WO2008023366A2 - A method and system for peer-to-peer communication - Google Patents

A method and system for peer-to-peer communication Download PDF

Info

Publication number
WO2008023366A2
WO2008023366A2 PCT/IL2007/001038 IL2007001038W WO2008023366A2 WO 2008023366 A2 WO2008023366 A2 WO 2008023366A2 IL 2007001038 W IL2007001038 W IL 2007001038W WO 2008023366 A2 WO2008023366 A2 WO 2008023366A2
Authority
WO
WIPO (PCT)
Prior art keywords
server
gatekeeper
communication
application
mobile device
Prior art date
Application number
PCT/IL2007/001038
Other languages
French (fr)
Other versions
WO2008023366A3 (en
Inventor
Boaz Dremer
Noam Aharon
Gal Blank
Original Assignee
Mobixie Ltd.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Mobixie Ltd. filed Critical Mobixie Ltd.
Publication of WO2008023366A2 publication Critical patent/WO2008023366A2/en
Publication of WO2008023366A3 publication Critical patent/WO2008023366A3/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/03Protecting confidentiality, e.g. by encryption
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2129Authenticate client device independently of the user
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2141Access rights, e.g. capability lists, access control lists, access tables, access matrices
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0807Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/102Entity profiles
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/104Grouping of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/16Implementing security features at a particular protocol layer
    • H04L63/168Implementing security features at a particular protocol layer above the transport layer
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W88/00Devices specially adapted for wireless communication networks, e.g. terminals, base stations or access point devices
    • H04W88/08Access point devices

