may be different icons to distinguish graphically between member contacts, guest contacts, etc. Member contacts that have had an update to their information may have the name text displayed in bold, or the icon changed or displayed in a different color, or an additional icon or character added to the line. When system user opens and views the member contact's data, the display may return to its default. [00233] The client may include a similar display of messages, using the alternative display for new or unread messages. The client may include a similar display for calendar appointments, using the alternative display for new or unread appointments. The client may include a similar display for library items or files, using the alternative display for new or changed items. Library items may be a case where the end user may acknowledge the new item, perhaps by clicking on it, without having to download and view an entire file. The client may include a similar display for groups, using the alternative display for groups with updated membership lists. The client may include similar displays with similar characteristics for any appropriate data or data objects.

[00234] The client may present indications of new or changed items by changing the display of related items. A display of contacts may indicate that messages from specific contacts have arrived. A list of contacts may display an additional icon or other indicator next to a particular contact indicate a new quick note or email from that contact has arrived. A display of a group may indicate members that are currently logged into the server and so are available for instant messaging.

[00235] The client may include specific areas that designate that new or updated items have arrived by displaying special or flashing icons. The client may display a list of collection of items of mixed types but only those that are new or updated. The display might show member contacts that have updated their information, new appointment invitations and icons opening new messages, but this display may not show any items that have not been changed since they were last viewed.

Miscellaneous Features

[00236] The client's graphical interface may present an integrated display of multiple message types, possibly including email, mobile messages, quick notes, instant bookmarks. The display may allow an integrated view of all messages, or a view filtered by message type. The client may allow the display to be filtered or sorted by addressee or sender or subject across several message types. The client may allow text searches across multiple messages of multiple message types. The client may include a spellchecking function when composing a message. The client may allow draft messages to be saved to be finished later. The service may provide a back up function for messages that have been delivered to or are stored on the client.

[00237] The system may provide the ability for members to contribute comments to a running and ordered discussion topic, the ability for the contributions to be monitored and moderated, the ability for the contributions to include web pages and bookmarks, the ability for the contributions to be attached to web pages, wherein the ability for the discussion topic may be about a web page or defined collection of web pages in a manner that makes the web page or web pages an obvious part of the discussion set-up and contribution mechanisms. Ordered discussion topics can be linked to any shared items, including appointments, files, bookmarks, and so on. UNIQUE APPLICATIONS FOR SPECIFIC VERTICAL MARKETS

[00238] The present invention, including portable client with integrated applications and server, can be effectively tailored to meet the needs of virtually any vertical market.

Here are a few exemplary markets where embodiments of the present invention can be tailored to meet unique needs, each of which are discussed in further detail below. Knowledge Workers Shopping and E-commerce Advertising Defense and Law Enforcement Education Finance Government Healthcare Legal Insurance Real Estate Transportation Automotive Manufacturing and Retail Sporting and Outdoor Deployment Entertainment News and Publishing Sales and Marketing

KNOWLEDGE WORKER

[00239] Knowledge workers represent the broadest audience and members of other market segments can realize many of the same benefits and applications as knowledge workers. The applications and the user interface may be tailored slightly to meet their needs. So, for example, member information fields may be modified for the Healthcare marketplace to include names and phone numbers of health care providers and additional applications such as connecting the client with a blood pressure or blood glucose level monitoring device can create patient record data that can be shared securely with physicians. Likewise, in the Real Estate market, fields may be modified to include information about brokers, and a digital camera embedded in the client can be used to create visual records of property listings. Details for unique applications of the client/server/system in specific markets are described. [00240] A knowledge worker is anyone who uses a computer individually to accomplish work or share information/data with others. The information and data encompass any electronically stored information including documents, contact records, e-mail, relationships, images, audio and video. Knowledge workers must securely store, access, and share this information and data.

