A portion of the disclosure of this patent document contains material that is subject to copyright protection. The copyright owner has no objection to the facsimile reproduction by anyone of the patent document or the patent disclosure as it appears in the patent and Trademark Office patent file or records, but otherwise reserves all copyrights whatsoever.
1. Field of the Invention
The invention relates to user authentication systems over data network systems and, more particularly, relates to a method and system for self-provisioning, through a first device, a rendezvous to ensure secure access to managed information in a user account by other devices through the rendezvous in a data network, wherein the rendezvous is generally identified by a URL, the first device, coupled to the data network, runs a first browser under a first communication protocol and the other devices in the same data network run a second browser under a second communication protocol.
2. Description of the Related Art
The Internet is a rapidly growing communication network of interconnected computers around the world. Together, these millions of connected computers form a vast repository of hyperlinked information that is readily accessible by any of the connected computers from anywhere and anytime. To provide mobility and portability of the Internet, wireless computing devices were introduced and are capable of communicating, via wireless data networks, with the computers on the Internet. With the wireless data networks, people, as they travel or move about, are able to perform through the wireless computing devices exactly the same tasks they could do with computers on the Internet.
The most common remote access paradigm is, as of today, the one in which a laptop personal computer is equipped with a wireless communication mechanism, for example, a wireless modem. This paradigm may remain useful for a considerable number of applications and users, but there has been a growing need for a mobile paradigm in which the Internet can be instantly accessed by mobile devices, such as cellular phones and personal digital assistants. The mobile devices are generally designed small in size and light in weight. With increasing data processing capabilities in the mobile devices, more and more users start carrying the devices around to materialize their unproductive time into productive time. As more commonly seen, regular mobile phones can return calls, check voice mail or make users thereof available for teleconferences anywhere and anytime, but desired mobile phones, not just reactive to calls but also proactive, can meld voice, data, and personal information with manager-like functionality into a single handset that can effectively, through a host computer, access a myriad of public and enterprise information services in the Internet.
The evolution of the mobile phones or the mobile devices has been fueled by the demand of users for immediate access to the information they are looking for. For example, a traveler may request an exact flight schedule when he is on his way to the airport, or a trader may purchase shares of stock at a certain price. The pertinent information from these transactions may include the airline and the flight number for the traveler, or the number and price of the shares being purchased by the trader. To be timely informed, a preferable way is to communicate the information requests electronically into the wireless data network. The data network, for example, connects to a flight information server or stock quote server so that the desired flight information or the current stock price can be retrieved therefrom on demand. However, it becomes troublesome or impractical to key in lengthy information queries electronically into the data network through a mobile device that typically has a keypad with a few buttons, much less functional compared to a keyboard in a personal computer system. There is, therefore, a great need for a method and system for efficiently communicating desired transactions into a data network through which the transactions can be performed or pertinent information can be retrieved, without the need to key in such information every time the transactions or the information is desired. In many cases, the desired information in a user account, especially regarding personal matters, is preferred to be confidential. Thus, there is further a need for a generic solution that provides a method and means for self-provisioning an account entry to a user account that has the proprietary information therein accessible only through the account entry.
The invention pertains to improved approaches for accessing data on a data network by a mobile device or a computing device. Typically, the mobile device (e.g., mobile telephone with a network browser) has a limited functionality user interface as compared with the full functionality user interface of the computing device (e.g., personal computer).
The invention can be implemented in numerous ways, including as a method, system, apparatus, and computer readable medium. Several embodiments of the invention are discussed below.
As a method for accessing data contained in a data network system, one embodiment of the invention includes the acts of: sending a request to a server hosting the data to retrieve the data by activating a key of a mobile device, the request being sent by executing a first set of program instructions in the mobile device, wherein the mobile device has a display screen and is in communication over a wireless data network with the server, and further, wherein the data is associated with the mobile device and is also accessible by a computing device executing a second set of program instructions and coupled to the server through a data network; receiving the data from the server via the wireless data network, the data presented in a first format interpretable by the first set of program instructions; and displaying the data on the display screen of the mobile device.
As a computer readable medium including at least computer program code, executable in a mobile device having a display screen, for accessing data contained in a data network system, one embodiment of the invention includes at least: computer program code for sending a request over a wireless data network to a server hosting the data, the data being associated with the mobile device and accessible by a computing device coupled to the server through a data network; computer program code for receiving the data from the server via the wireless data network, the data received presented in a first format displayable by the mobile device and presented in a second format when accessed by the computing device; and computer program code for displaying the data on the display screen of the mobile device.
As a computer readable medium including at least computer program code executable in a server hosting data, the data accessible by a mobile device executing a first browser and by a computing device executing a second browser, wherein the mobile device is coupled to the server through a wireless network and the computing device is coupled to the server through a data network, one embodiment of the invention includes at least: computer program code for receiving a request from the mobile device through the wireless network to access the data; computer program code for retrieving the data; and computer program code for forwarding the data to the mobile device in a first format displayable on the display screen of the mobile device.