Definitions

  • the present invention relates generally to field of communication. More specifically, the present invention relates to peer-to-peer communication, where at least one of the communication devices may be a mobile device.
  • Members of a group may access, through a user interface, group activities that provide a shared, synchronous, interactive experience.
  • An interface may be provided via a mobile device such as a cellular telephone that enables members who are mobile to participate in group activities with other members who are also mobile or who are logged on via a non-mobile device such as a desktop computer system.
  • US Patent Application No. 2005/135286 discloses a wireless proximity network extended to provide peer-to peer communication among ad hoc networks.
  • a mobile device (peer) coupled to an access point serves an adhoc network via a short-range communication link.
  • the peer executes a network protocol stack.
  • Each peer has a routing table about all the peers in the adhoc network.
  • a peer to peer software layer (P2P) runs on top of the TCP/IP protocol stack and beneath a multi-user application layer.
  • the P2P software handles application deployment, peer management and communications for applications and provides information about existing peers on the adhoc network; routes messages between peers within an ad hoc network and from one peer to another in different adhoc networks.
  • the access point is connected to a wireless LAN via a wireless router.
  • the access point has an IP address conversion table and communicates with other access points via wireless routers using TCP/IP protocols.
  • the present invention is a method, apparatus, application and system for accessing data on a distrusted data network, where at least a portion of the network includes a cellular data link.
  • a gatekeeper/server to mediate access between a client application and one or more server applications, where both client and server application may reside on a communication/computing device such as a desktop computer or mobile communication device.
  • a client application may also be a server application.
  • a client/server application may reside on a communication/computing device such as a cellular phone, smart phone, personal computer or any other networked computing device.
  • the gatekeeper server may include or otherwise be functionally associated with an authentication module for authenticating a client device (i.e. a device running a client application) and for mediating communication sessions between a client application and one or more server applications.
  • the gatekeeper server may authenticate a client application using any one or more authentication methods including: (1) usemame/password, (2) one or more digital certificates stored on the client device, (3) public/private key pairs, biometric data, and (5) hardware derived identification such as Subscriber Identity Module (“SIM”) card or International Mobile Equipment Identity (“IMEI”) derived data.
  • SIM Subscriber Identity Module
  • IMEI International Mobile Equipment Identity
  • the gatekeeper server may also authenticate a server application using any of the above mentioned methods.
  • An application which authenticates itself to the gatekeeper as a server application may also be authenticated as a client application, and vice versa.
  • the gatekeeper may register the device as part of a data sharing network.
  • the gatekeeper may include one or more database containing: (1) connection information (e.g. current I. P address and port number) for each device connected to the data sharing network, (2) access rights to and from each device and/or application to each other device and/or shared content connected to the data sharing network, and (3) a list of content available for sharing on each device.
  • a device connecting to the data sharing network may provide/update the gatekeeper server with some or all of the above mentioned information.
  • Each server application may provide the gatekeeper with an indication of access rights to be provided to a client device or to a group of client devices (e.g.
  • a server application running on a device may define one or more data storage areas on the device which contain data to be shared through the data sharing network according to some embodiments of the present invention.
  • the server application (which may be part of a combined server/client application) running on a cell phone may define a folder named "share with friends" on a removable media card as shareable.
  • the server application may also define access rights to content stored on the folder, either granting access (e.g. read) rights to all devices connected to the network, or restricting access to one or a group of identified devices.
  • the server application made define multiple data storage areas, each containing different data and each having a different set of access rights.
  • the server application may define access rights according to any methodology known today or to be devised in the future.
  • a server application may provide a list of content/files stored in any of its shareable data storage areas to the gatekeeper server.
  • the list of shareable content/files may either be viewable by only those client applications which have access rights to the content, or according to an alternative embodiments, the list of shareable content may also be viewable by all client applications, even those not having access rights.
  • the gatekeeper server may include a search module to allowable client applications to search for specific content/files stored on network devices.
  • the search module may provide a client application search results: (1) from only those server devices/applications to which the client has access rights, (2) all devices/applications connected to the network or gatekeeper, or (3) some hybrid combination of options (1) and (2).
  • client applications/devices not having access rights to content on a given server application may request access from the given server application through the gatekeeper server.
  • a client application (which may be part of a combined client/server application) may authenticate itself to the gatekeeper and may provide the gatekeeper with current network connection information (e.g. network I. P. address and port number).
  • the client application may authenticate itself using hardware specific information including MAC address, SIM card derived data, or another other hardware specific data utilized today or to be used in the future.
  • Authentication communication between a device and the gatekeeper may be encrypted according to any encryption method known today or to be devised in the future. The encryption key may be based on the data derived from the hardware of the device.
  • some or all of the communication between the mobile device and the server application may be encrypted using a digital key specifically made for use in the current communication session
  • the session key may be derived from the authentication token user to authenticate the mobile device.
  • an authenticated client may have regulated access to the gatekeeper's database of content.
  • a client device/application may include an interface to a search engine module on the gatekeeper server.
  • the client device/application may also include an access rights request module to allow a client to request from a server access rights to content stored on the server.
  • a client application having access rights to a given server device/application may initiate a data transfer transaction directly with the server application/device (e.g. peer-to-peer data transfer).
  • Client to server authentication may be mediated through the gatekeeper such that once a client/server device/application has authenticated itself to the gatekeeper it is not required to authenticate itself to other server application/devices - but rather the gatekeeper authenticates the client to the server.
  • transaction authorization may also be regulated by the gatekeeper based on access rights defined in the gatekeeper's database.
  • the gatekeeper server may keep a log of some or all of the authentication-related communication between the mobile device and itself. According to further embodiments of the present invention, the gatekeeper server may keep a log of some or all of the communication between the client application and the server application.
  • a system for peer-to-peer communication and a method of operating thereof comprising at least first computer and second computer operatively coupled in peer-to- peer connection, the first computer is configured to support a communication with one or more mobile devices assigned to one or more users via at least one wireless communication protocol selected from a group comprising, at least, GPRS, Bluetooth, Wi-Fi and Wi-Max protocols, said first computer being further coupled to a gatekeeper server, a third computer configured to store information related to the users and availability of one or more mobile devices and to exchange said information with the first computer, wherein the first computer is further configured to support an access of one or more mobile devices communicating with the first computer to at least one device selected from a group comprising the first computer, the second computer and one or more mobile devices communicating with the second computer, giving rise to peer-to- peer communicating mobile devices.
  • the system may be further configured to support at least one application selected from a group comprising: a) voice communication between peer-to-peer communicating mobile devices; b) messaging between peer-to-peer communicating mobile devices; c) messaging between one or more mobile devices communicating with first computer and the first or the second computers; d) voice messaging between peer-to-peer communicating mobile devices; e) accessing and controlling the mobile devices communicating with the second computer by one or more mobile device communicating with first computer; f) searching and/or selecting and/or playing on one or more mobile devices communicating with the first computer a media items stored on one or more mobile devices communicating with the second computer.
  • a group comprising: a) voice communication between peer-to-peer communicating mobile devices; b) messaging between peer-to-peer communicating mobile devices; c) messaging between one or more mobile devices communicating with first computer and the first or the second computers; d) voice messaging between peer-to-peer communicating mobile devices; e) accessing and controlling the mobile devices communicating with the second computer by one or more mobile device communicating
  • a system for peer-to-peer communication and a method of operating thereof comprising at least first computer and second computer operatively coupled in peer-to- peer connection, the first computer is configured to support a communication with one or more mobile devices assigned to one or more users via at least one wireless communication protocol selected from a group comprising, at least, GPRS, Bluetooth, Wi-Fi and Wi-Max protocols, wherein the first computer is further configured to support an access of one or more mobile devices communicating with the first computer to at least one device selected from a group comprising the first computer and the second
  • the system is further configured to support at least one application selected from a group comprising:
  • system and a method of operating thereof, the system comprising at least first computer
  • the first computer is further configured to support at least one application selected from a group
  • a method for peer-to-peer communication between at least first and second mobile devices capable to communicate via cellular network and a system thereof comprising: a) providing communicating between the first mobile device to a first computer via at least one wireless communication protocol selected from a group comprising GPRS, Bluetooth, Wi-Fi and Wi-Max protocols; b) determining a second computer that is configured to support communication to the second mobile device; c) providing peer-to-peer communicating between the first computer and the second computer; and d) providing a communication between the second computer and the second mobile device via at least one wireless communication protocol selected from a group comprising GPRS, Bluetooth, Wi-Fi and Wi-Max protocols,
  • a system and a method of operating thereof comprising at least first and second mobile devices configured to communicate directly via a wireless communication protocol selected from a group comprising, at least, GPRS, Bluetooth, Wi-Fi and Wi-Max protocols, wherein the first and the second mobile devices are further configured to support at least one application selected from a group comprising: a) accessing and controlling the first computer from one or more mobile device communicating with first computer; b) searching and/or selecting and/or playing on one or more mobile devices communicating with the first computer a media items stored on the first computer; c) synchronizing between the first computer and a mobile device communicating with the first computer data stored thereof, wherein said synchronization is managed via the mobile device; d) backing-up between first computer and a mobile device communicating with the first computer data stored thereof, wherein said backing-up is managed via the mobile device.
  • a wireless communication protocol selected from a group comprising, at least, GPRS, Bluetooth, Wi-Fi and Wi-Max protocols
  • the first and the second mobile devices are further configured to support
  • a virtual device (without physical connection) comprising one or more mobile devices and one or more computers sharing content (including documents, media items, applications, etc.) and functionalities.
  • the capabilities of said virtual device include voice communication, messaging and voice messaging between mobile devices and between mobile devices and PC; access and control of local and remote PC from the mobile device, including search, and download; playing on mobile device media stored on PC, synchronizing and back up between two devices with control provided from mobile device mobile device, etc.
  • FIG. 1 illustrates a generalized functional diagram of network architecture supporting peer-to-peer communication in accordance with certain embodiments of the present invention.
  • FIG. 2 illustrates a generalized functional diagram of network architecture supporting peer-to-peer communication in accordance with other embodiments of the present invention.
  • Fig. 3 schematically illustrates implementation of Bluetooth protocol stack in accordance with certain embodiments of the present invention.
  • Fig. 4 schematically illustrates communication between two Bluetooth enabled devices in accordance with certain embodiments of the present invention.
  • FIG. 5 illustrates a generalized flow sequence diagram of connecting and registering a mobile device in accordance with certain embodiments of the present invention.
  • Fig. 6 illustrates a generalized flow sequence diagram of peer-to-peer messaging between two mobile devices in accordance with certain embodiments of the present invention.
  • FIG. 7 illustrates a generalized data flow diagram of handling incoming communication requests in accordance with certain embodiments of the present invention.
  • Fig. 8 illustrates a generalized flow diagram of application decisions when handling a message in accordance with certain embodiments of the present invention.
  • Fig. 9 illustrates a generalized data flow diagram of incoming peer connection from RAP to LAP in accordance with certain embodiments of the present invention.
  • Fig. 10 illustrates a generalized flow diagram of SDP process and connection sequence in accordance with certain embodiments of the present invention.
  • FIG. 11 schematically illustrates a push registry API as known in the prior art.
  • FIG. 12 schematically illustrates a system layer above push registry API in accordance with certain embodiments of the present invention.
