(12)
`
`United States Patent
`Sal0 et al.
`
`(10) Patent N0.:
`(45) Date of Patent:
`
`US 6,609,148 B1
`Aug. 19, 2003
`
`US006609148B1
`
`(54) CLIENTS REMOTE ACCESS TO
`ENTERPRISE NETWORKS EMPLOYING
`ENTERPRISE GATEWAY SERVERS IN A
`CENTRALIZED DATA CENTER
`CONVERTING PLURALITY OF DATA
`REQUESTS FOR MESSAGING AND
`
`5,974,416 A * 10/1999 Anand et a1. ............... .. 707/10
`6,061,650 A * 5/2000 Malkin et a1. ......... .. 370/401
`6,256,666 B1 * 7/2001 Singhal ................. .. 709/203
`6,324,681 B1 * 11/2001 Sebesta et a1. ..
`..... .. 707/10
`6,359,892 B1 * 3/2002 SZlam ...................... .. 370/401
`6,397,220 B1 * 5/2002 Deisinger et a1. ......... .. 707/102
`
`REQUEST
`
`(76) Inventors: Randy Sal‘), 1441 Yost Dr‘, San Diego,
`CA (US) 92109; Chris Van
`Hamersveld, 1014 Honeysuckle Dr.,
`San Marcos, CA (US) 92069; Barry K.
`Shelton, 12272 Misty Blue Ct., San
`Diego, CA (US) 92131; Larry
`Herbinaux, 843A Hampton Ct., Vista,
`CA (US) 92084; D. Brian Deacon,
`1285 Navel Pl., Vista, CA (US) 92081;
`Kenneth Eugene Faya], J 1;, 5890C
`Reg Ten, San Diego, CA (US) 92117
`
`( * ) Notice:
`
`Subject to any disclaimer, the term of this
`patent is extended or adjusted under 35
`U'S'C' 154(k)) by 0 days‘
`
`(21) Appl- NO-I 09/436,661
`(22) Filed
`N 0v- 10 1999
`'
`’
`(51) Int. Cl.7 .............................................. .. G06F 15/16
`(52) US. Cl. ..................... .. 709/217; 709/201; 709/202;
`709/203; 709/218; 709/219; 707/10; 707/102
`(58) Field of Search ............................... .. 709/201—203,
`709/217_219; 707/10, 102
`
`(56)
`
`References Cited
`
`US. PATENT DOCUMENTS
`
`
`
`* 6,496,850 B1 * 12/2002 Bowman-Amuah ....... .. 709/203 Gebauer . . . . . . . . . . . . . . . . . . . . ..
`
`
`
`6,499,137 B1 * 12/2002 Hunt ........................ .. 717/164
`2002/0072830 A1 * 6/2002 Hunt ........................... .. 701/1
`
`OTHER PUBLICATIONS
`
`US 2002/0072830 A1.*
`
`* cited by examiner
`
`Primary Examiner—Nabil El-Hady
`(74) Attorney, Agent, or Firm—Philip R. Wadsworth;
`Gregory D. Ogrod; Abdollah Katbab
`
`ABSTRACT
`(57)
`A computer system includes an enterprise gateway server
`and a remote gateway server connected via a data network,
`such as the Internet, that is relatively inef?cient compared to
`typical private networks. The remote gateway server inter
`faces the enterprise gateway server to corporate messaging
`and collaboration data stored locally relative to the remote
`gateway 56W“ The enterprise gateway Server Converts
`multiple data requests for the messaging and collaboration
`data into a Single higher-level data request that is transmitted
`across the data network. The remote gateway server receives
`the request and converts the single high level request back
`into the original multiple request format for presentation to
`the messaging and collaboration database.
`
`5,805,803 A * 9/1998 Birrell et a1. ............. .. 713/201
`
`26 Claims, 10 Drawing Sheets
`
`]90\
`
`415
`\
`
`164
`2
`
`607
`2
`
`EGS
`
`DcoM
`PROXY
`
`OBJECT
`
`I
`
`402
`
`VPN
`
`TUNA/1y
`
`1
`
`DCOM STUB / 605
`
`608
`
`602J
`
`604
`CD0 /
`
`r609
`
`MAPI
`
`LDAP
`
`/410
`
`MESSA GING SERVER
`
`Petitioner Apple Inc. - Exhibit 1052, p. 1
`
`