These and other features, aspects, and advantages of the present invention will become better understood with regard to the following description, appended claims, and accompanying drawings where:
In the following detailed description of the present invention, numerous specific details are set forth in order to provide a thorough understanding of the present invention. However, it will become obvious to those skilled in the art that the present invention may be practiced without these specific details. In other instances, well known methods, procedures, components, and circuitry have not been described in detail to avoid unnecessarily obscuring aspects of the present invention.
The following detailed description of the present invention is presented largely in terms of procedures, steps, logic blocks, processing, and other symbolic representations that resemble the operations of data processing devices coupled to networks. These process descriptions and representations are the means used by those experienced or skilled in the art to most effectively convey the substance of their work to others skilled in the art. The present invention is a method and system for self-provisioning a rendezvous through a thin device to ensure secure access by other devices to information in a database in a data network. The method, along with the system or architecture to be described in detail below, is a self-consistent sequence of steps leading to a desired result. These steps or processes are those requiring physical manipulations of physical quantities. Usually, though not necessarily, these quantities may take the form of electrical signals capable of being stored, transferred, combined, compared, displayed and otherwise manipulated in a computer system or electronic computing systems. It proves convenient at times, principally for reasons of common usage, to refer to these signals as bits, values, elements, symbols, operations, messages, terms, numbers, or the like. It should be borne in mind that all of these similar terms are to be associated with the appropriate physical quantities and are merely convenient labels applied to these quantities. Unless specifically stated otherwise as apparent from the following description, it is appreciated that throughout the present description, discussions utilizing terms such as “processing,” “computing,” “verifying,” “displaying,” or the like, refer to the actions and processes of a computing system that manipulates and transforms data represented as physical quantities within the computing device's registers and memories into other data similarly represented as physical quantities within the computing device or other such device, such as storage, transmission or display devices.
Referring now to the drawings, in which like numerals refer to like parts throughout the several views.
The communication protocol in the Internet 104 is the well known HyperText Transfer Protocol (HTTP) and runs on TCP and controls the connection of a well known HyperText Markup Language Web browser, (HTML Web browser), to a Web server and the exchange of information therebetween. The communication protocol between the mobile device 106 and the link server 114 via the airnet 102 is Handheld Device Transport Protocol (HDTP) or Secure Uplink Gateway Protocol (SUGP), which preferably run on User Datagram Protocol (UDP) and controls the connection of a HDML Web browser to a link server and a set of commands or statements that specify how information is displayed. HDML stands for Handheld Device Markup Language, which is similar to that of HTML. The specifications of both HDTP and HDML, being considered as the wireless network standards, are available for additional details. Further, a reference specification entitled “Magellan SUGP Protocol,” a HTTP specification with network security features, is incorporated herein by U.S. Pat. No. 6,065,120. HDTP is a session-level protocol that resembles HTTP but without incurring the overhead thereof and is highly optimized for use in mobile devices that have significantly less computing power and memory. Further, it is understood by those skilled in the art that the UDP does not require a connection to be established between a client and a server before information can be exchanged, which eliminates the need for exchanging a large number of packets during a session between a client and a server. Exchanging a very small number of packets during a transaction is one of the desired features for a mobile device with very limited computing power and memory to effectively interact with a landline device.
Referring now to
As is well known, the Internet 104 is typically a landline network connecting computers that utilize the HTML browser. Referenced by 110 is a PC representing one of the computers that use the HTML browser running on HTTP to hyperlink to other computers/servers 132 or 134 to update/fetch information on line or simply copy files therefrom. It should be noted that “user account” and “database” have been used herein sometimes interchangeably when only one account is being addressed. It is generally understood that a database or an allocation of memory, as referenced by 130 in the
A corresponding account 144 in the database 130 is indexed by an account structure 143 comprising subscriber number 142, user information 146, a username 148 and a password 150. Subscriber number 142 is received from the link server 114 as an index to the account structure 143. The user information 146 comprises the account configuration and other account related information. The username 148 and the password 150, namely, the user credential information, control the authentication to enter the account 144 in the database 130. From the data network perspective, any computer can logon through HTTP to the rendezvous 152 identified by an address identifier, often a universal resource locator (URL) taking the form of www.xyz.com. In other words, each account in a database is exclusively associated with a rendezvous identified by a unique URL. As shown in the figure, the PC 110 establishes a communication session with the rendezvous 152 based on a given URL of the rendezvous 152. However, to access the associated account 144 in the database 130, the PC 110 must provide a set of a correct username and password to the rendezvous 152 that performs a verification thereof with the account structure 143. If the supplied username and password match those in the account structure 143, the access requested by the PC 110 is allowed. Otherwise, entry to the account 144 is denied.
The PC 110 can update information stored in the account 144 when the supplied username and password are verified. Using the powerful and familiar HTML browser in the PC 110, a user can key in frequently requested information, such as a list of stock symbols and a list of URLs of Web servers that provide services to the phone 106. All the information entered through the PC 110 becomes immediately available to the phone 106.
