최소 단어 이상 선택하여야 합니다.
최대 10 단어까지만 선택 가능합니다.
다음과 같은 기능을 한번의 로그인으로 사용 할 수 있습니다.
NTIS 바로가기다음과 같은 기능을 한번의 로그인으로 사용 할 수 있습니다.
DataON 바로가기다음과 같은 기능을 한번의 로그인으로 사용 할 수 있습니다.
Edison 바로가기다음과 같은 기능을 한번의 로그인으로 사용 할 수 있습니다.
Kafe 바로가기국가/구분 | United States(US) Patent 등록 |
---|---|
국제특허분류(IPC7판) |
|
출원번호 | US-0948065 (2015-11-20) |
등록번호 | US-10028144 (2018-07-17) |
발명자 / 주소 |
|
출원인 / 주소 |
|
대리인 / 주소 |
|
인용정보 | 피인용 횟수 : 0 인용 특허 : 886 |
A wireless end-user device has a wireless wide-area network (WWAN) modem and multiple execution environments. Applications execute in an application execution partition. A kernel execution partition executes processes for classifying, by application, traffic passing between the WWAN modem and the ap
A wireless end-user device has a wireless wide-area network (WWAN) modem and multiple execution environments. Applications execute in an application execution partition. A kernel execution partition executes processes for classifying, by application, traffic passing between the WWAN modem and the applications, measuring per-application traffic, and applying per-application traffic policies to the traffic. A separate protected execution partition contains agents to receive the traffic measurements, configure the traffic policies, and securely communicate with a network service controller. Low-level traffic measurement and control is advantageously and efficiently performed in the kernel, while the traffic-management processes that interface with the kernel are separately secured to resist hacking.
1. A wireless end-user device, comprising: a wireless wide area network (WWAN) modem to receive and transmit Internet data between the device and at least one WWAN when configured for and connected to the at least one WWAN; andone or more processors configured to execute one or more processes in a k
1. A wireless end-user device, comprising: a wireless wide area network (WWAN) modem to receive and transmit Internet data between the device and at least one WWAN when configured for and connected to the at least one WWAN; andone or more processors configured to execute one or more processes in a kernel execution partition, one or more processes in an application execution partition, and one or more processes in a protected execution partition, the one or more processes executed in the kernel execution partition including an operating system packet network stack to pass Internet data packet traffic between the WWAN modem and one or more applications executing in the application execution partition, an application identification agent to classify individual flows of the Internet data packet traffic passing through the stack according to which of the one or more applications is associated with a particular individual flow, a service measurement agent to measure, for classified individual flows, an amount of the Internet data packet traffic associated with each of the one or more applications, and a policy control agent to apply application-specific traffic policy controls to classified individual flows,the one or more processes executed in the protected execution partition including one or more device agents with limited privileges to access processes executing in the kernel execution partition, including a privilege to configure the application-specific traffic policy controls of the policy control agent, and a privilege to receive at least one of Internet data packet traffic passing between the operating system packet network stack and the WWAN modem, andtraffic information including the measured amount of the Internet data packet traffic associated with each of the one or more applications. 2. The wireless end-user device of claim 1, the one or more processors further configured to execute, in the application execution partition, at least one device-assisted-services agent to communicate with at least one device agent executed in the protected execution partition. 3. The wireless end-user device of claim 1, further comprising one or more memory partitions to store program code for the respective processes of the operating system packet network stack, the application identification agent, the service measurement agent, the policy control agent, and the one or more device agents, the one or more processors configured to retrieve the stored program code from the one or more memory partitions to execute the respective processes. 4. The wireless end-user device of claim 3, wherein the one or more memory partitions include a separately protected device-assisted services partition to store the program code for the one or more device agents, the one or more device agents further comprising an access control integrity agent having exclusive permission to update program code stored in the separately protected device-assisted services partition. 5. The wireless end-user device of claim 4, the access control integrity agent further configured to validate the program code for the one or more device agents. 6. The wireless end-user device of claim 3, wherein the one or more memory partitions comprise a device-assisted services partition to store device service state information, the device service state information only modifiable by the one or more device agents. 7. The wireless end-user device of claim 6, the one or more device agents further comprising a service control link configured to securely communicate with a network service controller. 8. The wireless end-user device of claim 7, wherein the service control link is further configured to receive at least one of the application-specific traffic policy controls from the network service controller. 9. The wireless end-user device of claim 7, wherein the service control link is further configured to transmit at least some of the device service state information to the network service controller. 10. The wireless end-user device of claim 9, wherein the one or more device agents are further configured to retain the transmitted device service state information until after an instruction is received from the network service controller acknowledging that the device service state information can be deleted. 11. The wireless end-user device of claim 1, the one or more device agents further configured to, based on the application-specific traffic policy controls, configure application settings for the one or more applications. 12. The wireless end-user device of claim 1, the one or more device agents further configured to calculate, separate from the traffic information, a service usage measurement for the Internet data packet traffic passing between the operating system packet network stack and the WWAN modem. 13. The wireless end-user device of claim 1, the one or more device agents further configured to encrypt Internet data packet traffic passing from the operating system packet network stack to the WWAN modem. 14. The wireless end-user device of claim 1, wherein the protected execution partition comprises a secure virtual execution environment. 15. The wireless end-user device of claim 1, wherein the privilege to configure the application-specific traffic policy controls of the policy control agent is an exclusive privilege for one or more of the device agents executed in the protected execution partition. 16. The wireless end-user device of claim 1, the WWAN modem comprising a modem execution partition configured to calculate, separate from the traffic information, a service usage measurement for the Internet data packet traffic passing between the operating system packet network stack and the WWAN modem. 17. The wireless end-user device of claim 16, the modem execution partition further comprising a modem control link to communicate the calculated service usage measure to at least one of a network service controller and at least one device agent executed in the protected execution partition. 18. The wireless end-user device of claim 2, further comprising a user interface, the at least one device-assisted-services agent comprising a user-interface agent to display to a user, and allow modification to, at least one policy setting affecting at least one of the application-specific policy controls.
Copyright KISTI. All Rights Reserved.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.