`

`US. Patent
`
`Aug. 19, 2003
`
`Sheet 1 0f 10
`
`US 6,609,148 B1
`
`22
`
`ENTERPRISE
`
`NETWORK
`
`FIG.1
`
`
`DATA
`
`“x20
`
`
`
`DATACENTER
`
`DATABASE (SQL)
`
`
`
`T_TRANSMISSION__
` MEDIA
` ATTRIBUTES
`
`Petitioner Apple Inc. - Exhibit 1052, p. 2
`
`Petitioner Apple Inc. - Exhibit 1052, p. 2
`
`

`

`US. Patent
`
`Aug. 19, 2003
`
`Sheet 2 0f 10
`
`US 6,609,148 B1
`
`m9»
`
`EOxSHrS/N
`
`MMNMRMMEZNi
`
` MDKMQ
`
`«NE/ED
`
`@4900VMEQEWm
`
`mmmibmmbw
`
`20RVEQKZN
`
`flmmiguwmbm
`
`ZOEVERDE/Q
`
`VN.DNK
`
`Petitioner Apple Inc. - Exhibit 1052, p. 3
`
`Petitioner Apple Inc. - Exhibit 1052, p. 3
`
`
`
`
`
`

`

`US. Patent
`
`Aug. 19, 2003
`
`Sheet 3 0f 10
`
`US 6,609,148 B1
`
`NMVQOra
`
`MMRZMD
`
`Emsmxw
`
`-m§b©-
`
`ESQa3:MGR
`MMZZVED
`gQ
`MMMMAmm
`NMZZSCD
`
`MZNN
`
`ESzcbuzbm
`9&ngSE:
`
`I..EESmEEO:
`
`$655mmwm
`
`Omega:Eu
`
`
`
`m:.UNR
`
`MRQEEM
`
`WQMDDV
`
`QUENQ
`
`Petitioner Apple Inc. - Exhibit 1052, p. 4
`
`Petitioner Apple Inc. - Exhibit 1052, p. 4
`
`
`
`
`
`

`

`U.S. Patent
`
`Aug. 19, 2003
`
`Sheet 4 0f 10
`
`US 6,609,148 B1
`
`
`
`.................................................... i152
`
`
`
`W EEQQMSWM W EEEESw m M E???mbm M m mu?i? W 283" H ,5 ‘h5g3 WEEKEH
`
`m 5 Q3 m > W ?wwww m m 3g 555% m
`m K m m r m m SE ?img?m m M @juw? NE M (2 (N1
`
`m . m M MW MWQIM
`
`m mwzwmw?zm Q “um llm m mEESEw m m m
`m m m “Emmy, m u, .......................................... 1" m 555% m m mmwm?wm m m m
`
`m . m m QEEE, m
`
`
`
`M n M EEG“, W . . , . . , /
`
`m " DZNUYMMQE " v2 , m m u m muimm
`,
`
`U~ URN
`
`
`M “ED SE? m m " mg m m , KS:
`........... x m é @m m m m ..................... 52
`
`
`m m m x 5% 055 m 55% QWESEA
`
`“ mwwmwwwQ " n 1!. mmimmw " n . QB \
`
`m 52% m m MW MWINI m .__, WEBB, A0 E52 1 ,4.
`
`
`
`
`
`n u n n .. 502mm 555 ,__
`
`Petitioner Apple Inc. - Exhibit 1052, p. 5
`
`

`

`U.S. Patent
`
`Aug. 19, 2003
`
`Sheet 5 0f 10
`
`US 6,609,148 B1
`
`B205\
`SUBSCRIBER INPUTS
`URL INTO REMOTE
`A CCESS DE VICE BRO WSER
`
`B21 0\
`
`,,
`
`V
`
`LIS REQUESTS THA T
`SUBSCRIBER INPUT
`CREDENTIALS
`
`,
`B215\
`LIS EXAMINES [NP UTTED
`CREDENTIALS
`
`B245\
`LIS REQ UESTS
`SUBSCRIBER TO
`RE-INP UT
`CREDENTIALS
`
`YES
`
`BAD LOGIN
`ATTEMPTS
`?
`
`f B24 0
`‘
`LOCK
`ACCOUNT
`
`WHETHER LOGIN
`INFO. MA TCHES
`SUBSCRIBER
`CREDENTIALS
`?
`
`FIG. 2
`
`K B225
`INFORM USER
`THATA CCO UNT
`IS LOCKED OUT
`
`YES
`
`/ B250
`,
`FIRST LEVEL
`OFA UTHENTICA TION
`
`f B2 60
`ENCODES SESSION
`WITH EA C
`
`/ B2 70
`v
`D YNAMICALL Y
`REDIRECT
`BROWSER TO
`SPECIFIED EGS
`
`Petitioner Apple Inc. - Exhibit 1052, p. 6
`
`