  • Fig. 13 illustrates a generalized data flow diagram of activating a mobile application using mobile device's push registry in accordance with certain embodiments of the present invention.
  • Fig. 14 illustrates a generalized data flow diagram of action sequence and flow control when exchanging content between mobile devices and/or between mobile and
  • FIG. 15 illustrates a generalized data flow diagram of media streaming in accordance with certain embodiments of the present invention.
  • Fig. 16 illustrates a generalized sequence flow diagram of voice streaming communication between two mobile device connected to different LAPs in accordance with certain embodiments of the present invention.
  • Fig. 17 illustrates a generalized data flow diagram of action sequence and flow control when exchanging content between mobile devices and/or between mobile device without accessing LAP devices, but by connecting directly mobile to mobile using
  • Bluetooth connection protocol in accordance with certain embodiments of the present invention.
  • FIGs. 18-1 - 18-18 illustrate exemplary screenshots during communication process in accordance with certain embodiments of the present invention.
  • Fig. 19 illustrates a generalized functional diagram of network architecture supporting peer-to-peer communication in accordance with some embodiments of the present invention.
  • Fig. 20 illustrates a generalized functional diagram of network architecture supporting peer-to-peer communication in accordance with some embodiments of the present invention.
  • Fig. 21 illustrates a generalized functional diagram of network architecture supporting peer-to-peer communication in accordance with some embodiments of the present invention.
  • Fig. 22 illustrates a generalized functional diagram of network architecture supporting peer-to-peer communication in accordance with some embodiments of the present invention.
  • FIG. 23 is a block diagram illustrating the logical building blocks of a gatekeeper server in accordance with some embodiments of the present invention.
  • Fig. 24 is a flowchart illustrating a mobile device authentication process in accordance with some embodiments of the present invention.
  • Fig. 25 is a flowchart illustrating the process by which a mobile device connects to a server application from the viewpoint of the mobile device in accordance with some embodiments of the present invention.
  • Fig. 26 is a flowchart illustrating the process by which a mobile device connects to a server application from the viewpoint of the gatekeeper server in accordance with some embodiments of the present invention.
  • This may be specially constructed for the desired purposes, or it may comprise a general purpose computer selectively activated or reconfigured by a computer program stored in the computer.
  • a computer program may be stored in a computer readable storage medium, such as, but not limited to, any type of disk including floppy disks, optical disks, CD-ROMs, Disk-on-Key, smart cards (e.g. SIM, chip cards, etc.), magnetic-optical disks, read-only memories (ROMs), random access memories (RAMs), electrically programmable read-only memories (EPROMs), electrically erasable and programmable read only memories (EEPROMs) 1 magnetic or optical cards, or any other type of media suitable for storing electronic instructions capable of being conveyed via a computer system bus.
  • ROMs read-only memories
  • RAMs random access memories
  • EPROMs electrically programmable read-only memories
  • EEPROMs electrically erasable and programmable read only memories
  • the present invention is a method, apparatus, application and system for accessing data on a distrusted data network, where at least a portion of the network includes a cellular data link.
  • a gatekeeper/server to mediate access between a client application and one or more server applications, where both client and server application may reside on a communication/computing device such as a desktop computer or mobile communication device.
  • a client application may also be a server application.
  • a client/server application may reside on a communication/computing device such as a cellular phone, smart phone, personal computer or any other networked computing device.
  • the gatekeeper server may include or otherwise be functionally associated with an authentication module for authenticating a client device (i.e. a device running a client application) and for mediating communication sessions between a client application and one or more server applications.
  • the gatekeeper server may authenticate a client application using any one or more authentication methods including: (1) usemame/password, (2) one or more digital certificates stored on the client device, (3) public/private key pairs, biometric data, and (5) hardware derived identification such as Subscriber Identity Module (“SIM”) card or International Mobile Equipment Identity (“IMEI”) derived data.
  • SIM Subscriber Identity Module
  • IMEI International Mobile Equipment Identity
  • the gatekeeper server may also authenticate a server application using any of the above mentioned methods.
  • An application which authenticates itself to the gatekeeper as a server application may also be authenticated as a client application, and vice versa.
  • the gatekeeper may register the device as part of a data sharing network.
  • the gatekeeper may include one or more database containing: (1) connection information (e.g. current IP address and port number) for each device connected to the data sharing network, (2) access rights to and from each device and/or application to each other device and/or shared content connected to the data sharing network, and (3) a list of content available for sharing on each device.
  • a device connecting to the data sharing network may provide/update the gatekeeper server with some or all of the above mentioned information.
  • Each server application may provide the gatekeeper with an indication of access rights to be provided to a client device or to a group of client devices (e.g.
  • a server application running on a device may define one or more data storage areas on the device which contain data to be shared through the data sharing network according to some embodiments of the present invention.
  • the server application (which may be part of a combined server/client application) running on a cell phone may define a folder named "share with friends" on a removable media card as shareable.
  • the server application may also define access rights to content stored on the folder, either granting access (e.g. read) rights to all devices connected to the network, or restricting access to one or a group of identified devices.
  • the server application made define multiple data storage areas, each containing different data and each having a different set of access rights.
  • the server application may define access rights according to any methodology known today or to be devised in the future.
  • a server application may provide a list of content/files stored in any of its shareable data storage areas to the gatekeeper server.
  • the list of shareable content/files may either be viewable by only those client applications which have access rights to the content, or according to an alternative embodiments, the list of shareable content may also be viewable by all client applications, even those not having access rights.
  • the gatekeeper server may include a search module to allowable client applications to search for specific content/files stored on network devices.
  • the search module may provide a client application search results: (1) from only those server devices/applications to which the client has access rights, (2) all devices/applications connected to the network or gatekeeper, or (3) some hybrid combination of options (1) and (2).
  • client applications/devices not having access rights to content on a given server application may request access from the given server application through the gatekeeper server.
  • a client application (which may be part of a combined client/server application) may authenticate itself to the gatekeeper and may provide the gatekeeper with current network connection information (e.g. network I. P. address and port number).
  • the client application may authenticate itself using hardware specific information including MAC address, SIM card derived data, or another other hardware specific data utilized today or to be used in the future.
  • Authentication communication between a device and the gatekeeper may be encrypted according to any encryption method known today or to be devised in the future. The encryption key may be based on the data derived from the hardware of the device.
  • some or all of the communication between the mobile device and the server application may be encrypted using a digital key specifically made for use in the current communication session (session key).
  • the session key may be derived from the authentication token user to authenticate the mobile device.
  • an authenticated client may have regulated access to the gatekeeper's database of content.
  • a client device/application may include an interface to a search engine module on the gatekeeper server.
  • the client device/application may also include an access rights request module to allow a client to request from a server access rights to content stored on the server.
  • a client application having access rights to a given server device/application may initiate a data transfer transaction directly with the server application/device (e.g. peer-to-peer data transfer).
  • Client to server authentication may be mediated through the gatekeeper such that once a client/server device/application has authenticated itself to the gatekeeper it is not required to authenticate itself to other server application/devices - but rather the gatekeeper authenticates the client to the server.
  • transaction authorization may also be regulated by the gatekeeper based on access rights defined in the gatekeeper's database.
  • the gatekeeper server may keep a log of some or all of the authentication-related communication between the mobile device and itself.
  • the gatekeeper server may keep a log of some or all of the communication between the client application and the server application.
  • the term "mobile device” used in this patent specification should be expansively construed to include any kind of mobile device with communication capabilities, including those adapted for coupling with data, video and/or multimedia terminals.
  • the mobile devices include cellular phones, personal and other computers, pagers, radio telephones, cordless telephones, dedicated data units (e.g. PDA), Global Positioning System (GPS) devices, TV-remote control devices, wireless information devices, etc.
  • PDA personal and other computers
  • GPS Global Positioning System
  • TV-remote control devices TV-remote control devices
  • wireless information devices etc.
  • the references cited in the background teach many principles of integrated messaging services that are applicable to the present invention. Therefore the full contents of these publications are incorporated by reference herein where appropriate for appropriate teachings of additional or alternative details, features and/or technical background.
  • Fig. 1 illustrating a generalized functional diagram of network architecture supporting peer-to-peer communication in accordance with certain embodiments of the present invention.
  • a mobile device A is connected to a local access point A (LAP-A) via a wireless short range protocol as Bluetooth and alike within the proximity of the protocol range.
  • the protocol range depends on the device class. For example in Bluetooth devices with Class 3 radio have a range of up to 1 meter, devices with Class 2 radios have a range of 10 meters, and devices with Class 1 radio have a range of 100 meters.
  • a mobile device B is connected to a local access point B (LAP-B), said LAP-B being remote access point (RAP) for the mobile device A.
  • LAP-A is connected peer-to- peer to one or more remote access points (LAB-B in Fig. 1) using TCP/IP, UDP/IP or other standard protocols over Internet.
  • the access points are operatively coupled to at least one data server (DS).
  • the data server serves as LAP router and users database comprising users-related information and may be deployed, for example, at world locations at ISPs.
  • the users-related information comprises a real time information about online/offline users, and the data server is configured to provide functions of a presence server.
  • the DS is also configured to server as a messaging mail box for users that are not online.
  • the DS is also configured to find and selected a RAP in accordance with user's needs/request (e.g. RAP corresponding to user's home/office PC while the user is out of the office, etc.).
  • FIG. 2 there is illustrated another certain embodiments of the present invention similar to the embodiments illustrated in Fig. 1 wherein connection between one or more mobile devices and one or more access points is provided, however, with the help of a wireless protocol as W ⁇ Max, Wi-Fi, and alike.
  • a wireless protocol as W ⁇ Max, Wi-Fi, and alike.
  • Bluetooth protocol For purpose of illustration only, the following description is made with respect to Bluetooth protocol. It should be noted that the invention is not bound by this protocol and is, likewise, applicable to any other wireless protocol supporting data and/or voice communication between both mobile and stationary devices.
  • the mobile devices illustrated in Figs. 1 and 2 are configured to run a mobile application in accordance with certain embodiments of the present invention as will be further detailed with reference to Figs. 3-18.
  • the access points may facilitate peer-to- peer (P2P) communications between mobile devices connected to the same or different access point.
  • P2P peer-to- peer
  • the disclosed in Figs. 1 and 2 network architecture facilitates creating virtual peer-to-peer connection between mobile devices connected to access points having permanent peer-to-peer connection.
  • This virtual P2P connection enabled users to exchange messaging, files, media objects, conduct voice conversation and other communication using their mobile devices.
  • the mobile application being installed on the mobile device facilitates the following functionality:
  • the PC Agent application being installed, turns a personal computer into an access point for the mobile device running the mobile application installed on it.
  • An access point may serve as a LAP for mobile devices within its proximity and as a RAP for other mobile devices and access points.
  • the PC agent supports information transfer between LAP and mobile device(s), between LAP and one or more RAPs, and between LAP and DS.
  • the PC agent also supports the following functions:
  • Data server ( DS ) access and online/offline status updates for mobile devices.
  • the PC agent supports the following: a. Connecting to DS over TCP/IP in order to notify online/offline status, to retrieve other LAPs status and addresses and/or to send data to be stored. b. Establishing connection to a mobile device over Bluetooth in order to send/receive data and different sets of commands for execution. c. Establishing P2P connection with RAP for a purpose to transfer data. [075] For service enabling, the mobile device shall be registered in the database provided with a unique identifier (e.g. a number of a cellular phone assigned to the subscriber combined with area code and country code).
  • a unique identifier e.g. a number of a cellular phone assigned to the subscriber combined with area code and country code.
  • the PC agent application level may comprise bandwidth reservation for voice communication using Packet Scheduler application and voice packet tagging as a high priority packet in order of ISP's routers forward those packets before forwarding other data packets that have lower or no class tagging.
  • PC application implements Bluetooth stack application layer for device discovery and connection, and "sliding window” algorithm for optimizing bandwidth control and data transfer performance.