[00241] Knowledge workers may need a simple way to store and organize work, documents, appointments, contacts and email messages; the ability to make appointments and create and share calendar events; the ability to collaborate with a team of individuals who may be at diverse locations and create and monitor a task list to facilitate project management, the ability to dynamically and securely share information and data; the ability automatically update any file with the most recent version (see example in illustration); self- service, real-time access to data and information online and offline from any location; authenticate other users and members of Groups to ensure secure communication with known individuals; create secure offsite backups; access a centralized contact management system; have simplified access to third party services; send communications through various communication gateways (such as sending a text message from a PC to a cell phone), the ability to work from any computer. The client and server provide members the ability to accomplish all of these tasks with integrated applications.

SHOPPING AND E-COMMERCE

[00242] Members can use the portable client to achieve unique shopping capabilities.

The system offers the capability to have purchaser discrete information loaded on the client such as credit card numbers, historical purchases, favorites, sizes, delivery and shipping information, inventory status, etc. The purchaser screen offers a friendly view of credit card choices and other payment methods, access to a history of what was purchased by date with details on which credit card and payment method, etc.

[00243] Members can use the client offline to make purchasing decisions and then when they access the Internet the purchase is completed. For both purchasers and sellers the system provides a level of convenience, security and authentication that is currently unavailable in the marketplace. The purchaser (Member) may additionally use the client for the payment and or operation of rented cars, the handling of banking business, the payment of travel expenses, as a telephone calling card, gasoline station service card, restaurant and department-store card, or similar payment cards. Additionally the client can be used as a key to access an account, a virtual online or real-world shopping facility, for authentication. Additionally the client can be used in place of an identity card, club card, membership card, affinity card or other type of identification mechanism to track, record, credit, accumulate or otherwise benefit a purchaser. Scan in-store items to comparison shop later Store personal favorites for clothing sizes, colors and other preferences Store family and friend favorites for clothing sizes, colors and other preferences Gift registry Bridal registry Shopping "Dashboard" with alerts, current trend news, sale announcements, local store openings

ADVERTISING

[00244] The agency industry is all about collaboration and agency/client communication and approval of copy and ad campaign. There are many files to be shared by both clients and the multiple agency departments involved at key points along developing an ad campaign or other work. It is necessary to receive input from diverse points of view, stimulates healthy debate and allows strong ideas to emerge regardless of the source. Ultimately, the process leads to the best possible creative. Finally the Advertisement campaign must be tracked.

DEFENSE AND LAW ENFORCEMENT

[00245] From the U.S. Department of Defense (DOD) to national and local law enforcement the client and server provide a new, convenient method for sharing information privately among prosecutors, attorneys, law enforcement agencies, the court systems, expert witnesses and others involved in the legal system. The ability to store, manage, carry and access digital evidence, notes, case law and other data anywhere, anytime is both unique and essential. The client and the integrated communication applications like instant and mobile messaging can be tied into a regional, state wide communication system and used to interface with and implement automated emergency communication and life saving systems like the AMBER plan. The Calendar and the Task applications help attorneys, police officers, judges and officers of the court and other individuals involved with the legal system manage reminders, upcoming court cases, confirmation of appearances, etcetera. The system offers a higher level of secure access to higher level systems because of the introduction of an authentication token on the client.

EDUCATION

[00246] The education market includes K-12, college, university and adult education.

The portable client and server can be tailored to facilitate interactive education and testing; administration of student evaluation; ability to perform research and quickly organize the information into Groups for student and educator papers; delivery of content ranging from workbooks to curriculum to tests and voice transfer between one user and a plurality of other users.

FINANCE

[00247] In the financial market the client and server can be used to enhance real-time and asynchronous communication providing, for example, financial professionals the ability to instantly access status on loan requests; using third party services the server could provide automatic verification of individuals credit history for loan applications or ensure secure transmission of financial records and brokerage buy/sell requests. [00248] The financial market can also utilize third party data source aggregator applications. These encompass third party services that a Member may want to retrieve manage or add data from in a secure fashion. This could include aggregation of back or brokerage account data, aggregation of email from different sources, aggregation of product warranty information, aggregation of user Ids and passwords for multiple Web sites.