A process named webpwd.cpp in the code listing in the appended Microfiche Appendix A illustrates a provisioning process between the phone 106 and the link server 114 in one embodiment of the present invention. Upon the request of the phone 106, the process, specifically in a subprocess called setNameAndPasswordState(), allows the phone 106 to supply a username and a password and then send the newly supplied credential information to a second subprocess called submitState() that checks if the entered username and password are acceptable, namely the username and password should have a certain length and contain no spaces or unrecognized characters with respect to a general rule of being a username and password. If the username and password are not acceptable, the subprocess submitState() returns to the phone 106 with a corresponding message being either “You must enter a name” or “You must enter a password.” Otherwise, the newly entered username and password are sent to another subprocess called SetUserAuth() in a process called HTTPDBMSUserDB. The subprocess SetUserAuth()updates the username and password in the account structure 143, which immediately requires all subsequent logins to the rendezvous 152 with the newly supplied username and password. A subprocess Authenticate() examines a set of a username and password supplied by the PC 110 and compares the username and password from the PC 110 to the ones in the account structure 143. If the comparison is successful, the subprocess Authenticate() returns a AuthPass flag that allows the PC 110 to access the account in the database. Otherwise, it returns a flag that denies the admission of the PC 110 to the account.
It should be noted that the communication between the phone 106 and the link server 114 is through the airnet 102 as shown in FIGS. 1 and 2.a. Messages carrying proprietary information traveling in the air are not secure. To transact credential information over the open space to provision the rendezvous, a user must have an efficient, reliable and secured manner to conduct private communications with the link server. According to one embodiment of the present invention, an authenticated and secure session between the cellular phone 106 and the link server 114 must be in place before the cellular phone provisions the rendezvous through which the user accesses his/her account from other computers. It is necessary to refer to an architecture of a mobile phone before proceeding with the detailed description of creating the authenticated and secure communication between a user's phone (client) and a server.
To establish a secured communication between a cellular phone (a client) and a server, an authentication process must be conducted first to ensure that only interested parties are actually in the communication therebetween. According to one embodiment of the present invention, the code listing thereof being provided in the appended Microfiche Appendix, the process is complete through two rounds of independent authentication, one being the client authenticated by the server, referred to as client authentication, and the other being the server authenticated by the client, referred to as server authentication. Further, each authentication is completed in two separate steps for a high grade of security, which will be described in detail below. The success of the mutual authentication processes provisions and evidences that the two communicating parties possess a valid shared secret encrypt key through a mutual decryption and a challenge/response mechanism. The mutual decryption mechanism comprises the steps of mutually recovering encrypted messages from two involved communicating parties. The challenge/response mechanism, referred to as nonce verification, verifies a predetermined relationship between a sent nonce and a received derivative thereof.
In one preferred embodiment of the present invention, the authentication process is conducted with three message exchanges; a Session Request (SR) 174, a Session Reply (SP) 176, and a Session Complete (SC) 178.
Further, the cipher in the Session Request 174 includes an identifier to an encryption algorithm and associated parameters thereof. To be more specific, the first byte in the cipher represents an identifier to a combination of the encryption algorithm, the key size (e.g., 128-bit for the U.S. or 40-bit for foreign countries) and content of a security attachment thereto; and the second byte in the cipher indicates the additional parameters related to the first byte. For example, value 1 in the first byte indicates that the encryption algorithm is block cipher RC5, the key size thereof is 128 bit, a two byte check-sum therein is used as the MAC (Message Authentication Code), no IV (Initialization Vector for block ciphers) therefor is transmitted over the network, and padding bytes are added if necessary. The block cipher algorithm RC5 is part of the RSA's BSAFE product. It can be further appreciated that the identifier in the cipher may be assigned to a unique value to identify a non-secure session if so desired. The C-nonce is a non-repeatable number initially and randomly generated in the client and the modified version thereof; C-nonceModified is generated from the C-nonce through an operational relationship. For example, the Exclusive-OR relationship or expressed as follows:
C-nonceModified=2−byte-number ⊕ C-nonce.
It can be appreciated by those who are skilled in the art that there are many ways to get the C-nonceModified from a C-nonce, the Exclusive-OR is one of the operational relationships used in one embodiment of the present invention. Both C-nonce and C-nonceModified are encrypted using the shared secret encrypt key between the client 170 and the server 172. The purpose of the C-nonceModified is to provide the server that receives the Session Request with means for ensuring that C-nonce is correctly decrypted and validated by examining the C-nonce and its relationship with the C-nonceModified. Both should not be altered after a successful decryption of the C-nonce and the C-nonceModified. In other words, a Session Request message or signal may be expressed as follows:
SR={session ID, cipher, device ID, Encry[nonce, nonceModified]};
where Encry[] means that the parameters or contents in the bracket are encrypted accordingly. When the Session Request is sent by the client to the server to request a session creation, both C-nonce and C-nonceModified are encrypted according to the cipher the client is using at the time the Session Request is sent out.