`

`US. Patent
`
`Aug. 19, 2003
`
`Sheet 6 0f 10
`
`US 6,609,148 B1
`
`$1965 1 64
`.
`
`APPLICATION
`INTERFACES
`
`307
`
`308
`
`166
`
`| ATTRIB UTES
`ATTRIB UTES
`114IHZL4SE
`
`
`
`FIG 3
`
`415
`
`410
`
`403
`
`19
`
`403
`
`415
`
`
`
`IE!!!
`
`410
`
`III AIEIH$4CHWR3
`SZLQVTQR
`
`403
`
`
`
`FIG 4
`
`Petitioner Apple Inc. - Exhibit 1052, p. 7
`
`Petitioner Apple Inc. - Exhibit 1052, p. 7
`
`

`

`U.S. Patent
`
`Aug. 19, 2003
`
`Sheet 7 0f 10
`
`US 6,609,148 B1
`
`190\
`164\
`EGS
`
`PPTP
`
`190\
`164\
`
`EGS
`
`;
`IPSEC /
`ROUTER/
`FIREWALL
`525/
`
`402
`
`515\
`\
`PPTP VPN
`NETWORK <
`V V SERVER
`
`415\ 410\ 403\
`\
`\
`
`SERVER
`
`FIREWALL +
`/
`
`520
`
`FIG. 5A
`
`415\ 410\ 403\
`\
`\
`
`IPSEC
`NETWORK ‘ — ROUTER/ -» RGS “MESSAGING
`FIREWALL
`SERVER
`
`FIG. 5B
`
`Petitioner Apple Inc. - Exhibit 1052, p. 8
`
`

`

`U.S. Patent
`
`Aug. 19, 2003
`
`Sheet 8 0f 10
`
`US 6,609,148 B1
`
`»%\
`$1 emu
`
`
`
`
`55% uEu?QE
`
`= t
`
`QQS FEE
`
`l‘ < \NQQ
`
`b .DbM
`
`h%\ QEQEQQQ
`wan Q?
`5,56
`
`. _
`
`28s
`
`has?‘ 0 0 3m
`
`Kw;
`
`Q2
`
`New
`
`KSQ (02
`
`Petitioner Apple Inc. - Exhibit 1052, p. 9
`
`

`

`U.S. Patent
`
`Aug. 19, 2003
`
`Sheet 9 0f 10
`
`US 6,609,148 B1
`
`1/ 1 64
`
`EGS
`
`CD0
`
`// 70]
`
`705
`
`INTERNET
`
`705
`
`\
`
`MESSAGING /410
`SERVER
`
`FIG. 7A
`
`164
`EGS /
`<<<< >>>>
`DCOM /607
`PROXY
`
`CD INTERNET
`
`DCOM /605
`STUB
`(<(( >)))
`
`CD0 / 604
`
`/410
`MESSA GIN G
`SER VER
`
`FIG. 7B
`
`Petitioner Apple Inc. - Exhibit 1052, p. 10
`
`

`

`U.S. Patent
`
`Aug. 19, 2003
`
`Sheet 10 0f 10
`
`US 6,609,148 B1
`
`
`
`
`
`$530 5% $§$~= = QMQQ ‘$525 EEED= m3§
`
`Raw J
`
`m UNK
`
`
`
`
`
`:SESEQY QSEBEQW somcmgSmmb
`
`
`
`
`
`Quick EmEmEQ amwsmomcmgskwzbm
`
`
`
`Aai‘ RG55
`
`
`
`
`
`A, 0.: A “ 03$
`
` 3% \ \ 5% \ QEQZEmEmEEQEQD \ bvtw
`
`QEQZEmEmEAN
`
`§\
`
`[0%
`
`Petitioner Apple Inc. - Exhibit 1052, p. 11
`
`