GOVERNMENT

[00249] Government encompasses international, national, state and local municipalities. The portable client and server solve numerous existing problems, which have not successfully been addressed by any other system. The portability of the client and the ubiquitous nature of the server (a Member can use any computer and can receive communication through non-computer channels such as phone and fax) make it easy for interagency cooperation related to any situation such as disasters. For example, if there was a dangerous fire situation, interdepartmental agencies (national, local, fire, police, etc.) could effectively coordinate information with secure Groups and information shared in Libraries. When tied into a reverse 911 exchange an official could use the client to instantly notify any group of residents about the fire situation.

[00250] Other government applications include authentication and verification of the identity of individuals who join Groups to ensure security of information access; ensure instant communications on critical communication with the integration of telephone, digital photography, instant messaging, and text, audio and video conferencing; route and approve workflow including applications like purchase orders and memorandums; establish a collaborative management structure that provides shared leadership and involvement at all project levels; maintain collaborative relationships among participants and receive feedback and debate; facilitated communication and outreach to the public and adopt standards to share and integrate data or services among partners and outside organizations.

HEALTHCARE

[00251] The healthcare marketplace depends upon secure information/data and effective communication of that information/data. Recent introduction of HIPAA (Health Insurance Portability and Accountability Act) regulations requires comprehensive security of all patient records. The client with integrated applications and the related server provide an environment that permits all of the individuals who are involved in the healthcare process the ability to securely store and share not only patient records, but all documents, contacts and information related to managed-care of any individual. A partial sample of the shareholders in this process who will benefit from the use of the client and related server include the patient, physicians, surgeons and all other medical professionals, nurses, administrative staff, ambulance and emergency medical personnel, insurance providers and staff, health claim adjustors, holistic and homeopathic healers and their staff.

[00252] The client and server provide the following unique advantages that are not available with any other type of apparatus, device or service that exists today: unique interface for the healthcare marketplace; portability of information/data; integrated offline and online communication features; secure real-time and asynchronous communications and effective and secure backup (and retrieval) of information/data.

[00253] Unique interface for the healthcare marketplace. The user interface for the

Medical Marketplace will be tailored to all the needs of this marketplace including, but not limited to, schedules, patent medical history broken down by prescribed drugs, historical blood screening and analysis, vital records, past known medical problems, family genealogical data, historical doctors and contact information. Additional screens would include image data such as x-rays, hospital and patent billing data broken into detailed sections available to medical providers, as well as to the insurance provider all under the security rules of HIPAA.

[00254] Portability of secured information/data. The secure and portable delivery of medical information is a primary goal of the healthcare marketplace. Too often medical histories are located in multiple locations, or even lost as a patient changes insurance, providers, physicians and/or moves to a new location. Requests from one physician or office to get records from another may take weeks. With the client and server a patient is empowered to securely carry their entire medical history with them to an appointment with a healthcare provider. With the availability of this comprehensive set of information and data the healthcare provider can more rapidly make diagnosis and analysis of the patient's condition. Likewise, all parties involved in the care and management of the Patient will have similar portability and anywhere, anytime access to the information and data they need. The integration of applications with data on the client is what makes our apparatus and service both powerful and totally unique. Thus, when a patient enters any health care provider's office, the health care provider (physician, insurer, etc.) does not need to install and run any software to access records, data and information because the applications are on the mobile device and auto-run from the device!

[00255] While Smart Cards (cards with either magnetic strips and/or memory chips) can and have been used to store medical information, they have an extremely limited amount of memory compared to the client and therefore offer limited ability to store the vast amount of data that comprises an individuals comprehensive medical record. Also, no other invention has A. integrated healthcare specific applications (such as our use of secure Groups for x-rays, patient billing, etc.) onto a client and B. directly tied these services and data to an server which ensures constantly updated information that can never be lost. [00256] To explain further, consider the Smart Card use of healthcare information.

First, the patient may or may not have the physician update information/data on the smart card at the time of service. If additional data becomes available after testing, the patient would be required to make another appointment to have the new data embedded on the card. With the combination of memory device and server, providers from any location can easily and securely access and update the data, thus relieving the entire burden of information management from the hands of the patient. Likewise, if a Smart Card is ever lost, the data may remain securely embedded on the card and cannot be accessed by other individuals, but the card itself is gone. With our solution, not only is the client itself completely secure, but any loss of the device causes no interruption of service as all individuals who have access permission can use the server to immediately access the securely "backed up" data and information.