  • Packet Scheduler used in this patent specification should be expansively construed to include any function at the network protocol level allocating bandwidth to competing online connections, e.g. by determining how many packets are handed to each connection (each flow) at a given time.
  • a packet scheduler may operate based on observing the packet flows from the applications, by request from a quality of service (QoS) related protocol (e.g. RSVP or Diffserv), etc.
  • QoS quality of service
  • sliding window algorithm used in this patent specification should be expansively construed to include a method of flow control for network data transfers by placing a buffer between the application program and the network data flow (e.g. as it implemented in TCP protocol). Data received from the network is stored in the buffer, from whence the application can read at its own pace. As the application reads data, buffer space is freed up to accept more input from the network.
  • the window is the amount of data that can be "read ahead" - the size of the buffer, less the amount of valid data stored in it. Window announcements are used to inform the remote host of the current window size. For example, if the local application can't process data fast enough, the window size will drop to zero and the remote host will stop sending data. After the local application has processed some of the queued data, the window size rises, and the remote host starts transmitting again.
  • a mobile application installed on the mobile device implements at least one of the following standard Java specification requests:
  • JSR-75 JSR - 82, JSR-118, JSR - 120, JSR-135, JSR-184.
  • the Bluetooth-based connection may be initiated in at least 2 cases:
  • connection initiated from LAP to mobile device as a result of incoming message with mobile device address as an addressee
  • the second one is connection initiation from the mobile device to LAP.
  • connection initiation from the mobile device to LAP Upon connection a handshake will be conducted between two connected devices in order to verify that they can talk with each other. Handshake and other data transfer will be conducted using proprietary protocol implemented over the Bluetooth RFCOMM and TCP/IP or UDP/IP standard protocols as further illustrated with reference to Figs. 2 and 3.
  • Fig. 3 schematically illustrates an implementation of Bluetooth protocol stack.
  • the Bluetooth protocol stack is modified to include proprietary application layer responsible for communication between the mobile device and the LAP.
  • Fig. 4 schematically illustrates communication between two Bluetooth enabled devices (e.g. mobile device and LAP).
  • a peer mobile software layer (PMSL) runs on top of the Bluetooth stack and provides communication layer for applications.
  • Fig. 5 illustrates a generalized flow sequence diagram of connecting and registering a mobile device in accordance with certain embodiments of the present invention.
  • the mobile device A connects via Bluetooth protocol to LAP A;
  • LAP A connects to Data Server (DS); and DS registers the mobile device as online and updates database table accordingly.
  • DS Data Server
  • Fig. 6 illustrates a generalized flow sequence diagram of peer-to-peer messaging between two mobile devices in accordance with certain embodiments of the present invention.
  • the diagram describes communication and command sequence during sending message from a mobile device to other mobile device , including DS query and LAP to RAP P2P connection and data exchange.
  • Sending a message from Mobile 'A' to Mobile 'B' comprises the following steps:
  • Mobile 'A send message to LAP 'A' with destination 'B' as parameter.
  • LAP 1 A 1 quires DS about address of "B'.
  • RAP 'B' forwards message from LAP 'A' to Mobile 'B'.
  • Fig. 7 illustrates incoming communication requests from RAP . and handling those request by the LAP.
  • Fig. 8 illustrates a generalized flow diagram of application decisions when handling a message in accordance with certain embodiments of the present invention.
  • the diagram includes creating and sending messages and also a flow that describes flow sequence upon receiving new message notification.
  • Fig. 9 illustrates a generalized data flow diagram of incoming peer connection from RAP to LAP including protocol handshake and connection validations. The process comprises the following steps:
  • LAP Listener receives connection request.
  • Fig. 10 illustrates a generalized flow diagram of SDP (Service Discovery Protocol) process and connection sequence in accordance with certain embodiments of the present invention.
  • SDP Service Discovery Protocol
  • the SDP defines how a client application acts to discover an available Bluetooth enabled server services and characteristics.
  • SDP provides means for the discovery of new services becoming available when the client enters an area where a Bluetooth enabled server is operating.
  • SDP also provides functionality for detecting when a service is no longer available.
  • SDP defines a service as any feature that is usable by another Bluetooth device.
  • a single Bluetooth enabled device can be both a server and a client of services.
  • An SDP client communicates with an SDP server using a reserved channel on an L2CAP link to find out what services are available.
  • An SDP server maintains its own SDP database, which is a set of service records that describe the services the server offers. Along with information describing how a client can connect to the service, the service record contains the service's UUID 1 or universally unique identifier.
  • the diagram illustrates LAP Bluetooth SDP process application layer and Bluetooth connection sequence to the discovered mobile devices, including connection validation and handshake protocol. Those versed in the art will readily appreciate that the application layer may operate in a similar manner on a top of another service discovery protocol (e.g. disclosed in Wi-Fi, Wi-Max, GPRS and other wireless communication standards.)
  • FIG. 11 schematically illustrates a push registry API as known in the prior art.
  • FIG. 12 schematically illustrates a system layer above push registry API in accordance with certain embodiments of the present invention. Illustrated proprietary system layer implementation above the standard PUSH REGISTRY API, that represents registration visualization into the implemented push registry mechanism in the mobile device.
  • FIG. 13 illustrates a generalized data flow diagram of activating a mobile application using mobile device's push registry in accordance with certain embodiments of the present invention.
  • Data flow diagram represents steps which are being taken when incoming connection is activating mobile application using mobile device's push registry. This implies that the application has registered itself into the push registry with a specific request to be awaken when an appropriate connection arrives.
  • Fig. 14 illustrates a generalized data flow diagram of action sequence and flow control when exchanging content between mobile devices and/or between mobile and
  • LAP devices in accordance with certain embodiments of the present invention.
  • the diagram represents action sequence and flow control in case of exchanging and controlling content from mobile on both mobile and LAP devices. It includes possible decision variations during the represented flow.
  • Fig. 15 illustrates a generalized data flow diagram of media streaming in accordance with certain embodiments of the present invention.
  • the diagram includes
  • FIG. 16 illustrates a generalized sequence flow diagram of voice streaming communication between two Mobile device connected to different LAPs in accordance with certain embodiments of the present invention.
  • Quality of Service ( QOS ) packet scheduling is being implemented on LAP application layer in order to reduce packet latency between two peers.
  • Fig. 17 Sequence flow that represents direct Mobile to Mobile Bluetooth connection and communication.
  • Mobile application will be able to connect directly to another mobile application in a proximity of a Bluetooth range. Once connected Mobile devices will be able to exchange messages .files and multimedia.
  • FIG 18.1 through 18.11 represents sending message to user in the contact list flow, that is implemented by the mobile applet and located on the mobile device.
  • FIG 18.2 shows choosing "Messages” function from the main screen.
  • FIG 18.3 and 18.4 show menu screen under the "Messages" submenu.
  • FIG 18.5 shows choosing "New Message” submenu from the "Messages" main menu.
  • FIG 18.6 shows message editor after choosing "New Message” at FIG 11.4.
  • FIG 18.7 shows message editor after text input has been received from device's input keyboard.
  • FIG 18.8 describes continue of the flow after choosing "Send” from FIG 11.6, the result is a message destination screen with 3 possible function variations :
  • FIG 18.9 shows a contact screen as a result of the "Phone Book" selection at FIG 18.8.
  • FIG 18.9 shows users that are in mobile device's contact list along with a status of each user (offline/online).
  • FIG 18.10 show a result of a selection made at FIG 11.8 with a details of a chosen addressee.
  • FIG 18.11 show the result of a "Send" selection that was chosen at FIG 11.9
  • FIG 18.12 through 18.18 represents function flow of sharing file from mobile device to other mobile device.
  • FIG 18.12 main application screens with following functionality possibilities:
  • FIG 18.13 is a screen shot that represents flow result of selecting "File Sharing" from menu shown at the FIG 11.0. This screen contains the following possible file types to send:
  • FIG 18.4 is an image select screen that shows available image files to share. Reaching this screen is a result of selecting "Images" from the menu described at FIG 18.13.
  • FIG 18.15 describes continue of the flow after choosing "Select” from FIG 18.14, the result is a file destination screen with 3 possible function variations :
  • FIG 18.16 shows a contact screen as a result of the "Phone Book” selection at FIG 11.3.
  • FIG 18.16 visualizes users that are in mobile device's contact list along with a status of each user (offline/online).
  • FIG 18.17 show a result of a selection made at FIG 18.16 with a details of a chosen addressee.
  • FIG 18.18 show the result of a "Send" selection that was chosen at FIG 18.17
  • Fig. 19 is a generalized functional diagram of network architecture supporting peer-to-peer communication in accordance with some embodiments of the present invention.
  • the mobile device may use hardware-derived authentication data for authentication vis-a-vis the gatekeeper server.
  • Fig. 20 is a generalized functional diagram of network architecture supporting peer-to-peer communication in accordance with some embodiments of the present invention.
  • an IP-enabled client mobile device A may connect directly to the LAP B and through it create a virtual connection to the server application on mobile device B.
  • an IP-enabled client mobile device A may request the gatekeeper server to route communication between itself and the LAP B, and through it create a virtual connection to the server application on mobile device B.
  • Fig. 22 is a generalized functional diagram of network architecture supporting peer-to-peer communication in accordance with some embodiments of the present invention.
  • an IP-enabled client mobile device A may connect directly to to the server application on an IP-enabled mobile device B.
  • a mobile device client may initiate a session with the gatekeeper server (step 2000), and sends it a generated authentication token (step 2100). Should the authentication fail, the client may attempt an alternative authentication method (step 2400). If the authentication process succeeds, the mobile device may connect to the gatekeeper and shared content (step 2600), otherwise it may be disconnected (step 2700).
  • Fig. 25 is a flowchart illustrating the process by which a mobile device connects to a server application from the viewpoint of the mobile device in accordance with some embodiments of the present invention.
  • a mobile device client may connect to a gatekeeper server (step 3000) and attempt authentication (step 3100). if the authentication succeed, the mobile device may request a list of available shared content (step 3300); should it fail, the mobile device may be disconnected (step 3400). After receivinig the list (step 3500), the mobile device may then connect the any available server application (step 3600).
  • Fig. 26 is a flowchart illustrating the process by which a mobile device connects to a server application from the viewpoint of the gatekeeper server in accordance with some embodiments of the present invention.
  • the gatekeeper server may accept a connection from a mobile client (step 4000). If the authenticaion (step 4100) succeeds, the gatekeeper checks the avialable content and access rights databases for available content for which mobile device has view rights (step 4300), and sends the resulting list to the mobile device (step 4500). The mobile device then requests a connection to a server application (step 4600), which the gatekeeper server may have to mediate in case a direct connection is impossible (step 4700).
  • Certain embodiments of the present invention enable at least one of the following applications: voice communication, wherein the mobile device connected to LAP using Bluetooth protocol is enabled to send and receive voice packets using proprietary protocol created on top of the Bluetooth protocol; mobile to LAP access functionality, wherein the mobile device connected to LAP is enabled to control and transfer data from/to both devices (mobile and LAP ) by using implemented command set protocol.
  • Mobile device may contains a "mirror image" of LAP file system and allow to send or receive content from or to LAP; file search from mobile handsets, wherein search mechanism may be implemented for search from the mobile device within a content stored at LAP and/or one or more RAPs and/or other mobile devices.
  • the search result may be displayed on the mobile device screen with a variety of possible actions to perform on the search result (upload , pull , download , send, etc.).
  • the mobile device is served as search initiation point; remote PC access from the mobile device, wherein installation of PC agent on users personal computer enables to use the computer as LAP, thus providing remote access to the computer form the mobile device.
  • the mobile device may be used to access remote PC configured as RAP and manage files thereof; media streaming - a media stored on LAP may be played at the mobile device.
  • the mobile device may access LAP/RAP as described above and select a file or list of files for streaming to mobile device. Once the stream begins, mobile device starts buffering and playing it.
  • the media After the media is played it may be deleted from the mobile device thus saving memory on mobile handset; synchronize and back up data between PC and mobile device, wherein functionality control is being conducted from the mobile device without need to be located at the LAP physically; messaging application comprising exchange by text, graphical and/or multimedia messages between mobile device (one-to-one and/or one-to-many), wherein the application layer supports at least message creation (e.g. with a help of JSR-120), accessing contact list (e.g. with a help of JSR-75) and connecting to LAP (e.g. with a help of JSR-82).
  • message creation e.g. with a help of JSR-120
  • accessing contact list e.g. with a help of JSR-75
  • connecting to LAP e.g. with a help of JSR-82).
  • the system according to the invention may be a suitably programmed computer.
  • the invention contemplates a computer program being readable by a computer for executing the method of the invention.
  • the invention further contemplates a machine-readable memory tangibly embodying a program of instructions executable by the machine for executing the method of the invention.