`

`US 6,609,148 B1
`
`1
`CLIENTS REMOTE ACCESS TO
`ENTERPRISE NETWORKS EMPLOYING
`ENTERPRISE GATEWAY SERVERS IN A
`CENTRALIZED DATA CENTER
`CONVERTING PLURALITY OF DATA
`REQUESTS FOR MESSAGING AND
`COLLABORATION INTO A SINGLE
`REQUEST
`
`BACKGROUND OF THE INVENTION
`
`I. Field of the Invention
`This invention generally relates to the ?eld of communi
`cations and information netWork management. More
`particularly, the present invention relates to a novel system
`that alloWs remote end users to rapidly and securely access
`information from a variety of subscriber devices using a
`centraliZed remote data center.
`II. Description of Related Art
`Recent innovations in Wireless communication and
`computer-related technologies as Well as the unprecedented
`groWth of Internet subscribers have provided tremendous
`opportunities in telecommuting and mobile computing. In
`fact, corporate entities and enterprises are moving toWards
`providing their Workforces With ubiquitous access to net
`Worked corporate applications and data, such as, for
`example, e-mail, address books, appointment calendars,
`scheduling information, etc.
`The problem With providing universal access to propri
`etary information is one of logistics. For example, it is
`common for an individual to keep sets of addresses on
`different devices, such as Work addresses on a personal
`computer used at Work, personal addresses on a home
`computer, and commonly called telephone numbers on a
`cellular telephone. Problems arise When the individual is at
`home and Wishes to call or fax a Work colleague, particularly
`When the individual does not have access to the Work
`addresses from the home computer or any other available
`device. Further, different urgent priority items, such as
`urgent e-mails, may be unavailable to a subscriber for an
`extended period of time if the subscriber is equipped only
`With a personal digital assistant (PDA) and a cellular tele
`phone unable to receive e-mail.
`Along With the problem of maintaining data in various
`locations, users frequently have access to different devices,
`each having different data access abilities and requirements.
`For example, certain cellular telephones have speed dial or
`commonly called telephone numbers, but do not have the
`ability to receive e-mail. Certain cellular telephone handsets
`have the ability to receive alphanumeric pages, but some
`cellular service providers do not support this feature While
`others do. Also, many PDAs do not have the ability to
`receive over-the-air transmissions, but can synchroniZe With
`a database, such as a database associated With a personal
`computer and/or netWork. Other PDAs have the ability to
`receive and edit e-mail messages. Some systems or netWorks
`alloW a subscriber to doWnload her e-mail headers to a
`remote device and read some portion or all of the e-mail.
`After reading the e-mail on the remote device, some systems
`delete the e-mail While others maintain the e-mail on the
`system until read or deleted at the home system. Hence the
`ability for a subscriber to access, maintain, and dynamically
`utiliZe information is heavily dependent on the input device
`employed by the subscriber.
`Further, certain organiZations limit access to Workers
`having a need to knoW the information maintained. For
`
`10
`
`15
`
`25
`
`35
`
`45
`
`55
`
`65
`
`2
`example, many corporations control e-mail using a dedi
`cated server having restricted access, including using ?re
`Walls and encryption. Access to this information requires
`making the information available under conditions imposed
`and maintained by the corporation.
