US 10,028,144 B2
SECURITY TECHNIQUES FOR DEVICE ASSISTED SERVICESGeneral
US 10,028,144 B2
SECURITY TECHNIQUES FOR DEVICE ASSISTED SERVICES
Tech Center:
3600 Transportation, Construction, Electronic Commerce, Agriculture, National Security and License and Review
Examiner:
Andrew Joseph Rudy
Art Unit:
3687 Business Methods — Incentive Programs, Coupons; Electronic Shopping; Business Cryptography, Voting; Health Care; Point of Sale, Inventory, Accounting; Business Processing, Electronic Negotiation
Agent:
James E. Harris
Inventors:
Gregory G. Raleigh
Assignee:
Priority:
03/02/09
Filed:
11/20/15
Granted:
07/17/18
Expiration:
03/02/30
Abstract
A wireless end-user device has a wireless wide-area network (WWAN) modem and multiple execution environments. Applications execute in an application execution partition. A kernel execution partition executes processes for classifying, by application, traffic passing between the WWAN modem and the applications, measuring per-application traffic, and applying per-application traffic policies to the traffic. A separate protected execution partition contains agents to receive the traffic measurements, configure the traffic policies, and securely communicate with a network service controller. Low-level traffic measurement and control is advantageously and efficiently performed in the kernel, while the traffic-management processes that interface with the kernel are separately secured to resist hacking.
Cooperative Patent Classification (CPC)
G06G06Q10/06315G06F15/177G06QH04W72/0453H04L41/5003H04M2215/0188H04WY02P90/80Y02P