Upon receiving the Session Request from the client 170, the server 172 creates a server proto-session for the client 170 with a session identifier, referred to as session ID, to identify the session context for the session just created in the server 172. A server proto-session is a session entry marked as a proto status in a session table, which indicates that the session is not authenticated and is not able to conduct any transactions with the client. It is understood to those skilled in the art that the proto-session can be kept in the RAM of the server. If a proto-session already exists for that client, it is re-used. The information in the received Session Request is saved in the server proto-session. If the server 172 is satisfied with the fact that the client is known, namely Encry[C-nonce, C-nonceModified] in the received Session Request are successfully decrypted with the shared secret encrypt key, step one in the client authentication process is successful and a corresponding session key is generated and stored with the server proto-session entry. It may be noted herein that many encryption schemes used in this invention, such as the scheme utilizing RC5, have a procedure that adds and validates the Message Authentication Code, such as the check-sum, to assure that the encrypted message is correctly decrypted. The procedure, every time the decryption takes place, is used herein to examine the transaction integrity, namely to ensure the received messages or signals are unaltered in the cause of data transmission. If step one in the client authentication is not successful, namely, if Encry[C-nonce, C-nonceModified] in the received Session Request are not fully decrypted or supported, the proto-session is aborted and removed from the proto session table, resulting in a failed session creation. What the support means herein is the cipher proposed or used by the client is also used by the server, for example, the client uses the RC5 encryption to encrypt Encry[C-nonce, C-nonceModified]; to decrypt to Encry[C-nonce, C-nonceModified], the server must be equipped with the same RC5 encryption capability therein. If Encry[C-nonce, C-nonceModified] can not be successfully decrypted due to other reasons such as transmission errors, the client must reinitiate a new session request to the server in order to establish a secure communication with the server. To challenge step two of server authentication subsequently at the client side, a derivative of the client nonce or C-nonce is generated therefor. In one embodiment of the present invention, the derivative is created by adding a constant to the client nonce, for example, derivative=C-nonce+1. The purpose of the derivative is to provide the client with means for reassuring that the C-nonce is correctly decrypted by the server and the server is the correct server with which the client should be in communication.
Right after the successful step one client authentication, the server 172 responds to the client with a Session Reply (SP) 176 to begin a second round of authentication; server authentication. The Session Reply 176 comprises the following information:
In other words, the Session Reply can be expressed as follows.
SP={C-SID, Encry[sessionID, key, S-nonce, derivative, cipher]}
When the client 170 receives the Session Reply 176 from the server 172, it performs the step one server authentication, which is considered successful if Encry[sessionID, key, S-nonce, derivative, cipher] in the received Session Reply 176 is decrypted successfully with the shared encrypt key. If the step one server authentication fails, the client 170 discards the Session Reply 176 and a new session creation may be started over again. Upon the success of the step one server authentication, the client 170 proceeds with the step two server authentication; namely, the predetermined relationship between the C-nonce and the derivative thereof should be held for a successful step-two server authentication.
C-nonce=derivative−1
If the C-nonce derived from the Session Reply 176 is the same as the C-nonce originally generated by the client, the step two server authentication is successful; hence, the server 172 is considered authenticated, trusted from the viewpoint of the client, and the Session Reply 176 is accepted as a valid message, which means that the client 170 then uses the session key and other information in the Session Reply 176 for the session being created. Only after completing both steps of the server authentication successfully, the client 170 marks the session as committed, which means that transactions can be conducted subsequently in the session, again only from the viewpoint of the client 170. If the predetermined relationship between the client nonce and the derivative thereof does not hold, the step two server authentication fails and the received Session Reply 176 is discarded. The client 170 may abort the session creation process if no further Session Replies are received and pass both steps of the server authentication process during the time period allowed for a session creation. To provide the server with means for reassuring the client authentication by itself through the client, a derivative of the S-nonce, similar to the derivative of the C-nonce, is generated.
The client 170 then sends the server 172 a Session Complete (SC) 178 to complete the session creation process. The Session Complete 178 comprises the following information:
SC={Encry[derivative]};
where the derivative is the client's response to the server nonce challenge, namely the result of the verification. The derivative is used by the server 172 for step two client authentication. Further, it is noted that the Session Complete 178 is an encrypted message, meaning that the client encrypts the information in the Session Complete 178 according to either its own cipher or the server proposed cipher. Generally the client 170 encrypts the information in the Session Complete 178 according to the server proposed cipher if it accepts the server proposed cipher, otherwise, it encrypts the Session Complete according to its own cipher.
Upon receipt of the Session Complete 178, the server 172 tests if the client 170 uses its own proposed cipher or the server proposed cipher by decrypting the Session Complete twice using the two ciphers if necessary. If the server 172 decrypts the encrypted message in the Session Complete 178 and verifies the relationship thereof with the S-nonce, the step two client authentication is considered successful. Subsequently, the server 172 promotes the server proto-session to the active session and the session creation process is completed, thereby an authenticated and secure communication session is established between the client and the server. Any transactions in the established communications session are now encrypted by the session key created in the server according to a cipher mutually agreed to by both the client and the server, thereby the transactions between the client and the server are truly proprietary. A code listing of one embodiment of the mutual authentication is listed in U.S. Pat. No. 6,233,608.