`For purposes of this application, a corporation or other
`entity, public private, or otherWise, is referred to as an
`“enterprise.” As used herein, an enterprise represents any
`entity maintaining or controlling information at a remote
`location from a subscriber. Examples of enterprises include
`a secure corporate netWork, a dedicated server, or a publicly
`accessible Web site netWork. Other enterprises may be
`employed Which maintain and control certain information as
`may be appreciated by those of skill in the art.
`While certain systems have been employed to provide
`access to information maintained at an enterprise, none have
`provided for access by multiple devices including PDAs,
`cellular telephones, personal computers, laptops,
`MICROSOFT® WindoWs CE devices, and so forth. Further,
`those systems discussed in the literature that provide infor
`mation access to users employing a limited set of input
`devices have suffered from accessibility and data latency
`problems. Accessibility issues involve providing access to
`the information by only offering access through a corporate
`Intranet or other internal access scheme. A subscriber Wish
`ing to revieW his or her e-mail on a laptop borroWed from a
`colleague frequently is denied access to the corporate infor
`mation. Further, data latency universally inhibits the ability
`to access data. Users desire a fast response to the informa
`tion they desire, and information on any device that takes
`longer than ?fteen seconds to load is undesirable.
`Additionally, certain enterprises Wish to have control over
`information maintained on their netWorks, including main
`taining passWord and account information for the enterprise
`users. It is therefore undesirable for the enterprise to offer
`sensitive data, such as subscriber information and
`passWords, to outside parties Where the data may be com
`promised. Security issues, such as corporate ?reWalls and
`encryption of data, must in many instances be maintained
`and controlled by the enterprise rather than a third party.
`Certain enterprises also have particular needs and prefer
`ences. For example, some corporate enterprises may main
`tain a netWork that interfaces With offices in different
`countries, and depending on the person accessing the
`information, he or she may have a particular language
`preference. Certain enterprises also ?nd it highly desirable to
`have a recon?gurable interface to provide updated graphics,
`information, and presence to netWork users. These sub
`scriber interfaces may change rapidly in some industries. A
`system offering information access should therefore be
`readily recon?gurable and offer subscriber interfaces struc
`tured for the enterprise for use on a variety of input devices.
`Such a system should be relatively easy to set up and
`maintain, and use readily available hardWare and softWare
`Wherever possible. Further, the system should provide for
`data access tracking and ef?cient security and authoriZation.
`It is therefore an object of the current invention to provide
`a system for offering convenient and efficient access to data,
`including e-mail, calendar/date book, and addresses. These
`terms are commonly knoWn in the art, Wherein e-mail
`represents electronic mail deliverable in a recogniZed
`format, including attachments and other electronic mail
`attributes. Calendar/date book data represents dates of
`meetings, appointments, holidays, or other noteWorthy
`events maintained in a searchable database type format.
`Addresses represent information associated With contacts,
`
`Petitioner Apple Inc. - Exhibit 1052, p. 12
`
`

