The present invention relates generally to privacy and security policies in wireless communication networks. More specifically, the present invention relates to managing privacy and security policies in wireless communication networks.
As wireless communication technology continues to develop, it is expected that all digital computing, data storage and media storage devices will be equipped with wireless networking functionality. These wireless devices will become part of ad-hoc communication networks that form from the mere existence of communications-enabled devices in a certain geographical area. When this happens, current methods of managing security and privacy policies will become unworkable because these methods are typically based around a centralized server, or a fixed network infrastructure. These methods perform poorly when ad-hoc communication networks are formed by mobile devices.
Ad-hoc network architecture, also called mesh networks or wireless mesh networks, are decentralized, relatively inexpensive, and very reliable and resilient, as each node only transmits as far as the next node. Nodes act as repeaters that transmit data from nearby nodes to peers that are too far away to reach, resulting in a network that can span large distances, especially over rough or difficult terrain. Mesh networks are also extremely reliable, as each node is connected to several other nodes. If one node drops out of the network, due to hardware failure, for example, neighboring nodes are used as an alternative route. Extra capacity can be installed by simply adding more nodes. Mesh networks may involve either fixed or mobile devices.
Ad-hoc network architecture uses data transmission protocols that are similar to Internet Protocol (IP), which is used to transmit packets around the wired Internet. Data will be routed from one device to another until the data reaches its destination. Dynamic routing capabilities included in each device facilitate this. To implement dynamic routing capabilities, each device may communicate its routing information to every device it connects with. Each device then determines what to do with the data it receives—either pass it on to the next device or keep it.
In a traditional wireless network where laptops connect to a single access point, for example, a fixed amount of bandwidth is shared by all of the users. As more laptops are connected, less bandwidth is available for each user. In mesh and adaptive radio networks, devices will only connect with other devices that are in a predetermined range. The advantage is that, like a natural load balancing system, as more devices join the network more bandwidth becomes available, provided that the number of hops in the average communications path is kept low. To prevent increased hop count from counteracting the advantages of multiple devices, one common type of architecture for a mobile mesh network includes multiple fixed base stations with “cut through” high-bandwidth terrestrial links that provide gateways to services, wired parts of the Internet, and other fixed base stations.
What is missing from the prior art is a simple way for privacy policies to be deployed over a wide range of geographic domains in an ad-hoc or mesh network infrastructure. Therefore, there is a need for managing privacy policies across both stationary wired and wireless network and mobile ad-hoc networks.
The present invention is a method and system for managing privacy policies in ad-hoc networks by way of spatial and temporal landmarks. A privacy policy is associated with a geographic or temporal landmark, which is associated with a domain. An information system selects an appropriate privacy policy for a wireless transmit/receive unit (WTRU) associated with a landmark.
A more thorough understanding of the present invention may be had from the following detailed description, to be read in conjunction with the following drawing figures, wherein:
The present invention will be described in more detail with reference to the drawing figures wherein like numerals indicate like elements.
As referred to herein, a wireless transmit/receive unit (WTRU) includes, but is not limited to, a cell phone, pager, laptop, user equipment (UE), mobile station (MS), a fixed or mobile subscriber unit, or any other device capable of operating in a wireless communication system. As referred to herein, the term ‘access point’ includes but is not limited to a base station, a Node-B, a site controller, or any other type of interfacing device in a wireless environment. As used herein, the term ‘privacy policy’ includes, but is not limited to, information and settings relating to file access, including what devices can access files, store files, delete files and other information on a given device, security settings, communication settings, input/output configurations, cryptography keys, passwords, file access restrictions, and other privacy and security information typically used to control access to or prevent unauthorized access of wireless devices. The term ‘landmark’ as used herein refers to the identity of a given geographic domain. A WTRU may operate in the given geographic domain, in which case the WTRU is associated with the landmark and the geographic domain.
The present invention does not address the generation of privacy policies. Rather, the present invention is a method and system for managing privacy policies in ad-hoc networks. In contrast to prior art privacy policy management, the present invention uses landmarks to identify geographic domains. The landmark may designate a mobile device (such as “Howard's Phone”), a beacon (such as “Cafeteria on 3rd Floor”), an access point (such as “Alain's Access Point”), or a geographic domain (such as “Rocco's Sushi Grill” or “Liberty Bell Plaza”). An information system is utilized for managing the assignment of privacy policies to WTRUs operating within various geographic domains. Organizing the privacy policies stored and managed by the information system is essential as potentially thousands of such domains could be managed simultaneously. The information system may be centralized or distributed, but must be accessible to all of the fixed and mobile nodes of the network, either directly or indirectly, for receiving privacy policy management information.
Referring to
In this embodiment, the geographic domain 115 in which the AP is located is fixed and stationary, and is designated by a landmark 120. For example, the geographic domain 115 may be your office, in which case the landmark 120 is ‘OFFICE’. Alternatively, the geographic domain 115 may be your boss's office, in which case the landmark 120 is ‘PRESIDENT'S OFFICE’. Alternatively, a larger scale geographic domain could be your place of employment (i.e. the entire office building or business campus), in which case the landmark 120 is ‘WORK’. Where the landmark 120 is ‘OFFICE’, the geographic domain 115 would encompass the three dimensional spatial confines of your office. In this embodiment, where the landmark 120 is associated with an access point 110, the landmark 120 does not limit the coverage area of the access point 110 to the physical confines of the office. However, when a WTRU communicates using the AP 110, the WTRU may be subject to any privacy policies associated with the landmark 120 even though the WTRU may not be within the geographic domain 115 associated with the landmark 120.