Referring now to
As part of the procedures to activate a cellular phone, a user account, or sometimes called a device account, is created in the server 250, the account is exclusively associated with the phone or client 200. In other words, each mobile device in the data network has its own account identified by a corresponding device ID and subsequently a subscriber number in the server 250. The account for the client 200 is therefore created and configured at 252 according to services subscribed by the client 200. Meanwhile a corresponding account structure, similar to 143 in
When a user desires to update his personalized information in his account, he needs to first self-provision the rendezvous associated with his account using the client 200. As is shown in
Meanwhile, as shown in
Meanwhile, as is shown in
With the newly updated user credential information, the user can now log onto the rendezvous from any computer in the data network. A PC connected to the data network (not shown), is equipped with a familiar HTML-based browser. As an example, it is assumed that a user has just provisioned a rendezvous with a username being “marylee” and the corresponding password being “123456”. The user now goes to a networked PC that runs a browser and logs onto the rendezvous based on the URL of the rendezvous.
The contents in the exemplary pages shown in
The present invention has been described in sufficient detail with a certain degree of particularity. It is understood to those skilled in the art that the present disclosure of embodiments has been made by way of example only and that numerous changes in the arrangement and combination of parts as well as steps may be resorted without departing from the spirit and scope of the invention as claimed. For example, any mobile devices equipped with a micro browser, e.g., HDML browser, may be connected, using an adapter, to the Internet directly without going through the airnet. The emerging Internet-enabled electronic appliances are also Internet-connected, all have limited computing power and keypads but are capable of communicating with a server in a data network. The mutual authentication between such devices and the server thus becomes less complicated. The mutual authentication needs a process of having the client, such as a controller of the electronic appliance, authenticated by the server and having the server authenticated by the client. The process can be carried out in existing encryption mechanisms in HTTPS (an extended version of HTTP with built-in security), in which case, the link server could be replaced by a built-in capability in the device, or the HTTPS or the transceiver or somewhere in the connection to the Internet. The principles of the present invention may still be practiced in such configuration. Accordingly, the scope of the present invention is defined by the appended claims rather than the foregoing description of one embodiment.
This application is a divisional application of U.S. application Ser. No. 09/410,859, filed on Oct. 1, 1999 now U.S. Pat. No. 6,895,234, entitled “Method and Apparatus for Accessing a Common Database from a Mobile Device and a Computing Device,” which is a continuation of prior application Ser. No. 08/987,346, filed on Dec. 9, 1997, entitled “Method and Architecture for Self-Provisioning a Rendezvous to Ensure Secure Access to Information in a Database from Multiple Devices,” now U.S. Pat. No. 6,065,120, which is hereby incorporated herein by reference.
Number | Name | Date | Kind |
---|---|---|---|
5195130 | Weiss et al. | Mar 1993 | A |
5321840 | Ahlin et al. | Jun 1994 | A |
5434918 | Kung | Jul 1995 | A |
5610910 | Focsaneanu | Mar 1997 | A |
5673322 | Pepe | Sep 1997 | A |
5689642 | Harkins | Nov 1997 | A |
5689825 | Averbuch | Nov 1997 | A |
5703942 | Pinard | Dec 1997 | A |
5704029 | Wright, Jr. | Dec 1997 | A |
5708780 | Levergood | Jan 1998 | A |
5717923 | Dedrick | Feb 1998 | A |
5721827 | Logan | Feb 1998 | A |
5727159 | Kikinis | Mar 1998 | A |
5732074 | Spaur | Mar 1998 | A |
5740430 | Rosenberg | Apr 1998 | A |
5742905 | Pepe | Apr 1998 | A |
5754939 | Herz | May 1998 | A |
5764235 | Hunt | Jun 1998 | A |
5796832 | Kawan | Aug 1998 | A |
5802276 | Benantar | Sep 1998 | A |
5805159 | Bertram | Sep 1998 | A |
5805803 | Birrell | Sep 1998 | A |
5809415 | Rossmann | Sep 1998 | A |
5815665 | Teper | Sep 1998 | A |