[00257] Integrated offline and online communication features. The physical memory device conceived under this patent application will be capable of being handed to any individual who may need access to the information, with the knowledge that they can only access the data/information that they have rights to access. Security on the client and server can encompass the already detailed features of password and biometric protection. [00258] The specific segments of information can be broken into (or partitioned into) categories for used by medical providers, insurance providers, and others associated with the patent and business of providing medical services. Thus, users have limited access based upon their assigned privileges (for example physicians may have rights to see all records but administrative staff may only be allowed access to billing information) but different types of access (read/write).

[00259] The same system is applicable to the medical suppliers. In a collaborate manner utilizing the client and server a medical work group, such as a doctor, receptionist, nurse aid, office manager, would all have access under HIPAA rules to data they are entitled to access via identical user screens (with access controls, passwords, and access to central server system via Internet or closed system contained in the doctors office). The client and server could be utilized in any manner required to perform the medical services and support every point of the patent visit, procedures, prescriptions, historical tables, historical data, schedules, insurance, and charting.

[00260] Secure real-time and asynchronous communications. Physicians increasingly are communicating directly with patients via not only telephone, but e-mail and patients are increasingly requesting information about procedures and records. Using the client with integrated services and the server permits secure individual and group communication both in real-time and offline.

[00261] In a real time setting a patient may have opportunity or need to ask a medical professional a question. (I am short of breath should I stop taking my cholesterol medication or come in for a check up? Or how can I get Blue Cross to cover a visit to a physical therapist or massage therapist for my back pain?) With our integrated use of Instant Messaging and Instant Communication (it is an application embedded on the client) two or more individuals can have a real-time communication that may encompass typing messages, voice, image and video communication. The transmission is encrypted with SSL so as users embrace the increasingly popular use of wireless transmission (802.11, Bluetooth, etc.) and wireless locations (Starbucks, hotels, airports) their communication will be secure. [00262] To fulfill HJP AA requirements, all communication and conversations can and will be securely recorded and stored for future reference. Secure offline communications applications and services include, but are not limited to, e-mail, text to phone, document and image sharing.

[00263] Effective and secure backup (and retrieval) of information/data. The volume of medial information and data continues to explode. HIPAA regulations require healthcare providers to maintain records for an indefinite period of time (even past the lifetime of the individual patient). Clearly hospitals, doctor's offices and insurance companies are stressed on both the systems to manage storage and retrieval and physical space. Using a data center for the storage of the information/data enables us to rapidly and effectively scale up to store any amount of data. Our unique user authentication system ensures that only "authorized" individuals have access to data/information. In addition to access, if a healthcare provider, patient or user should need to recover information which they have lost or has been damaged on any other system, both the client and server provide both effective single source and redundant backup solutions. Further, we will use a variety of data scanning procedures to ensure that any malicious code (such as a computer virus) is eliminated the data/information that is sent to the server and placed in a Group.

[00264] The client may further interoperate with a medical monitoring device such as blood pressure, blood sugar and the data is stored in a record that can be shared with the patient's physician.

LEGAL

[00265] Lawyers and law firms require security and confidentiality. They may require constant communication between a team of lawyers and multiple clients who are geographically dispersed. It is not unlikely that a law firm in San Francisco will have an office in Germany and a client in Switzerland. Multiple parties writing, reviewing and working on multiple documents turns document and version control into a huge problem which is solved by our client and server architecture. Organization of all of the information/data related to any one case or client is extremely important. By using the Group feature of the server a member can easily create and manage all of the information/data for any one client and/or case. The sensitive nature of legal documents and data also require immense security. Password and biometric security of both the client and server are possibilities.

[00266] Scheduling appointments and meetings is critical for this market. The client and server provide a secure and convenient method to request attendees/members attend an appointment and then easily view the availability of those individuals. Integration with third party services can provide an enormous variety of applications for both members of the legal profession and their clients. For example, a Wizard could make it easy for parties to fill in all of the information required on a variety of legal forms related to a divorce, incorporation, etc using legal requirements of specific State and Local entities, and then automatically collate and route all of the files associated with the case or service to the appropriate individuals (a workflow management process).