Abstract

There is provided a method, apparatus, application and system for accessing data on a distrusted data network, where at least a portion of the network includes a cellular data link. According to some embodiments of the present invention, there is provided a gatekeeper/server to mediate access between a client application and one or more server applications, where both client and server application may reside on a communication/computing device such as a desktop computer or mobile communication device.

Description

A METHOD AND SYSTEM FOR PEER-TO-PEER COMMUNICATION-
FIELD OF THE INVENTION
[001] The present invention relates generally to field of communication. More specifically, the present invention relates to peer-to-peer communication, where at least one of the communication devices may be a mobile device. BACKGROUND OF THE INVENTION
[002] The problem of peer-to-peer communication for mobile devices was recognized in the Prior Art and various systems were developed to provide a solution, for example: [003] US Patent Application No. 2005/220041 (Lin) discloses peer-to-peer mobile instant messaging method and device for a direct data transfer session, including for multimedia content, between mobile devices without the need for using a separate multimedia server to store multimedia content. Direct data transfer sessions between mobile devices are established by transmitting necessary address information through page-based messaging services that utilize the underlying digital mobile network databases and services to resolve the identification and location of the mobile devices. [004] US Patent Application No. 2005/172001 (Chung et al.) discloses techniques for enabling mobile shared group interaction. Members of a group may access, through a user interface, group activities that provide a shared, synchronous, interactive experience. An interface may be provided via a mobile device such as a cellular telephone that enables members who are mobile to participate in group activities with other members who are also mobile or who are logged on via a non-mobile device such as a desktop computer system.
[005] US Patent Application No. 2005/135286 (Bakos et al.) discloses a wireless proximity network extended to provide peer-to peer communication among ad hoc networks. A mobile device (peer) coupled to an access point serves an adhoc network via a short-range communication link. The peer executes a network protocol stack. Each peer has a routing table about all the peers in the adhoc network. A peer to peer software layer (P2P) runs on top of the TCP/IP protocol stack and beneath a multi-user application layer. The P2P software handles application deployment, peer management and communications for applications and provides information about existing peers on the adhoc network; routes messages between peers within an ad hoc network and from one peer to another in different adhoc networks. The access point is connected to a wireless LAN via a wireless router. The access point has an IP address conversion table and communicates with other access points via wireless routers using TCP/IP protocols.
SUMMARY OF THE INVENTION
[006] The present invention is a method, apparatus, application and system for accessing data on a distrusted data network, where at least a portion of the network includes a cellular data link. According to some embodiments of the present invention, there is provided a gatekeeper/server to mediate access between a client application and one or more server applications, where both client and server application may reside on a communication/computing device such as a desktop computer or mobile communication device. According to further embodiments of the present invention, a client application may also be a server application. A client/server application may reside on a communication/computing device such as a cellular phone, smart phone, personal computer or any other networked computing device.
[007] According to some embodiments of the present invention, the gatekeeper server may include or otherwise be functionally associated with an authentication module for authenticating a client device (i.e. a device running a client application) and for mediating communication sessions between a client application and one or more server applications. The gatekeeper server may authenticate a client application using any one or more authentication methods including: (1) usemame/password, (2) one or more digital certificates stored on the client device, (3) public/private key pairs, biometric data, and (5) hardware derived identification such as Subscriber Identity Module ("SIM") card or International Mobile Equipment Identity ("IMEI") derived data. The gatekeeper server may also authenticate a server application using any of the above mentioned methods. An application which authenticates itself to the gatekeeper as a server application may also be authenticated as a client application, and vice versa.
[008] Upon a device being successfully authenticated, the gatekeeper may register the device as part of a data sharing network. The gatekeeper may include one or more database containing: (1) connection information (e.g. current I. P address and port number) for each device connected to the data sharing network, (2) access rights to and from each device and/or application to each other device and/or shared content connected to the data sharing network, and (3) a list of content available for sharing on each device. According to some embodiments of the present invention, a device connecting to the data sharing network may provide/update the gatekeeper server with some or all of the above mentioned information. Each server application may provide the gatekeeper with an indication of access rights to be provided to a client device or to a group of client devices (e.g. all devices the server application has listed as "friends"). [009] A server application running on a device (e.g. cellphone or computer) may define one or more data storage areas on the device which contain data to be shared through the data sharing network according to some embodiments of the present invention. For example, the server application (which may be part of a combined server/client application) running on a cell phone may define a folder named "share with friends" on a removable media card as shareable. According to further embodiments of the present invention, the server application may also define access rights to content stored on the folder, either granting access (e.g. read) rights to all devices connected to the network, or restricting access to one or a group of identified devices. The server application made define multiple data storage areas, each containing different data and each having a different set of access rights. The server application may define access rights according to any methodology known today or to be devised in the future. [010] According to further embodiments of the present invention, a server application may provide a list of content/files stored in any of its shareable data storage areas to the gatekeeper server. The list of shareable content/files may either be viewable by only those client applications which have access rights to the content, or according to an alternative embodiments, the list of shareable content may also be viewable by all client applications, even those not having access rights. The gatekeeper server may include a search module to allowable client applications to search for specific content/files stored on network devices. The search module may provide a client application search results: (1) from only those server devices/applications to which the client has access rights, (2) all devices/applications connected to the network or gatekeeper, or (3) some hybrid combination of options (1) and (2). According some embodiments of the present invention, client applications/devices not having access rights to content on a given server application may request access from the given server application through the gatekeeper server.
[Oil] A client application (which may be part of a combined client/server application) may authenticate itself to the gatekeeper and may provide the gatekeeper with current network connection information (e.g. network I. P. address and port number). The client application may authenticate itself using hardware specific information including MAC address, SIM card derived data, or another other hardware specific data utilized today or to be used in the future. Authentication communication between a device and the gatekeeper may be encrypted according to any encryption method known today or to be devised in the future. The encryption key may be based on the data derived from the hardware of the device. [012] According to some embodiments of the present invention, some or all of the communication between the mobile device and the server application may be encrypted using a digital key specifically made for use in the current communication session
(session key). According to further embodiments of the present invention, the session key may be derived from the authentication token user to authenticate the mobile device.
[013] According to some embodiments of the present invention, an authenticated client may have regulated access to the gatekeeper's database of content. A client device/application according some embodiments of the present invention may include an interface to a search engine module on the gatekeeper server. The client device/application may also include an access rights request module to allow a client to request from a server access rights to content stored on the server.
[014] According to some embodiments of the present invention, a client application having access rights to a given server device/application may initiate a data transfer transaction directly with the server application/device (e.g. peer-to-peer data transfer).
Client to server authentication, however, may be mediated through the gatekeeper such that once a client/server device/application has authenticated itself to the gatekeeper it is not required to authenticate itself to other server application/devices - but rather the gatekeeper authenticates the client to the server. According to further embodiments of the present invention, transaction authorization may also be regulated by the gatekeeper based on access rights defined in the gatekeeper's database.
[015] According to some embodiments of the present invention, the gatekeeper server may keep a log of some or all of the authentication-related communication between the mobile device and itself. According to further embodiments of the present invention, the gatekeeper server may keep a log of some or all of the communication between the client application and the server application.
[016]
[017] In accordance with certain aspects of the present invention, there are provided a system for peer-to-peer communication and a method of operating thereof, the system comprising at least first computer and second computer operatively coupled in peer-to- peer connection, the first computer is configured to support a communication with one or more mobile devices assigned to one or more users via at least one wireless communication protocol selected from a group comprising, at least, GPRS, Bluetooth, Wi-Fi and Wi-Max protocols, said first computer being further coupled to a gatekeeper server, a third computer configured to store information related to the users and availability of one or more mobile devices and to exchange said information with the first computer, wherein the first computer is further configured to support an access of one or more mobile devices communicating with the first computer to at least one device selected from a group comprising the first computer, the second computer and one or more mobile devices communicating with the second computer, giving rise to peer-to- peer communicating mobile devices. The system may be further configured to support at least one application selected from a group comprising: a) voice communication between peer-to-peer communicating mobile devices; b) messaging between peer-to-peer communicating mobile devices; c) messaging between one or more mobile devices communicating with first computer and the first or the second computers; d) voice messaging between peer-to-peer communicating mobile devices; e) accessing and controlling the mobile devices communicating with the second computer by one or more mobile device communicating with first computer; f) searching and/or selecting and/or playing on one or more mobile devices communicating with the first computer a media items stored on one or more mobile devices communicating with the second computer.
[018] In accordance with further aspects of the present invention there are provided a system for peer-to-peer communication and a method of operating thereof, the system comprising at least first computer and second computer operatively coupled in peer-to- peer connection, the first computer is configured to support a communication with one or more mobile devices assigned to one or more users via at least one wireless communication protocol selected from a group comprising, at least, GPRS, Bluetooth, Wi-Fi and Wi-Max protocols, wherein the first computer is further configured to support an access of one or more mobile devices communicating with the first computer to at least one device selected from a group comprising the first computer and the second
computer. The system is further configured to support at least one application selected from a group comprising:
a) accessing and controlling the first computer and/or second computer from one or more mobile device communicating with first computer; b) searching and/or selecting and/or playing on one or more mobile devices communicating with the first computer a media items stored on the first computer and/or second computer; c) synchronizing between at least two devices data stored thereof, the devices are selected from a group comprising the first computer, a mobile device communicating with the first computer and the second computer, wherein said synchronization is managed via the mobile device; d) backing-up between at least two devices data stored thereof, the devices
are selected from a group comprising the first computer, a mobile device
communicating with the first computer and the second computer, wherein said synchronization is managed via the mobile device.
[019] In accordance with further aspects of the present invention there are provided a
system and a method of operating thereof, the system comprising at least first computer
configured to support communication with one or more mobile devices assigned to one
or more users via at least one wireless communication protocol selected from a group
comprising, at least, GPRS, Bluetooth, Wi-Fi and Wi-Max protocols, wherein the first computer is further configured to support at least one application selected from a group
comprising: a) accessing and controlling the first computer from one or more mobile device communicating with first computer; b) searching and/or selecting and/or playing on one or more mobile devices communicating with the first computer a media items stored on the first computer; c) synchronizing between the first computer and a mobile device communicating with the first computer data stored thereof, wherein said synchronization is managed via the mobile device; d) backing-up between first computer and a mobile device communicating with the first computer data stored thereof, wherein said backing-up is managed via the mobile device.
[020] In accordance with further aspects of the present invention, there are provided a method for peer-to-peer communication between at least first and second mobile devices capable to communicate via cellular network and a system thereof, the method comprising: a) providing communicating between the first mobile device to a first computer via at least one wireless communication protocol selected from a group comprising GPRS, Bluetooth, Wi-Fi and Wi-Max protocols; b) determining a second computer that is configured to support communication to the second mobile device; c) providing peer-to-peer communicating between the first computer and the second computer; and d) providing a communication between the second computer and the second mobile device via at least one wireless communication protocol selected from a group comprising GPRS, Bluetooth, Wi-Fi and Wi-Max protocols,
[021] whereby said communication does not utilize any cell of a cellular communication infrastructure. [022] In accordance with further aspects of the present invention, there are provided a system and a method of operating thereof, the system comprising at least first and second mobile devices configured to communicate directly via a wireless communication protocol selected from a group comprising, at least, GPRS, Bluetooth, Wi-Fi and Wi-Max protocols, wherein the first and the second mobile devices are further configured to support at least one application selected from a group comprising: a) accessing and controlling the first computer from one or more mobile device communicating with first computer; b) searching and/or selecting and/or playing on one or more mobile devices communicating with the first computer a media items stored on the first computer; c) synchronizing between the first computer and a mobile device communicating with the first computer data stored thereof, wherein said synchronization is managed via the mobile device; d) backing-up between first computer and a mobile device communicating with the first computer data stored thereof, wherein said backing-up is managed via the mobile device.
[023] Among advantages of certain aspects of the present invention is creating a virtual device (without physical connection) comprising one or more mobile devices and one or more computers sharing content (including documents, media items, applications, etc.) and functionalities. The capabilities of said virtual device include voice communication, messaging and voice messaging between mobile devices and between mobile devices and PC; access and control of local and remote PC from the mobile device, including search, and download; playing on mobile device media stored on PC, synchronizing and back up between two devices with control provided from mobile device mobile device, etc. BRIEF DESCRIPTION OF THE DRAWINGS [024] In order to understand the invention and to see how it may be carried out in practice, certain embodiments will now be described, by way of non-limiting example only, with reference to the accompanying drawings, in which:
[025] Fig. 1 illustrates a generalized functional diagram of network architecture supporting peer-to-peer communication in accordance with certain embodiments of the present invention.
[026] Fig. 2 illustrates a generalized functional diagram of network architecture supporting peer-to-peer communication in accordance with other embodiments of the present invention.
[027] Fig. 3 schematically illustrates implementation of Bluetooth protocol stack in accordance with certain embodiments of the present invention.
[028] Fig. 4 schematically illustrates communication between two Bluetooth enabled devices in accordance with certain embodiments of the present invention.
[029] Fig. 5 illustrates a generalized flow sequence diagram of connecting and registering a mobile device in accordance with certain embodiments of the present invention.
[030] Fig. 6 illustrates a generalized flow sequence diagram of peer-to-peer messaging between two mobile devices in accordance with certain embodiments of the present invention.
[031] Fig. 7 illustrates a generalized data flow diagram of handling incoming communication requests in accordance with certain embodiments of the present invention.