5825759 | Liu | Oct 1998 | A |
5828833 | Belville | Oct 1998 | A |
5835577 | Disanto | Nov 1998 | A |
5838682 | Dekelbaum | Nov 1998 | A |
5844972 | Jagadish | Dec 1998 | A |
5848161 | Luneau | Dec 1998 | A |
5857201 | Wright, Jr. et al. | Jan 1999 | A |
5862325 | Reed | Jan 1999 | A |
5862330 | Anupam | Jan 1999 | A |
5862339 | Bonnaure | Jan 1999 | A |
5867153 | Grandcolas | Feb 1999 | A |
5867661 | Bittinger | Feb 1999 | A |
5867688 | Simmon et al. | Feb 1999 | A |
5884312 | Dustan | Mar 1999 | A |
5887171 | Tada | Mar 1999 | A |
5890155 | Steinman | Mar 1999 | A |
5896444 | Perlman | Apr 1999 | A |
5901287 | Bull | May 1999 | A |
5903845 | Buhrmann | May 1999 | A |
5905251 | Knowles | May 1999 | A |
5907547 | Foladare | May 1999 | A |
5918019 | Valencia | Jun 1999 | A |
5923756 | Shambroom | Jul 1999 | A |
5926624 | Katz | Jul 1999 | A |
5926636 | Lam | Jul 1999 | A |
5937041 | Cardillo, IV et al. | Aug 1999 | A |
5954799 | Goheen | Sep 1999 | A |
5987256 | Wu et al. | Nov 1999 | A |
6034963 | Minami et al. | Mar 2000 | A |
6049821 | Theriault et al. | Apr 2000 | A |
6058422 | Ayanoglu et al. | May 2000 | A |
6065120 | Laursen | May 2000 | A |
6119137 | Smith et al. | Sep 2000 | A |
6167409 | DeRose et al. | Dec 2000 | A |
6169992 | Beall | Jan 2001 | B1 |
6178433 | Nakamura | Jan 2001 | B1 |
6209026 | Ran et al. | Mar 2001 | B1 |
6233608 | Laursen | May 2001 | B1 |
6317781 | DeBoor | Nov 2001 | B1 |
6377886 | Gotou | Apr 2002 | B1 |
6393014 | Daly et al. | May 2002 | B1 |
6610105 | Martin | Aug 2003 | B1 |
6795708 | Patel | Sep 2004 | B1 |
6845102 | Bendelac et al. | Jan 2005 | B1 |
6895234 | Laursen | May 2005 | B1 |
Entry |
---|
Bartlett, Joel F., “Experience with a Wireless World Wide Web Client,” Digital WRL Technical Note TN-46, Mar. 1995, pp. 1-7. |
Gessler et al.,“PDSs as Mobile WWW Browsers,” Computer Networks & ISDN Systems, vol. 28, #1-2, 1995, pp. 53-59. |
Kaashock et al., “Dynamic Documents: Mobile Wireless Access to the WWW,” Proceedings of the IEEE Workshop on Mobile Computing Systems and Applications, Dec. 1994, pp. 1-6. |
Kaashock et al., “Dynamic Documents: Extensibility and Adaptability in the WWW,” Proceedings of the IEEE Workshop on Mobile Computing Systems and Applications, Dec. 1994, pp. 1-10. |
Lijeberg et al., “Optimizing World-Wide Web for Weakly Connected Mobile Workstation: An Indirect Approach,” SDNE, Jun. 5-6, 1995, pp. 1-8. |
Schilit et al., “Context-Aware Computing Applications,” Proceedings of the IEEE Workshop on MobileComputing Systems and Applications, Dec. 1994, pp. 1-7. |
Schilit et al., “Tele Web: Loosely Connected Access to the World Wide Web,” Fifth International World Wide Web Conference, May 6-10, 1996, pp. 1-14. |
Voelker et al., “Mobisaic: An Information System for a Mobile Wireless Computing Environment,” Proceedings of the IEEE Workshop on Mobile Computing Systems and Applications, Dec. 1994, pp. 53-59. |
Allaire Announces Partnership with Unwired Planet to Deliver Web Applications to Wireless Internet Devices; Allaire's Cold Fusion Web Application Development Tool will Support Unwired Planet's UP.Link Software Platform for Wireless Web Devices such as AT&T's PocketNet Cellular Phone, BusinessWire, Dec. 4, 1996, 4 pgs. |
AT&T PocketNet Phone, Fact Sheet. AT&T Wireless Services, Jul. 1996, 1 pg. |
AT&T PocketNet Service User's Guide, AT&T Wireless Services, Aug. 2, 1996, 31 pgs. |
AT&T Wireless Services, Developing Applications for the PocketNet Phone, White Paper, Oct. 11, 1996, 14 pgs. |
AT&T Wireless Services, How to Use AT&T PocketNet Service, Aug. 21, 1996, 20 pgs. |
Bartlett, Experience with a Wireless World Wide Web Client, Proceedings of the 40th IEEE Computer Society International Conference, San Francisco, CA, Mar. 5-9, 1995, 5 pgs. |
Bartlett, W4—The Wireless World Wide Web, Proceedings of the 1994 First Workshop on Mobile Computing Systems and Applications, Santa Cruz, CA, Dec. 8-9, 1994. 4 pgs. |
Bellcore Media Alert, U.S. Robotics Mobile Communications Corp. to Demonstrate First Wireless Web Browser using New Bellcore AirBrowse™ Software, Sep. 17, 1996, 1 pg. |
Bellcore, AirBoss Family of Software Solutions, 1996, 10 pgs. |
Cassel, Proof of Concept—Interactive Delivery of SMS and HDML Information Services, Bell Mobility Business and Applications Development, Nov. 20, 2006, 9 pgs. |
ClariNet Communications Press Release, ClariNet Communications and Netscape Launch Inbox Direct Program, Business Wire, Oct. 2, 1996, 3 pgs. |