TRAINING AND EDUCATION

[00267] A version of the client may be designed specifically for use in training and education environments. This version may contain features and functions beneficial to students, teachers, school administrators, trainers, teaching assistants and others who may be involved in training and education. The client may provide the ability to keep track of class schedules, course work, home work, events, communications between school staff and or each other or parents or guardians or anyone involved in the training and education process.

INSURANCE

[00268] The insurance market relies on the secure storage, retrieval, access and sharing of multiple forms of data and communication. Using our unique client, the client and server can offer specialized Wizards to manage insurance related data for individuals and for insurance providers. An individual member, for example, may use a Wizard to record all of the serial numbers and model numbers for all of their possessions. If, at any time, a claim needs to be made the valuable information is immediately available on both the secure client and the server. Another useful application is the use of voice transfer between one user and a plurality of other users via mobile messaging.

REAL ESTATE

[00269] Agents and brokers are in an extremely time-sensitive business. Using the client and server a broker can get information about a property out to other agents extremely quickly. Indeed, one completely unique application is using the client integrated with a digital camera to take photographs of properties, and then use the client to immediately share these images with a large number of prospective buyers via the server. Again, the integration of the digital photography application on the client is an example of the unique nature of this application. Integration of audio recording with the client permits the member to record any length of audio message (for example an audio overview of the neighborhood or schools) and share that with other members or guests.

[00270] The use of guest services application is apparent with the Real Estate market.

An agent wants to share a new listing with hundreds of interested individuals, all of whom may not be members. Guest services allow the agent to add all of these individuals to a group (for example, New Property Listings) by using an identifier such as e-mail address. Then, when the agent adds data (such as a new listing, digital photograph, newsletter about the market) to the Group, each of these individuals automatically receives a communication which could be a secure e-mail with a link to a Web page which is randomly generated by the system to ensure security and enables the Guest to access the data.

[00271] The volumes of paperwork that need to move between sellers/agents/mortgage firms/title companies/buyers is enormous. As a document sharing and management tool, the client and server save a tremendous amount of time and money. The security aspect described in detail in this patent application ensures privacy in communication between brokers and buyers and sellers.

TRANSPORTATION

[00272] The transportation market encompasses both the movement of human passengers as well as all types of cargo and freight both domestically and internationally. The client, server and system provide numerous advantages and unique applications. First among these is security. In air, train, automobile, boat and other forms of transportation both individuals and cargo can be secured. Individuals can use the client as an authorized form of identification (both for passenger's identification and identification of employees of the transportation industry). Individuals who work for transportation industries can use the client to record numerous forms of data including, but not limited to manifests, hazmat and handling procedures and clearance. The client can be used as a stand-alone device with integrated applications and then also used to upload and download data from the server. The client can be directly connected to any passenger or cargo and with a GPS functionality used for ongoing, real-time tracking.

AUTOMOTIVE

[00273] The automotive industry as well as drivers of automobiles can use the system to perform unique applications that address issues that encompass safety, performance, location identification and communication. The client can be connected to an onboard computing system. Using the biometric security functions described in this patent application, the client can ensure that the vehicle starts and performs for only authorized users. Voice activated controls via the client can be used to control most functions of the car ranging from temperature to mirrors. Digital data on the client can be directly played through the vehicles entertainment and communications system offering entertainment, information and communications (as when the client is integrated into a cellular phone.) When online (either in the vehicle or in another location), users of the system can access navigation systems including GPS and digital maps. It is also possible for the client and server to be used as a "token-passing" technology where users can purchase, load and use toll fees. This would dramatically reduce traffic congestion in many major metropolitan areas.

MANUFACTURING AND RETAIL

[00274] The manufacturing and retail sector can utilize the system to facilitate numerous processes ranging from the enhancement of collaboration among workgroups to manufacturing and retail processes including just-in-time manufacturing, inventory control, quality control, billing, shipping, customer service and shipping. When an IR bar-code scanner is embedded in the client it becomes possible to manage and adjust inventory and, for consumers, to check and compare prices between offline and online retailers.