[032] Fig. 8 illustrates a generalized flow diagram of application decisions when handling a message in accordance with certain embodiments of the present invention.
[033] Fig. 9 illustrates a generalized data flow diagram of incoming peer connection from RAP to LAP in accordance with certain embodiments of the present invention. [034] Fig. 10 illustrates a generalized flow diagram of SDP process and connection sequence in accordance with certain embodiments of the present invention.
[035] Fig. 11 schematically illustrates a push registry API as known in the prior art.
[036] Fig. 12 schematically illustrates a system layer above push registry API in accordance with certain embodiments of the present invention.
[037] Fig. 13 illustrates a generalized data flow diagram of activating a mobile application using mobile device's push registry in accordance with certain embodiments of the present invention.
[038] Fig. 14 illustrates a generalized data flow diagram of action sequence and flow control when exchanging content between mobile devices and/or between mobile and
LAP devices in accordance with certain embodiments of the present invention.
[039] Fig. 15 illustrates a generalized data flow diagram of media streaming in accordance with certain embodiments of the present invention.
[040] Fig. 16 illustrates a generalized sequence flow diagram of voice streaming communication between two mobile device connected to different LAPs in accordance with certain embodiments of the present invention.
[041] Fig. 17 illustrates a generalized data flow diagram of action sequence and flow control when exchanging content between mobile devices and/or between mobile device without accessing LAP devices, but by connecting directly mobile to mobile using
Bluetooth connection protocol. in accordance with certain embodiments of the present invention.
[042] Figs. 18-1 - 18-18 illustrate exemplary screenshots during communication process in accordance with certain embodiments of the present invention.
[043] Fig. 19 illustrates a generalized functional diagram of network architecture supporting peer-to-peer communication in accordance with some embodiments of the present invention. [044] Fig. 20 illustrates a generalized functional diagram of network architecture supporting peer-to-peer communication in accordance with some embodiments of the present invention.
[045] Fig. 21 illustrates a generalized functional diagram of network architecture supporting peer-to-peer communication in accordance with some embodiments of the present invention.
[046] Fig. 22 illustrates a generalized functional diagram of network architecture supporting peer-to-peer communication in accordance with some embodiments of the present invention.
[047] Fig. 23 is a block diagram illustrating the logical building blocks of a gatekeeper server in accordance with some embodiments of the present invention.
[048] Fig. 24 is a flowchart illustrating a mobile device authentication process in accordance with some embodiments of the present invention.
[049] Fig. 25 is a flowchart illustrating the process by which a mobile device connects to a server application from the viewpoint of the mobile device in accordance with some embodiments of the present invention.
[050] Fig. 26 is a flowchart illustrating the process by which a mobile device connects to a server application from the viewpoint of the gatekeeper server in accordance with some embodiments of the present invention.
DETAILED DESCRIPTION OF EXEMPLARY EMBODIMENTS
[051] In the following detailed description, numerous specific details are set forth in order to provide a thorough understanding of the invention. However, it will be understood by those skilled in the art that the present invention may be practiced without these specific details. In other instances, well-known methods, procedures, components and circuits have not been described in detail so as not to obscure the present invention. [052] Unless specifically stated otherwise, as apparent from the following discussions, it is appreciated that throughout the specification discussions utilizing terms such as "processing", "computing", "calculating", "determining", or the like, refer to the action and/or processes of a computer or computing system, or processor or similar electronic computing device, that manipulate and/or transform data represented as physical, such as electronic, quantities within the computing system's registers and/or memories into other data, similarly represented as physical quantities within the computing system's memories, registers or other such information storage, transmission or display devices. [053] Embodiments of the present invention may use terms such as, processor, computer, apparatus, system, sub-system, module, unit, device (in single or plural form) for performing the operations herein. This may be specially constructed for the desired purposes, or it may comprise a general purpose computer selectively activated or reconfigured by a computer program stored in the computer. Such a computer program may be stored in a computer readable storage medium, such as, but not limited to, any type of disk including floppy disks, optical disks, CD-ROMs, Disk-on-Key, smart cards (e.g. SIM, chip cards, etc.), magnetic-optical disks, read-only memories (ROMs), random access memories (RAMs), electrically programmable read-only memories (EPROMs), electrically erasable and programmable read only memories (EEPROMs)1 magnetic or optical cards, or any other type of media suitable for storing electronic instructions capable of being conveyed via a computer system bus. [054] The processes/devices presented herein are not inherently related to any particular electronic component or other apparatus, unless specifically stated otherwise. Various general purpose components may be used in accordance with the teachings herein, or it may prove convenient to construct a more specialized apparatus to perform the desired method. The desired structure for a variety of these systems will appear from the description below. In addition, embodiments of the present invention are not described with reference to any particular programming language. It will be appreciated that a variety of programming languages may be used to implement the teachings of the inventions as described herein.
[055] The present invention is a method, apparatus, application and system for accessing data on a distrusted data network, where at least a portion of the network includes a cellular data link. According to some embodiments of the present invention, there is provided a gatekeeper/server to mediate access between a client application and one or more server applications, where both client and server application may reside on a communication/computing device such as a desktop computer or mobile communication device. According to further embodiments of the present invention, a client application may also be a server application. A client/server application may reside on a communication/computing device such as a cellular phone, smart phone, personal computer or any other networked computing device.
[056] According to some embodiments of the present invention, the gatekeeper server may include or otherwise be functionally associated with an authentication module for authenticating a client device (i.e. a device running a client application) and for mediating communication sessions between a client application and one or more server applications. The gatekeeper server may authenticate a client application using any one or more authentication methods including: (1) usemame/password, (2) one or more digital certificates stored on the client device, (3) public/private key pairs, biometric data, and (5) hardware derived identification such as Subscriber Identity Module ("SIM") card or International Mobile Equipment Identity ("IMEI") derived data. The gatekeeper server may also authenticate a server application using any of the above mentioned methods. An application which authenticates itself to the gatekeeper as a server application may also be authenticated as a client application, and vice versa.
[057] Upon a device being successfully authenticated, the gatekeeper may register the device as part of a data sharing network. The gatekeeper may include one or more database containing: (1) connection information (e.g. current IP address and port number) for each device connected to the data sharing network, (2) access rights to and from each device and/or application to each other device and/or shared content connected to the data sharing network, and (3) a list of content available for sharing on each device. According to some embodiments of the present invention, a device connecting to the data sharing network may provide/update the gatekeeper server with some or all of the above mentioned information. Each server application may provide the gatekeeper with an indication of access rights to be provided to a client device or to a group of client devices (e.g. all devices the server application has listed as "friends"). [058] A server application running on a device (e.g. cellphone or computer) may define one or more data storage areas on the device which contain data to be shared through the data sharing network according to some embodiments of the present invention. For example, the server application (which may be part of a combined server/client application) running on a cell phone may define a folder named "share with friends" on a removable media card as shareable. According to further embodiments of the present invention, the server application may also define access rights to content stored on the folder, either granting access (e.g. read) rights to all devices connected to the network, or restricting access to one or a group of identified devices. The server application made define multiple data storage areas, each containing different data and each having a different set of access rights. The server application may define access rights according to any methodology known today or to be devised in the future. [059] According to further embodiments of the present invention, a server application may provide a list of content/files stored in any of its shareable data storage areas to the gatekeeper server. The list of shareable content/files may either be viewable by only those client applications which have access rights to the content, or according to an alternative embodiments, the list of shareable content may also be viewable by all client applications, even those not having access rights. The gatekeeper server may include a search module to allowable client applications to search for specific content/files stored on network devices. The search module may provide a client application search results: (1) from only those server devices/applications to which the client has access rights, (2) all devices/applications connected to the network or gatekeeper, or (3) some hybrid combination of options (1) and (2). According some embodiments of the present invention, client applications/devices not having access rights to content on a given server application may request access from the given server application through the gatekeeper server.
[060] A client application (which may be part of a combined client/server application) may authenticate itself to the gatekeeper and may provide the gatekeeper with current network connection information (e.g. network I. P. address and port number). The client application may authenticate itself using hardware specific information including MAC address, SIM card derived data, or another other hardware specific data utilized today or to be used in the future. Authentication communication between a device and the gatekeeper may be encrypted according to any encryption method known today or to be devised in the future. The encryption key may be based on the data derived from the hardware of the device.
[061] According to some embodiments of the present invention, some or all of the communication between the mobile device and the server application may be encrypted using a digital key specifically made for use in the current communication session (session key). According to further embodiments of the present invention, the session key may be derived from the authentication token user to authenticate the mobile device.
[062] According to some embodiments of the present invention, an authenticated client may have regulated access to the gatekeeper's database of content. A client device/application according some embodiments of the present invention may include an interface to a search engine module on the gatekeeper server. The client device/application may also include an access rights request module to allow a client to request from a server access rights to content stored on the server. [063] According to some embodiments of the present invention, a client application having access rights to a given server device/application may initiate a data transfer transaction directly with the server application/device (e.g. peer-to-peer data transfer). Client to server authentication, however, may be mediated through the gatekeeper such that once a client/server device/application has authenticated itself to the gatekeeper it is not required to authenticate itself to other server application/devices - but rather the gatekeeper authenticates the client to the server. According to further embodiments of the present invention, transaction authorization may also be regulated by the gatekeeper based on access rights defined in the gatekeeper's database. [064] According to some embodiments of the present invention, the gatekeeper server may keep a log of some or all of the authentication-related communication between the mobile device and itself. According to further embodiments of the present invention, the gatekeeper server may keep a log of some or all of the communication between the client application and the server application.
[065] The term "mobile device" used in this patent specification should be expansively construed to include any kind of mobile device with communication capabilities, including those adapted for coupling with data, video and/or multimedia terminals. The mobile devices include cellular phones, personal and other computers, pagers, radio telephones, cordless telephones, dedicated data units (e.g. PDA), Global Positioning System (GPS) devices, TV-remote control devices, wireless information devices, etc. [066] The references cited in the background teach many principles of integrated messaging services that are applicable to the present invention. Therefore the full contents of these publications are incorporated by reference herein where appropriate for appropriate teachings of additional or alternative details, features and/or technical background. [067] Bearing this in mind, attention is drawn to Fig. 1 illustrating a generalized functional diagram of network architecture supporting peer-to-peer communication in accordance with certain embodiments of the present invention.
[068] A mobile device A is connected to a local access point A (LAP-A) via a wireless short range protocol as Bluetooth and alike within the proximity of the protocol range. The protocol range depends on the device class. For example in Bluetooth devices with Class 3 radio have a range of up to 1 meter, devices with Class 2 radios have a range of 10 meters, and devices with Class 1 radio have a range of 100 meters. Similar, a mobile device B is connected to a local access point B (LAP-B), said LAP-B being remote access point (RAP) for the mobile device A. The LAP-A is connected peer-to- peer to one or more remote access points (LAB-B in Fig. 1) using TCP/IP, UDP/IP or other standard protocols over Internet. The access points are operatively coupled to at least one data server (DS). The data server serves as LAP router and users database comprising users-related information and may be deployed, for example, at world locations at ISPs. The users-related information comprises a real time information about online/offline users, and the data server is configured to provide functions of a presence server. The DS is also configured to server as a messaging mail box for users that are not online. In certain embodiments of the invention the DS is also configured to find and selected a RAP in accordance with user's needs/request (e.g. RAP corresponding to user's home/office PC while the user is out of the office, etc.).
[069] Referring to Fig. 2, there is illustrated another certain embodiments of the present invention similar to the embodiments illustrated in Fig. 1 wherein connection between one or more mobile devices and one or more access points is provided, however, with the help of a wireless protocol as WϊMax, Wi-Fi, and alike. [070] For purpose of illustration only, the following description is made with respect to Bluetooth protocol. It should be noted that the invention is not bound by this protocol and is, likewise, applicable to any other wireless protocol supporting data and/or voice communication between both mobile and stationary devices.
[071] The mobile devices illustrated in Figs. 1 and 2 are configured to run a mobile application in accordance with certain embodiments of the present invention as will be further detailed with reference to Figs. 3-18. The access points may facilitate peer-to- peer (P2P) communications between mobile devices connected to the same or different access point. Thus, the disclosed in Figs. 1 and 2 network architecture facilitates creating virtual peer-to-peer connection between mobile devices connected to access points having permanent peer-to-peer connection. This virtual P2P connection enabled users to exchange messaging, files, media objects, conduct voice conversation and other communication using their mobile devices.
[072] The mobile application being installed on the mobile device facilitates the following functionality:
Voice communications
Messaging communications.
Content sharing
Backup and synchronization
Remote PC control
Remote mobile peers status ( online / offline e.t.c...).
[073] The PC Agent application, being installed, turns a personal computer into an access point for the mobile device running the mobile application installed on it. An access point may serve as a LAP for mobile devices within its proximity and as a RAP for other mobile devices and access points. The PC agent supports information transfer between LAP and mobile device(s), between LAP and one or more RAPs, and between LAP and DS. The PC agent also supports the following functions:
Media streaming to mobile devices.
Basic registration and update capabilities. Bluetooth discovery agent.
Data server ( DS ) access and online/offline status updates for mobile devices.
Help topics and troubleshooter.
[074] In accordance with certain embodiments of the present invention, the PC agent supports the following: a. Connecting to DS over TCP/IP in order to notify online/offline status, to retrieve other LAPs status and addresses and/or to send data to be stored. b. Establishing connection to a mobile device over Bluetooth in order to send/receive data and different sets of commands for execution. c. Establishing P2P connection with RAP for a purpose to transfer data. [075] For service enabling, the mobile device shall be registered in the database provided with a unique identifier (e.g. a number of a cellular phone assigned to the subscriber combined with area code and country code).
[076] As will be further detailed, in order to facilitate voice quality and low latency, the PC agent application level may comprise bandwidth reservation for voice communication using Packet Scheduler application and voice packet tagging as a high priority packet in order of ISP's routers forward those packets before forwarding other data packets that have lower or no class tagging.