To illustrate how the present invention manages privacy policies, WTRU 160 at position A is located outside of the geographic domain 115 designated by landmark 120. As WTRU 160 moves to position B inside the geographic domain 115 (you enter your office with your mobile phone in your briefcase, for example), WTRU 160 begins communicating with AP 110. AP 110 contacts information system 130 which selects the appropriate privacy policy from database 150, based on the landmark 120. Alternatively, WTRU 160 contacts information system 130, provides information system 130 with landmark 120 information, and then information system 130 selects the appropriate privacy policy.
The information system 130 transmits the selected privacy policy to the WTRU 160 located at position B. While WTRU 160 is within the geographic domain 115, the WTRU 160 must maintain the requirements of the selected privacy policy in order to wirelessly communicate with AP 110. When WTRU 160 leaves the geographic domain 115 (position C) and ceases communications with AP 110, the privacy policy implemented by WTRU 160 may change, but in any event is no longer required to be the privacy policy required by landmark 120.
Additionally, information concerning the equipment operating inside of a given geographic domain, such as a WTRU, may also be used to select an appropriate privacy policy. Serial numbers of wireless devices, system identifiers, registration numbers, user IDs, and other similar pieces of data may be transmitted to the information system managing privacy policies in order to achieve the goals of the privacy policy.
A determination of whether a WTRU is located within geographic domain 115 can be made using various means. In a geographic domain where no access point is present, sensor based detection may be quickly and easily implemented in order to sense the physical presence of a WTRU within the geographic domain. Other means for determining whether a device is located within a particular domain, such as location information derived from the primary function of the device (in a case of a wireless device), location information derived from an ancillary function of the device (such as local BlueTooth connection or wireless Universal Serial Bus (USB) port for a camera device, a Wi-Fi connection for a PC), and mapping of wired Ethernet topology for a wired Personal Computer (PC) connected to an RJ-45 jack in the wall, for example, may also be used.
Referring to
Referring to
Referring to
The geographic domain 430 surrounding WTRU 410 is associated with landmark 440, which may be, for example, ‘123-456-7890’, i.e. the phone number of the WTRU 410. A second WTRU 450 located at position G is not within the geographic domain 430 of WTRU 410. When WTRU 450 is positioned within the geographic domain 430 of WTRU 410 at position H, an appropriate privacy policy is selected by the information system 130. Similar to the embodiment described with reference to
Referring to
In an alternative embodiment, the IS controlling the management of privacy policies may be incorporated into a WTRU. Alternatively, many WTRUs may carry out the management of privacy policies in accordance with the present invention thereby stretching the management, processing, and storage requirements across many handsets.
In an alternative embodiment, a WTRU may operate in multiple domains and be associated with multiple landmarks, and may thus identify its geographic or temporal location using multiple landmarks. For example, an office may have a beacon that emits landmark information. The location of this office may be in a secure building, such as a police station, where the entire building is a geographic domain identified by a separate landmark. Accordingly, a WTRU carried into the office is currently within two geographic domains designated by landmarks ‘Office’ and ‘Police Station’. The WTRU would then be subject to both the privacy policy associated with the landmark ‘Office’ as well as the privacy policy associated with the landmark ‘Police Station’.
In this case, the information system contains a clearinghouse for resolving conflicting privacy policies. Priorities for privacy policies may be set and utilized by the information system for determining which privacy policy's settings are to be implemented by the WTRU. Alternatively, the most secure privacy policy settings may be utilized so that no undesired access occurs. The clearing house can be located at the information system or remotely located as in federated web systems.
In another embodiment of the present invention, the landmark is not an identifier of a geographic domain, but is instead an identifier of a temporal domain. In this manner, privacy policies may be managed not only based on geographic positioning of a WTRU, but also by the time at which a WTRU is positioned in a given geographic domain. For example, a movie theater may have a temporal landmark indicating the window of time during which the premier feature will be shown. WTRUs present within the movie theatre will associate with the temporal landmark and a privacy policy will be selected that, for example, requires all audible ringers to be silenced. For example, not only may all WTRUs be instructed to silence their ringers, but all calls may be forwarded directly to voice mail, or alternatively, only calls from a select list of emergency contacts may be allowed through to the WTRU.
The combination of geographic landmarks and temporal landmarks provides a powerful way to manage privacy policies across mobile, ad-hoc communication networks. It should be understood by one skilled in the art that the present invention may be implemented in a variety of wireless communication networks. For example, privacy and security policies are widely used in IEEE 802.x networks, BlueTooth communication networks, Ethernet based networks, 3GPP networks, and the like.
Although the present invention has been described with reference to the preferred embodiments, those skilled in the art will recognize that changes may be made in form and detail without departing from the scope of the invention.
The present application claims the benefit of U.S. Provisional Application No. 60/717,979 filed Sep. 16, 2005, which is incorporated herein by reference as if fully set forth.
Number | Date | Country | |
---|---|---|---|
60717979 | Sep 2005 | US |