Cold Fusion HDML SDK: An Overview of Wireless Web Applications, Mar. 8, 1997, 4 pgs. |
Courtois, Portal: A PDA-to-World-Wide-Web Interface, FDA Developers 3.1, Jan./Feb. 1995, 3 pgs. |
Crispin, RFC 1730: Internet Message Access Protocol—Version 4, Internet Engineering Task Force, Network Working Group. Dec. 1994, 77 pgs. |
Damir, The Convergence of Internet and Wireless Communications, Handheld Systems, v. 5.5, Sep./Oct. 1997, 64 pgs. |
Delespinasse, Rover Mosaic: E-mail Communication for a Full-Function Web Browser, MIT Thesis, May 26, 1995, 43 pgs. |
Fox, Adapting to Network and Client Variability via On-Demand Dynamic Distillation, Proceedings of the 7th international conference on Architectural support for programming languages and operating systems (ASPLOS-VII), ACM, New York, NY, USA, 1996, 12 pgs. |
Fox, GloMop: Global Mobile Computing by Proxy, Sep. 13, 1995, 2 pgs. |
Gareiss, A Value-Added Service With Brains, Data Communications, vol. 24, No. 1, Jan. 1995, 3 pgs. |
Gessler, PDAs as Mobile WWW Browsers.Computer Networks and ISDN Systems, vol. 28, No. 1-2, 1995, 11 pgs. |
Glassman, Cordless Magic Link, sent to Magic Cap Discussion List, Jun. 2, 1995, 1 pg. |
Glassman, Cordless Magic Link-Clarification, sent to Magic Cap Discussion List, Jun. 3, 1995, 1 pg. |
Glassman, Wireless Magic Link, sent to Magic Cap Discussion List, Jul. 7, 1995, 1 pg. |
Hall, HP's OmniGo 700LX Communicator Plus, The HP Palmtop Paper, vol. 4, No. 6, Nov./Dec. 1995, 3 pgs. |
Housel, WebExpress: A System for Optimizing Web Browsing In A Wireless Environment, MobiCom '96 Proceedings of the 2nd Annual International Conference on Mobile Computing and Networking 108, 1996 pp. 108-116. |
Individual, Inc. Press Release, Individual Inc. and Netscape Launch Personalized News Service for Netscape 3.0 Users, Financial News, Sep. 10, 1996, 2 pgs. |
Jacobs, Metricom's Second Wireless Network. InternetWeek, Sep. 9, 1996, 2 pgs. |
Joshi, On Mobile Systems and Disconnected Browsing of Distributed Information, Computer Science. Technical Reports, Paper 1295, Purdue University, Jun. 1, 1996, 30 pgs. |
Kaashoek, Dynamic Documents: Extensibility and Adaptability in the WWW, MIT Laboratory for Computer Science, Cambridge, MA, Sep. 15, 1994, 12 pgs. |
Kaashoek, Dynamic Documents, Mobile Wireless Access to the WWW, MIT Laboratory for Computer Science, Aug. 12, 1994, 6 pgs. |
Kiiskinen, Data Channel Service for Wireless Telephone Links, Department of Computer Science, University of Helsinki, Jan. 1996, 20 pgs. |
Lamb, Lotus Notes Network Design, McGraw Hill, 1996, 279 pgs. |
Liljeberg, Optimizing World-Wide Web for Weakly Connected Mobile Workstations: An Indirect Approach, Dept. of Computer Science, Univ. of Helsinki, 1995, 8 pgs. |
Magic Cap Means Communication, General Magic Inc., 1994, 31 pgs. |
Memorandum of Understanding between YRLESS Internet Corporation (“YRLESS”) and Bell Mobility Cellular Inc . . . (“BMC”), Nov. 30, 1996, 1 pg. |
Mercury Mail Inc. Press Release, Web-Style E-mail Now Widely Available, .Financial News, Oct. 2, 1996, 1 pg. |
Mills, A Ricochet for Users About Town; This Internet Link Points More to Local Access, The Washington Post, Nov. 18, 1996, 3 pgs. |
Netscape Communications Corporation Press Release, Netscape Announces Availability of Netscape Navigator 3.0 With Free Offer of High Quality Content Delivered Directly to User's Inboxes, Aug. 19, 1996, 3 pgs. |
Netscape Communications Corporation Press Release, Netscape In-Box Direct for Suitespot Brings Tailored News Delivery to Enterprise Users. Nov. 18, 1996, 2 pgs. |
Netscape Communications Corporation Press Release, Netscape Inbox Direct Service Announced Today Offers Customized News Delivery for Netscape Navigator Users, PR Newswire, Aug. 19, 1996, 3 pgs. |
Netscape Communications Corporation Press Release, The New York Times and Netscape Deliver First Personalized Edition Of The New York Times at No Charge to Millions Via Netscape Navigator, Financial News, Aug. 19, 1996, 2 pgs. |
Newton Internet Enabler User's Manual, Apple Computer Inc., 1997, 29 pgs. |
Nokia 9000 Communicator User's Manual, Nokia Mobile Phones, 1995, 98 pgs. |
Nokia 9000i Communicator User's Manual, Nokia Mobile Phones, Jun. 7, 1998, 126 pgs. |
Now—Internet Access From Your Cellular Phone, Brochure, Unwired Planet, 1996, 4 pgs. |