[077] In certain embodiments of the invention PC application implements Bluetooth stack application layer for device discovery and connection, and "sliding window" algorithm for optimizing bandwidth control and data transfer performance. [078] The term "Packet Scheduler" used in this patent specification should be expansively construed to include any function at the network protocol level allocating bandwidth to competing online connections, e.g. by determining how many packets are handed to each connection (each flow) at a given time. A packet scheduler may operate based on observing the packet flows from the applications, by request from a quality of service (QoS) related protocol (e.g. RSVP or Diffserv), etc.
[079] The term "sliding window algorithm" used in this patent specification should be expansively construed to include a method of flow control for network data transfers by placing a buffer between the application program and the network data flow (e.g. as it implemented in TCP protocol). Data received from the network is stored in the buffer, from whence the application can read at its own pace. As the application reads data, buffer space is freed up to accept more input from the network. The window is the amount of data that can be "read ahead" - the size of the buffer, less the amount of valid data stored in it. Window announcements are used to inform the remote host of the current window size. For example, if the local application can't process data fast enough, the window size will drop to zero and the remote host will stop sending data. After the local application has processed some of the queued data, the window size rises, and the remote host starts transmitting again.
[080] A mobile application installed on the mobile device implements at least one of the following standard Java specification requests:
JSR-75, JSR - 82, JSR-118, JSR - 120, JSR-135, JSR-184.
[081] In accordance with certain embodiments of the invention, the Bluetooth-based connection may be initiated in at least 2 cases:
[082] connection initiated from LAP to mobile device as a result of incoming message with mobile device address as an addressee , and [083] the second one is connection initiation from the mobile device to LAP. [084] Upon connection a handshake will be conducted between two connected devices in order to verify that they can talk with each other. Handshake and other data transfer will be conducted using proprietary protocol implemented over the Bluetooth RFCOMM and TCP/IP or UDP/IP standard protocols as further illustrated with reference to Figs. 2 and 3. [085] Fig. 3 schematically illustrates an implementation of Bluetooth protocol stack. In accordance with certain embodiments of the present invention the Bluetooth protocol stack is modified to include proprietary application layer responsible for communication between the mobile device and the LAP.
[086] Fig. 4 schematically illustrates communication between two Bluetooth enabled devices (e.g. mobile device and LAP). A peer mobile software layer (PMSL) runs on top of the Bluetooth stack and provides communication layer for applications. [087] Fig. 5 illustrates a generalized flow sequence diagram of connecting and registering a mobile device in accordance with certain embodiments of the present invention. During connecting process the mobile device A connects via Bluetooth protocol to LAP A; LAP A connects to Data Server (DS); and DS registers the mobile device as online and updates database table accordingly.
[088] Fig. 6 illustrates a generalized flow sequence diagram of peer-to-peer messaging between two mobile devices in accordance with certain embodiments of the present invention. The diagram describes communication and command sequence during sending message from a mobile device to other mobile device , including DS query and LAP to RAP P2P connection and data exchange. Sending a message from Mobile 'A' to Mobile 'B' comprises the following steps:
1. Mobile 'A send message to LAP 'A' with destination 'B' as parameter.
2. LAP 1A1 quires DS about address of "B'.
3. DS returns to LAP 1A' a address of 'B' .
4. LAP !A transfers message to remote access point ( RAP ) 'B'.
5. RAP 'B' forwards message from LAP 'A' to Mobile 'B'.
[089] Fig. 7 illustrates incoming communication requests from RAP. and handling those request by the LAP.
[090] Fig. 8 illustrates a generalized flow diagram of application decisions when handling a message in accordance with certain embodiments of the present invention. The diagram includes creating and sending messages and also a flow that describes flow sequence upon receiving new message notification.
[091] Fig. 9 illustrates a generalized data flow diagram of incoming peer connection from RAP to LAP including protocol handshake and connection validations. The process comprises the following steps:
1. LAP Listener receives connection request.
2. LAP validates incoming request
3. In case the request is valid , it adds it to the PEER container.
[092] Fig. 10 illustrates a generalized flow diagram of SDP (Service Discovery Protocol) process and connection sequence in accordance with certain embodiments of the present invention. In Bluetooth the SDP defines how a client application acts to discover an available Bluetooth enabled server services and characteristics. SDP provides means for the discovery of new services becoming available when the client enters an area where a Bluetooth enabled server is operating. SDP also provides functionality for detecting when a service is no longer available. SDP defines a service as any feature that is usable by another Bluetooth device. A single Bluetooth enabled device can be both a server and a client of services. An SDP client communicates with an SDP server using a reserved channel on an L2CAP link to find out what services are available. When the client finds the desired service, it requests a separate connection to use the service. The reserved channel is dedicated to SDP communication so that a device always knows how to connect to the SDP service on any other device. An SDP server maintains its own SDP database, which is a set of service records that describe the services the server offers. Along with information describing how a client can connect to the service, the service record contains the service's UUID1 or universally unique identifier. The diagram illustrates LAP Bluetooth SDP process application layer and Bluetooth connection sequence to the discovered mobile devices, including connection validation and handshake protocol. Those versed in the art will readily appreciate that the application layer may operate in a similar manner on a top of another service discovery protocol (e.g. disclosed in Wi-Fi, Wi-Max, GPRS and other wireless communication standards.)
[093] Fig. 11 schematically illustrates a push registry API as known in the prior art.
[094] The push registry API that is a part of MIDP 2.0 classes and described by the following source: Enrique Ortiz, Director of Engineering, Mobile Application, Aligo Inc. and published on January 2003 at developers.sun.com forum.
[095] Fig. 12 schematically illustrates a system layer above push registry API in accordance with certain embodiments of the present invention. Illustrated proprietary system layer implementation above the standard PUSH REGISTRY API, that represents registration visualization into the implemented push registry mechanism in the mobile device.
[096] Fig. 13 illustrates a generalized data flow diagram of activating a mobile application using mobile device's push registry in accordance with certain embodiments of the present invention. Data flow diagram represents steps which are being taken when incoming connection is activating mobile application using mobile device's push registry. This implies that the application has registered itself into the push registry with a specific request to be awaken when an appropriate connection arrives.
[097] Fig. 14 illustrates a generalized data flow diagram of action sequence and flow control when exchanging content between mobile devices and/or between mobile and
LAP devices in accordance with certain embodiments of the present invention. The diagram represents action sequence and flow control in case of exchanging and controlling content from mobile on both mobile and LAP devices. It includes possible decision variations during the represented flow.
[098] Fig. 15 illustrates a generalized data flow diagram of media streaming in accordance with certain embodiments of the present invention. The diagram includes
LAP access description and Bluetooth connection points during the streaming. [099] Fig. 16 illustrates a generalized sequence flow diagram of voice streaming communication between two Mobile device connected to different LAPs in accordance with certain embodiments of the present invention. Quality of Service ( QOS ) packet scheduling is being implemented on LAP application layer in order to reduce packet latency between two peers.
[0100] Fig. 17 Sequence flow that represents direct Mobile to Mobile Bluetooth connection and communication. Mobile application will be able to connect directly to another mobile application in a proximity of a Bluetooth range. Once connected Mobile devices will be able to exchange messages .files and multimedia.
[0101] Figs. 18-1 - 18-18 illustrate exemplary screenshots during communication process in accordance with certain embodiments of the present invention [0102] FIG 18.1 through 18.11 represents sending message to user in the contact list flow, that is implemented by the mobile applet and located on the mobile device. [0103] FIG 18.1 main application screens with following functionality possibilities:
Messages
File Sharing
Manage PC
Contacts
Settings
About
[0104] FIG 18.2 shows choosing "Messages" function from the main screen. [0105] FIG 18.3 and 18.4 show menu screen under the "Messages" submenu.
New Message
Voice Message
Inbox
Sent Messages Saved Messages.
Settings
Delete Messages
[0106] FIG 18.5 shows choosing "New Message" submenu from the "Messages" main menu.
[0107] FIG 18.6 shows message editor after choosing "New Message" at FIG 11.4. [0108] FIG 18.7 shows message editor after text input has been received from device's input keyboard.
[0109] FIG 18.8 describes continue of the flow after choosing "Send" from FIG 11.6, the result is a message destination screen with 3 possible function variations :
Enter Destination Phone Number.
Choose "Phone Book" and select a contact from the phone book.
Send to Group.
[0110] FIG 18.9 shows a contact screen as a result of the "Phone Book" selection at FIG 18.8. In FIG 18.9 shows users that are in mobile device's contact list along with a status of each user (offline/online).
[0111] FIG 18.10 show a result of a selection made at FIG 11.8 with a details of a chosen addressee.
[0112] FIG 18.11 show the result of a "Send" selection that was chosen at FIG 11.9 [0113] FIG 18.12 through 18.18 represents function flow of sharing file from mobile device to other mobile device. [0114] FIG 18.12 main application screens with following functionality possibilities:
Messages
File Sharing
Manage PC
Contacts
Settings About.
[0115] FIG 18.13 is a screen shot that represents flow result of selecting "File Sharing" from menu shown at the FIG 11.0. This screen contains the following possible file types to send:
Images
Video
Music
Ring tones
[0116] FIG 18.4 is an image select screen that shows available image files to share. Reaching this screen is a result of selecting "Images" from the menu described at FIG 18.13.
[0117] FIG 18.15 describes continue of the flow after choosing "Select" from FIG 18.14, the result is a file destination screen with 3 possible function variations :
Enter Destination Phone Number.
Choose "Phone Book" and select a contact from the phone book.
Send to Group.
[0118] FIG 18.16 shows a contact screen as a result of the "Phone Book" selection at FIG 11.3. FIG 18.16 visualizes users that are in mobile device's contact list along with a status of each user (offline/online).
[0119] FIG 18.17 show a result of a selection made at FIG 18.16 with a details of a chosen addressee.
[0120] FIG 18.18 show the result of a "Send" selection that was chosen at FIG 18.17 [0121] Reference is now made to Fig. 19, which is a generalized functional diagram of network architecture supporting peer-to-peer communication in accordance with some embodiments of the present invention. According to some embodiments of the present invention, the mobile device may use hardware-derived authentication data for authentication vis-a-vis the gatekeeper server. [0122] Reference is now made to Fig. 20, which is a generalized functional diagram of network architecture supporting peer-to-peer communication in accordance with some embodiments of the present invention. According to some embodiments of the present invention, an IP-enabled client mobile device A may connect directly to the LAP B and through it create a virtual connection to the server application on mobile device B. [0123] Reference is now made to Fig. 21, which is a generalized functional diagram of network architecture supporting peer-to-peer communication in accordance with some embodiments of the present invention. According to some embodiments of the present invention, an IP-enabled client mobile device A may request the gatekeeper server to route communication between itself and the LAP B, and through it create a virtual connection to the server application on mobile device B.
[0124] Reference is now made to Fig. 22, which is a generalized functional diagram of network architecture supporting peer-to-peer communication in accordance with some embodiments of the present invention. According to some embodiments of the present invention, an IP-enabled client mobile device A may connect directly to to the server application on an IP-enabled mobile device B.
[0125] Reference is now made to Fig. 24, which is a flowchart illustrating a mobile device authentication process in accordance with some embodiments of the present invention. According to some embodiments of the present invention, a mobile device client may initiate a session with the gatekeeper server (step 2000), and sends it a generated authentication token (step 2100). Should the authentication fail, the client may attempt an alternative authentication method (step 2400). If the authentication process succeeds, the mobile device may connect to the gatekeeper and shared content (step 2600), otherwise it may be disconnected (step 2700). [0126] Reference is now made to Fig. 25, which is a flowchart illustrating the process by which a mobile device connects to a server application from the viewpoint of the mobile device in accordance with some embodiments of the present invention. According to some embodiments of the present invention, a mobile device client may connect to a gatekeeper server (step 3000) and attempt authentication (step 3100). if the authentication succeed, the mobile device may request a list of available shared content (step 3300); should it fail, the mobile device may be disconnected (step 3400). After receivinig the list (step 3500), the mobile device may then connect the any available server application (step 3600).
[0127] Reference is now made to Fig. 26, which is a flowchart illustrating the process by which a mobile device connects to a server application from the viewpoint of the gatekeeper server in accordance with some embodiments of the present invention. According to some embodiments of the present invention, the gatekeeper server may accept a connection from a mobile client (step 4000). If the authenticaion (step 4100) succeeds, the gatekeeper checks the avialable content and access rights databases for available content for which mobile device has view rights (step 4300), and sends the resulting list to the mobile device (step 4500). The mobile device then requests a connection to a server application (step 4600), which the gatekeeper server may have to mediate in case a direct connection is impossible (step 4700). [0128] Certain embodiments of the present invention enable at least one of the following applications: voice communication, wherein the mobile device connected to LAP using Bluetooth protocol is enabled to send and receive voice packets using proprietary protocol created on top of the Bluetooth protocol; mobile to LAP access functionality, wherein the mobile device connected to LAP is enabled to control and transfer data from/to both devices (mobile and LAP ) by using implemented command set protocol. Mobile device may contains a "mirror image" of LAP file system and allow to send or receive content from or to LAP; file search from mobile handsets, wherein search mechanism may be implemented for search from the mobile device within a content stored at LAP and/or one or more RAPs and/or other mobile devices. The search result may be displayed on the mobile device screen with a variety of possible actions to perform on the search result (upload , pull , download , send, etc.). The mobile device is served as search initiation point; remote PC access from the mobile device, wherein installation of PC agent on users personal computer enables to use the computer as LAP, thus providing remote access to the computer form the mobile device. In a similar manner the mobile device may be used to access remote PC configured as RAP and manage files thereof; media streaming - a media stored on LAP may be played at the mobile device. Moreover, the mobile device may access LAP/RAP as described above and select a file or list of files for streaming to mobile device. Once the stream begins, mobile device starts buffering and playing it. After the media is played it may be deleted from the mobile device thus saving memory on mobile handset; synchronize and back up data between PC and mobile device, wherein functionality control is being conducted from the mobile device without need to be located at the LAP physically; messaging application comprising exchange by text, graphical and/or multimedia messages between mobile device (one-to-one and/or one-to-many), wherein the application layer supports at least message creation (e.g. with a help of JSR-120), accessing contact list (e.g. with a help of JSR-75) and connecting to LAP (e.g. with a help of JSR-82).
Voice Messages - after a voice message is recorded on the mobile device (e.g. using JSR-135), the mobile device connects to LAP (e.g. using JSR-82) and sends recorded messages to a contact (e.g. extracted from the contact list using JSR-75). [0129] It is to be understood that the invention is not limited in its application to the details set forth in the description contained herein or illustrated in the drawings. The invention is capable of other embodiments and of being practiced and carried out in various ways. Hence, it is to be understood that the phraseology and terminology employed herein are for the purpose of description and should not be regarded as limiting. As such, those skilled in the art will appreciate that the concept upon which this disclosure is based may readily be utilized as a basis for designing other structures, methods, and systems for carrying out the several purposes of the present invention. [0130] It will also be understood that the system according to the invention may be a suitably programmed computer. Likewise, the invention contemplates a computer program being readable by a computer for executing the method of the invention. The invention further contemplates a machine-readable memory tangibly embodying a program of instructions executable by the machine for executing the method of the invention.
[0131] Those skilled in the art will readily appreciate that various modifications and changes can be applied to the embodiments of the invention as hereinbefore described without departing from its scope, defined in and by the appended claims.