SPORTING AND OUTDOOR DEPLOYMENT

[00275] A version of the client will be designed specifically for use in outdoor and sporting environments. This can deploy integrated applications that would help a sportsperson gather and distribute data related to their sport. As an example, a scuba diver could use a version of the client to gather, store and transmit information about a dive including details about depth, time, location, oxygen levels, etc. Embedded laser functionality could be used to gauge distance to objects, which will prove useful in numerous sports such as hunting or golf. Additionally, the digital imaging capabilities (audio, photography, video) of the client will provide a mechanism for recording events. Further, it is possible and envisioned that the client itself could be integrated directly into sporting goods equipment. A tennis racquet, baseball bat, bicycle, etc. could incorporate the client both for ease of transportation and the ability to record and monitor unique data elements such as the speed of a ball that is hit, distance traveled, etc. This unique data are then added to the server, shared with other members and generate unique reports about performance and skill level of the athlete.

ENTERTAINMENT

[00276] The system offers numerous applications for both the entertainment industry and the personal entertainment of all members. When the client integrates applications and hardware (such as speakers, headphone jacks) for the enjoyment of interactive video, games, audio and images, the member can upload, download, store, share, purchase and access these forms of entertainment. The portability of the client makes it possible to use the entertainment at any time, in an stand-alone or connected fashion. This versatility provides a unique mechanism for both the entertainment and retail sectors to sell and distribute their product to the marketplace.

NEWS AND PUBLISHING

[00277] The nature of the publishing and news business is such that large amounts of data (copy, images, notes, audio interviews) must be rapidly collected, transported and transmitted to teams for the creation of newspapers, books, radio, television and cable programming. The client enables all members of these industries to conduct their business in a more timely and efficient manner. Photojournalists can use the client either as a digital camera or storage device and connect to the server for rapid transmission of images. The same is true for writers and all other members of the editorial and production teams.

SALES AND MARKETING

[00278] Sales and marketing cut across all markets and applications to use the client and the server are varied. Sharing and collaboration of information and data between authenticated individuals in Groups keeps teams connected and informed. The system can also be used as a technology to track market trends and preferences of both sectors of the marketplace and individuals. It can also be used in a marketing and promotional manner to distribute promotions, discounts and other information and communication to groups of individuals who may or may not be Members of the system.

[00279] Although the present invention has been particularly described with reference to the preferred embodiments thereof, it should be readily apparent to those of ordinary skill in the art that changes and modifications in the form and details thereof may be made without departing from the spirit and scope of the invention. For example, those skilled in the art will understand that variations can be made in the number and arrangement of components illustrated in the block diagrams above. It is intended that the appended claims include such changes and modifications.

Claims

CLAIMSWhat is claimed is:

1. A system for providing mobile collaborative computing on a host electronic device, comprising: a portable client device adapted to communicate with the host; client software maintained on the portable client device and configured for execution on the host electronic device, wherein the client software is adapted to provide a plurality of collaborative computing services; one or more collaborative computing applications configured to maintain data shared between the portable client device and a plurality of other client devices; and a communications network adapted to communicate with the portable client device, the one or more collaborative computing applications and the plurality of other client devices.

2. The system of claim 1, wherein the client software includes an authentication application for identifying an authorized user of the portable client device.

3. The system of claim 2, wherein the portable client device includes one or more indicia of identification for identifying the authorized user.

4. The system of claim 2, wherein the indicia of identification includes a user ID, one or more passwords, fingerprints, retinal scan and voice characteristics.

5. The system of claim 1, wherein the collaborative computing applications are maintained on a server connected to the communications network.

6. The system of claim 1, wherein the collaborative computing applications includes an access control component adapted to provide groups of one or more authorized users with access to the shared data according to permissions assigned to the groups.

7. The system of claim 6, wherein each of the groups is defined by any one of the one or more authorized users and the permissions are initially assigned by the any one authorized user.

8. The system of claim 1, wherein the client software executes without installation on the host electronic device.

9. The system of claim 1, wherein the portable client device includes a processing component for executing a portion of the client software.

10. The system of claim 1, wherein a portion of the client software installs driver software on the host electronic device for cooperatively executing other portions of the client software.