`

`US 6,609,148 B1
`
`3
`such as the contact’s name, title, company, business address,
`business phone number, business faX number, home address
`and/or phone number, cellular phone number, e-mail
`address, and so forth. Access to the information should
`preferably be provided through a central location.
`It is a further object of this invention to provide for access
`to the desired information using any of a variety of input
`devices, including but not limited to a personal computer, a
`laptop computer, a PDA, a cellular telephone, a tWo-Way
`pager, and a MICROSOFT® WindoWs CE device.
`It is still a further object of the present invention to
`provide a system Which recogniZes the type of device
`addressing and requesting the information and to provide the
`information to the device in a proper format in accordance
`With the preferences of the enterprise transmitting the infor
`mation.
`It is another object of the current invention to provide a
`central location for enabling a series of users to access
`information at various enterprises When said users employ
`various input devices. Such a central location should offer
`relatively robust access to the information desired, offer
`security for information maintained on the enterprise such as
`subscriber data and passWords, and provide for authentica
`tion and access tracking.
`It is yet another object of the current invention to provide
`an interconnection betWeen a central data location and an
`enterprise such that the interconnection can quickly, reliably,
`and efficiently transfer information, such as e-mail, calendar,
`and address data, betWeen the central data location and the
`enterprise.
`It is a further object of the current invention to provide a
`remote enterprise architecture that supports inquiries from
`and responses to the central data location for use in a
`multiple subscriber and multiple input device data access
`scheme. The remote enterprise architecture should permit
`rapid access to the information and transmission of the
`information While simultaneously maintaining ?reWall,
`security, and encryption requirements.
`It is still a further object of the current invention to
`provide architectures Which are reliable and easy to use from
`both a softWare and hardWare standpoint, and utiliZe Where
`possible eXisting components to minimiZe system costs.
`It is yet a further object of the current system to provide
`a subscriber interface that is readily recon?gurable by an
`enterprise maintaining the information. Further, the sub
`scriber interface should preferably provide enterprise data
`on various input devices and take into account enterprise and
`subscriber preferences When interfacing With a subscriber.
`It is another object of the current invention to provide a
`business model for supplying users With access to e-mail,
`calendar, and address information in a multiple input device
`environment When the desired information is maintained at
`a remote enterprise.
`
`SUMMARY OF THE INVENTION
`
`Accordingly, there is herein provided a computer system
`for providing access to information maintained on an enter
`prise netWork.
`One aspect of the present invention is directed to a
`computer system comprising a plurality of components,
`including a data netWork, an enterprise gateWay server, a
`remote gateWay server, and a messaging server. The enter
`prise gateWay server is connected to the data netWork and
`includes softWare that converts a plurality of data requests
`for messaging and collaboration data into a single higher
`
`10
`
`15
`
`25
`
`35
`
`45
`
`55
`
`65
`
`4
`level request and transmits the higher level request over the
`data netWork. The remote gateWay server is also connected
`to the data netWork and receives the higher-level request
`from the enterprise gateWay server and converts the higher
`level request to the plurality of data requests. The messaging
`server hosts messaging and collaboration data and is con
`nected to the remote gateWay server through a private data
`netWork, the private data netWork connecting the messaging
`server to the remote gateWay server more efficiently than the
`data netWork that connects the enterprise gateWay server to
`the remote gateWay server, the messaging server providing
`messaging and collaboration data to the remote gateWay
`server in response to receiving the plurality of data requests.
`A second aspect of the present invention is directed to a
`computer system comprising a plurality of elements includ
`ing an enterprise gateWay server and a corporate netWork
`connected via the Internet. The enterprise gateWay server
`includes softWare that converts a plurality of data requests
`for messaging and collaboration data into a single higher
`level request and transmits the higher level request over the
`data netWork. The corporate netWork receives the higher
`level request from the enterprise gateWay server and con
`verts the higher level request to the plurality of data requests.
`The corporate netWork uses the converted plurality of data
`requests to query a messaging database that stores messag
`ing and collaboration data corresponding to the plurality of
`data requests from the enterprise gateWay server, and returns
`the results of the query to the enterprise gateWay server.
`Other objects, features, and advantages of the present
`invention Will become more apparent from a consideration
`of the folloWing detailed description and from the accom
`panying draWings.
`
`BRIEF DESCRIPTION OF THE DRAWINGS
`The accompanying draWings, Which are incorporated in
`and constitute a part of this Speci?cation, illustrate an
`embodiment of the invention and, together With the
`description, explain the objects, advantages, and principles
`of the invention. In the draWings:
`FIG. 1 is a conceptual diagram representing the major
`components of the system;
`FIG. 1A is a high level block diagram depicting the basic
`elements of an embodiment of the present system;
`FIG. 1B is a high level block diagram depicting various
`elements of an exemplary communication system interfac
`ing With a remote data center;
`FIG. 1C is a high level block diagram depicting the
`architecture of a remote data center;
`FIG. 2 is a functional block diagram depicting the authen
`tication process;
`FIG. 3 is a high level block diagram illustrating the basic
`elements of the EGS;
`FIG. 4 is high level diagram depicting the connectivity
`betWeen a data center and a plurality of enterprise netWork
`servers;
`FIGS. 5A, 5B are block diagrams illustrating embodi
`ments of the implementation of a Virtual Private NetWork
`interconnecting a data center and an enterprise netWork;
`FIG. 6 is a diagram depicting the architecture of the RGS
`softWare components;
`FIGS. 7A and 7B are diagrams depicting alternative
`embodiments of the communications betWeen a messaging
`server and an EGS; and
`FIG. 8 illustrates the customiZation initialiZation proce
`dure.
`
`Petitioner Apple Inc. - Exhibit 1052, p. 13
`
`