O'Hara, Microsoft Windows CE for the Handheld PC, 1997, ???? pgs. |
PageBlazer, UP.Link Ignite Wireless Intranet Applications, Business Wire, Aug. 20, 1996, 2 pgs. |
Pyle, The Architecture of Lotus Notes, Lotus Notes Advisor, Premier Issue, Feb. 1995, 15 pgs. |
RIM, TAD-95 Competition, Final Report, Apr. 28, 2008, pp. 1-12. |
Seybold, New Technologies, Existing Carriers. Andrew Seybold's Outlook on Communications and Computing. vol. 14, No. 12, Jul. 26, 1996, 44 pgs. |
Seybold, Notebook Computers, Two Companies, Two Approaches, Andrew Scybold's Outlook on Communications and Computing. vol. 15, No. 1, Aug. 23, 1996, 40 pgs. |
Seybold, PDAs: An Update, Andrew Seybold's Outlook on Communications and Computing, vol. 14, Nos. 4/5, Nov./Dec. 1995, 43 pgs. |
Software License and Support Agreement, Unwired Planet, Inc. And AT&T Wireless Services Inc., May 1, 1996, 109 pgs. |
Sony's New Magic Link Personal Communicator, NewsBytes News Network, Sep. 29, 1994, 2 pgs. |
Taylor, Inside the Firewall—A wireless future: Ricochet modems keep users in touch, InfoWorld, Dec. 2, 1996, 2 pgs. |
The AT&T PocketNet Phone Ushers in Era of the Wireless Internet Appliance, Unwired Planet, Jul. 11, 1996, 4 pgs. |
Unwired Planet Brings the Web to Cellular Telephones and Pagers; Company's open UP.Link platform brings Web, intranet access to pocket-size cellular phones and two-way pagers, Business Wire, Jul. 11, 1996, 4 pgs. |
Using the UP.Browser, Unwired Planet, Jul. 1997, 72 pgs. |
Using UP.Mail, Unwired Planet, Jul. 1997, 54 pgs. |
Voelker, Mobisaic: An Information System for Mobile Wireless Computing Environment, Proc. of Workshop on Mobile Computing Systems and Applications, Santa Cruz, CA, Dec. 8-9, 1994, 7 pgs. |
Wayner, Agent-Enhanced Communicator, Byte, Feb. 1995, pp. 103-104. |
Wolf, The Ricochet wireless modem keeps you in touch, Computer Shopper, vol. 16, No. 12, Dec. 1, 1996, 3 pgs. |
Joshi, A. et al., “Mowser: Mobile Platforms and Web Browsers,” Bulletin of the IEEE Technical Committee on Operating Systems and Application Environments, vol. 8, No. 1, 1996. |
Sony Corporation, “MagicLink User's Guide: PIC-1000 Personal Intelligent Communicator,” 1994. |
Unwired Planet, Inc., “UP.Link Developer's Guide,” Version 1.0, Part No. UDG-10 (document dated Jul. 1996; known publication date May 22, 1997). |
Unwired Planet, Inc., “HDML Language Reference,” Version 1.0, Part No. HLR-10 (document dated Jul. 1996; known publication date May 22, 1997). |
Unwired Planet, Inc., “Using UP.Mail,” Version 1.0.1, Part No. UPME-101-DOC (document dated Aug. 1996; known publication date May 22, 1997). |
Unwired Planet, Inc., “Using the UP.Browser,” Version 1.0.1, Part No. UPBR-101-DOC (document dated Aug. 1996; known publication date May 22, 1997). |
United States International Trade Commission, “Respondents Research in Motion Ltd., Research in Motion Corp., and Apple Inc.'s Joint Motion for Summary Determination of Invalidity of U.S. Patent No. 6,233,608 Pursuant to 35 U.S.C. §§ 102 & 103,” in the Matter of Certain Devices for Mobile Data Communication, Investigation No. 337-TA-809, Aug. 15, 2012. |
United States International Trade Commission, “Unwired Planet, Inc.'S Memorandum of Points and Authorities in Opposition to Apple Inc., Research in Motion, Ltd., and Research in Motion Corporation's Motion for Summary Determination of Invalidity of U.S. Patent No. 6,233,608 Pursuant to 35 U.S.C. §§ 102 & 103 (Motion No. 43),” in the Matter of Certain Devices for Mobile Data Communication, Investigation No. 337-TA-809, Aug. 31, 2012. |
United States International Trade Commission, “Order No. 46: Construing the Terms of the Asserted Claims of the Patents at Issue,” In the Matter of Certain Devices for Mobile Data Communication, Investigation No. 337-TA-809, Sep. 28, 2012. |
United States International Trade Commission, “Order No. 60: Initial Determination Granting Complainant's Unopposed Motion for Termination of the Investigation Based on Withdrawal of the Complaint,” In the Matter of Certain Devices for Mobile Data Communication, Investigation No. 337-TA-809, Oct. 12, 2012. |
Number | Date | Country | |
---|---|---|---|
Parent | 09410859 | Oct 1999 | US |
Child | 10870852 | US |
Number | Date | Country | |
---|---|---|---|
Parent | 08987346 | Dec 1997 | US |
Child | 09410859 | US |
Number | Date | Country | |
---|---|---|---|
Parent | 10870852 | Jun 2004 | US |
Child | 12700369 | US |