11. The system of claim 1 , wherein communications between the portable client device and the plurality of other client devices are encrypted.

12. The system of claim 11, wherein the communications are encrypted using SSL protocol.

13. A method for providing mobile collaborative computing on a host electronic device, comprising the steps of: connecting a portable client device to the host electronic device; authenticating the identity of an authorized user of the portable client device; executing client software on the host electronic device, wherein the client software is maintained on the portable client device; and accessing collaborative computing applications to manipulate shared data, wherein the shared data is maintained across the portable client device and a plurality of electronic devices, the plurality of devices being connected to the host electronic device by a network.

14. The method of claim 13, wherein the step of authenticating includes: receiving at least one unique identifier from the authorized user; obtaining one or more factors of authentication from the portable client device; and verifying the access rights of the authorized user for the portable client device.

15. The method of claim 14, wherein the at least one unique identifier is selected from a group including a user ED, one or more passwords, fingerprints, retinal scan and voice characteristics.

16. The method of claim 15, wherein the step of authenticating is performed by the host electronic device.

17. The method of claim 15, wherein the step of authenticating is performed by the portable client device.

18. The method of claim 13, wherein a first copy of a portion of the shared data is maintained on the portable client device, a second copy of the portion is maintained on another electronic device and the first copy and the second copy are reconciled when the portable client device is connected to the another electronic device.

19. The method of claim 13, wherein the client software includes an authentication application for identifying an authorized user of the portable client device.

20. The method of claim 13, wherein the portable client device and the plurality of electronic devices communicate using one or more encryption communications protocols.

21. The system of claim 19, wherein the protocols include SSL.

22. A method for providing mobile collaborative computing services, comprising: providing a customer with a portable client device; _| authenticating the identity of the customer when the portable client device is connected to a host electronic device; receiving a copy of a portion of shared data from the portable client device; transmitting an updated version of the portion of shared data to the portable client device; receiving one or more inbound messages from the portable client device; and transmitting one or more outbound messages to the portable client device.

23. The method of claim 21, wherein the transmitting step and the receiving step use one or more encryption communications protocols.

24. A portable client for enabling mobile collaborative computing on a host comprising memory configured to store client information including software and data, wherein the client information is adapted to execute on the host without installation on the host, a communications interface adapted to enable communication between the memory and the host, a port for connecting the communications interface to the host, and an enclosure.

25. A portable client according to claim 23 and further comprising a display, one or more user input devices, and one or more features.

26. A portable client according to claim 24 wherein the one or more features includes a barcode reader.

27. A portable client according to claim 24 wherein the one or more features includes a magnetic stripe having two ends, one end being coupled to the enclosure such that the second end may be extended away from the enclosure, and a magnetic stripe reader.

28. A portable client according to claim 24 wherein the one or more features includes an infrared transceiver.

29. A portable client according to claim 24 wherein the one or more features includes a radio frequency transmitter.

30. A portable client according to claim 24 wherein the one or more features includes a radio frequency receiver.

31. A portable client according to claim 24 wherein the one or more features includes a microwave transmitter, and a microwave receiver.

32. A portable client according to claim 24 wherein the one or more features includes a Bluetooth transmitter, and a Bluetooth receiver.

33. A portable client according to claim 24, wherein the one or more features includes one or more loudspeakers, and wherein the client information is configured to provide audio output.

34. A portable client according to claim 24, wherein the one or more features includes one or more microphones, and wherein the client information is configured to receive audio input.

35. A portable client according to claim 24, wherein the one or more features includes one or more cameras.

36. A portable client according to claim 24, wherein the one or more features includes a telephone connection, and wherein the portable client is adapted to perform as a telephone.

37. A portable client according to claim 35, wherein the telephone connection is a wireless telephone connection.

38. A portable client according to claim 23 and further comprising a processor.

39. A portable client according to claim 23 and further comprising a power supply.

40. A portable client according to claim 23 and further comprising one or more, solar power generators.

41. A portable client according to claim 23 wherein the enclosure is adapted to be resistive to adverse conditions including extremes of heat and cold, immersion in liquid, mechanical shock, electrostatic discharge, and nuclear and electromagnetic radiation.