Claims

What is claimed:
1. A gatekeeper server comprising: an authentication module adapted to authenticate a device; an access rights database adapted to store access rights of the authenticated device with respect to one or more other devices functionally associated with the gatekeeper; a searchable content database including a list of content stored on the one or more other devices functionally associated with the gatekeeper; and wherein said authentication module is further adapted to mediate data transfer between the authenticated device and another device to which the authenticated device has access rights.
2. The server according to claim 1 , wherein the authentication module uses a token derived from device-specific identification to authenticate the mobile device.
3. The server according to claim 1, further comprising an encryption engine adapted to encrypt communication between the authenticated device and the gatekeeper server.
4. The server according to claim 3, wherein said encryption engine is further adapted to encrypt communication between the gatekeeper server and other devices with which the gatekeeper server communicates.
5. The server according to claim 1, wherein said authentication module is further adapted to authenticate a client application to a server application.
6. A method of facilitating peer-to-peer communication comprising: authenticating a client device with a gatekeeper server; determining access rights of the authenticated device with respect to one or more other devices functionally associated with the gatekeeper; providing access to a content database including a list of content stored on the one or more other devices functionally associated with the gatekeeper; and mediating data transfer between the authenticated device and another device to which the authenticated device has access rights.
7. The method according to claim 6, wherein the authentication uses a token derived from device-specific identification to authenticate the mobile device.
8. The method according to claim 6, further comprising encryption of communication between the authenticated device and the gatekeeper server.
9. The method according to claim 8, further comprising encryption of communication between the gatekeeper server and other devices with which the gatekeeper server communicates.
10. The method according to claim 6, further comprising authenticating a client device to a server device.
11.A communication device comprising: a controller adapted to: (1) authenticate said device with a gatekeeper server, searching a content database including a list of content stored on the one or more other devices functionally associated with the gatekeeper, and triggering the gatekeeper server to mediate data transfer between the authenticated device and another device to which the authenticated device has access rights.
12. The device according to claim 11 , wherein a token derived from device-specific identification is used to authenticate said device.
13. The device according to claim 11 , further comprising an encryption engine adapted to encrypt communication between said device and the gatekeeper server.
14. The device according to claim 13, wherein said encryption engine is further adapted to encrypt communication between said device and other devices with which the gatekeeper server is functionally associated.
PCT/IL2007/001038 2006-08-21 2007-08-21 A method and system for peer-to-peer communication WO2008023366A2 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US83887106P 2006-08-21 2006-08-21
US60/838,871 2006-08-21

Publications (2)

Publication Number Publication Date
WO2008023366A2 true WO2008023366A2 (en) 2008-02-28
WO2008023366A3 WO2008023366A3 (en) 2009-05-07

Family

ID=39107205

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/IL2007/001038 WO2008023366A2 (en) 2006-08-21 2007-08-21 A method and system for peer-to-peer communication

Country Status (1)

Country Link
WO (1) WO2008023366A2 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8990411B2 (en) 2010-04-22 2015-03-24 Microsoft Technology Licensing, Llc Dynamic connection management on mobile peer devices
EP2837239A4 (en) * 2012-07-18 2016-04-06 Viber Media S A R L VVoIP CALL TRANSFER

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030014521A1 (en) * 2001-06-28 2003-01-16 Jeremy Elson Open platform architecture for shared resource access management
US20040249846A1 (en) * 2000-08-22 2004-12-09 Stephen Randall Database for use with a wireless information device

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040249846A1 (en) * 2000-08-22 2004-12-09 Stephen Randall Database for use with a wireless information device
US20030014521A1 (en) * 2001-06-28 2003-01-16 Jeremy Elson Open platform architecture for shared resource access management

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8990411B2 (en) 2010-04-22 2015-03-24 Microsoft Technology Licensing, Llc Dynamic connection management on mobile peer devices
EP2837239A4 (en) * 2012-07-18 2016-04-06 Viber Media S A R L VVoIP CALL TRANSFER

Also Published As

Publication number Publication date
WO2008023366A3 (en) 2009-05-07

Similar Documents

Publication Publication Date Title
KR101967972B1 (en) Answering a call with client through a host
US7936734B2 (en) Portable cellular enhancer
EP3150022B1 (en) Client applications communicating via a user tunnel
RU2357375C2 (en) System and method for acknowledgment between wireless devices and servers
US8958559B2 (en) System and method for secure instant messaging
US8091116B2 (en) Communication system and method
US20130339464A1 (en) Contact and identity management in a heterogeneous network with disparate clients
JP4796754B2 (en) Network connection system and network connection method
US20130290494A1 (en) Session management for communication in a heterogeneous network
US9210729B2 (en) Communication system and method
EP1737204A2 (en) Network equipment for supplying control software modules to mobile terminals
US7433344B2 (en) Mobile communication system and method for providing real time messenger service among mobile communication terminals
EP1737260A2 (en) Multimode mobile terminal with automatic selection of radio access network interface
WO2008019597A1 (en) Short distance wireless communication system and method for accessing instant messenger
CN105681260B (en) Transmit method, converged communication platform, transmitting terminal and the system of cloud storage file
WO2004102996A1 (en) A device, system, method and computer readable medium for fast recovery of ip address change
EP2640045A1 (en) Method and System for Transferring Mobile Device Contact Information
US20080133723A1 (en) Extended home service apparatus and method for providing extended home service on p2p networks
CN116528397B (en) Method and device for realizing 5G (fourth generation) dual-domain private network and 5G dual-domain private network system
US20020168962A1 (en) Customized service providing scheme
JP2002290509A (en) Communication system for electronic equipment, mobile wireless radio, electronic equipment, and computer program
US8396469B2 (en) Association of a mobile user identifier and a radio identifier of a mobile phone
WO2008023366A2 (en) A method and system for peer-to-peer communication
EP2034699A2 (en) Method and apparatus for supporting interactions between a user and peers
KR101258508B1 (en) Common path accessing system based on terminal identification and method thereof

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 07805498

Country of ref document: EP

Kind code of ref document: A2

NENP Non-entry into the national phase

Ref country code: DE

NENP Non-entry into the national phase

Ref country code: RU

122 Ep: pct application non-entry in european phase

Ref document number: 07805498

Country of ref document: EP

Kind code of ref document: A2