`

`US 6,609,148 B1
`
`5
`DETAILED DESCRIPTION OF THE
`PREFERRED EMBODIMENTS
`
`6
`the Internet provides an eXample of a poWerful and readily
`accessible data transmission media. Addition of enterprise
`netWorks 22 or data centers 17 to an arrangement employing
`the Internet is relatively simple. Note also that data link 16
`may also employ the Internet for subscriber access to the
`data center 17.
`In operation, the subscriber must ?rst access the data
`center 17 using an access arrangement, such as a passWord
`verifying his or her identity. The subscriber makes a request
`into the subscriber device, such as a cellular telephone, to
`vieW data, such as his or her e-mail. The IIS server 18
`receives the request via the data link 16 and passes the
`request through the dedicated connection 20 and on to the
`enterprise netWork 22. The enterprise netWork 22 processes
`the request for e-mail and obtains the necessary data pur
`suant to the subscriber preferences provided by the SQL
`server in the data center 17. For eXample, the subscriber is
`presumed to have established that if he or she desires e-mail
`through his or her cellular telephone, the information pro
`vided should be only the ?rst ten messages, alphabetiZed by
`the last name of the sender. In such a situation, the enterprise
`netWork 22 obtains the requisite information and transmits
`the data back through the dedicated connection 20, to the
`data center 17, and to the subscriber via data link 16 to the
`requesting subscriber input device. To accomplish this, the
`enterprise netWork 22 must include a server having a
`scalable, reliable and secure data access platform, such as
`MICROSOFT® Exchange Server, for ready access to the
`requested e-mail, calendar, or contact information.
`FIG. 1A illustrates an embodiment of the present inven
`tion. The embodiment alloWs subscribers to securely and
`remotely access a centraliZed data center 190, Which acts as
`an intermediary to facilitate subscriber information residing
`in an independent enterprise netWork 403 in real time. In one
`implementation, a subscriber, by virtue of a remote access
`device 104, makes a request, across a netWork 100, to a data
`center 190, to supply subscriber information (e.g., messag
`ing and collaboration information, such as electronic mail,
`appointment calendars, address/phone books) located in an
`enterprise netWork 403. The data center 190 receives the
`request, authenticates the subscriber, accesses the enterprise
`netWork 403, establishes a secure session With the enterprise
`netWork 403, retrieves the subscriber information, and for
`mats the information in accordance With the display capa
`bilities of the remote access device 104. The remote access
`device 104 may be connected to a “Wireline” netWork (e.g.,
`personal computer, kiosk, etc.) or may be connected to a
`Wireless netWork (e.g., cellular phones, personal digital
`assistants (PDAs), MICROSOFT® WindoWs CE device,
`etc.).
`In another embodiment, as indicated by FIG. 1A, the data
`center 190 itself provides a central repository for the sub
`scriber information (dashed-line). As such, the subscriber
`initiates a request in the remote access device 104 and the
`data center 190 receives the request, authenticates the
`subscriber, accesses the subscriber information, and formats
`the information in accordance With the display capabilities
`of the remote access device 104.
`The features and details of the various embodiments of
`the invention Will be described beloW.
`
`1. Remote Access Devices
`
`65
`
`The remote access and retrieval of subscriber information
`resident in the enterprise netWork 403 is initiated by request
`ing the information on a remote access device 104.
`Generally, these requests are initiated by inputting an
`
`The following detailed description of the embodiments of
`the present invention refers to the accompanying draWings
`that illustrate these. Other embodiments are possible and
`modi?cations may be made to the embodiments Without
`departing from the spirit and scope of the invention.
`Therefore, the following detailed description is not meant to
`limit the invention. Rather, the scope of the invention is
`de?ned by the appended claims.
`It Will be apparent to one of ordinary skill in the art that
`an embodiment of the present invention, as described beloW,
`may be realiZed in a variety of implementations, including
`the softWare, ?rmWare, and hardWare of the entities illus
`trated in the ?gures (i.e., remote access device 104, BSC/
`MSC 106 and IWF 108). The actual softWare code or control
`hardWare used to implement the present invention is not
`limiting of the present invention. Thus, the operation and
`behavior of the present invention Will be described Without
`speci?c reference to the actual softWare code or hardWare
`components. Such non-speci?c references are acceptable
`because it is clearly understood that a person of ordinary
`skill in the art Would be able to design softWare and control
`hardWare to implement the embodiment of the present
`invention based on the description herein.
`FIG. 1 presents a conceptual overvieW of the design of the
`current system. From FIG. 1, a subscriber has access to an
`input device, Which may be one from a class of input devices
`10 including, but not limited to, a cellular telephone 11, a
`personal digital assistant (PDA) 12, a MICROSOFT® Win
`doWs CE device 13, a desktop personal computer 14, or a
`laptop personal computer 15. Other devices may be
`employed, such as a tWo-Way paging device, While still
`Within the scope of the present invention. The important
`characteristic of the class of input devices 10 is that each
`device must have the ability to receive information.
`The input device transmits or receives information over a
`data link 16, such as a telephone line, dedicated computer
`connection, satellite connection, cellular telephone netWork,
`the Internet, or other data connection. The data link 16 is
`connected to a data center 17, Which offers a central location
`for accessing and processing information from various
`remote enterprise netWorks 22. Data center 17 provides
`users With access to information or data maintained at the
`enterprise netWorks 22. The data center 17 includes at least
`one Web server 18 (e.g., MICROSOFT® Internet Informa
`tion Server [IIS]) having access to at least one attributes
`database server (e.g., Structured Query Language [SQL]
`server) 19. The IIS server 18 identi?es and authenticates the
`subscriber and veri?es that the subscriber is associated With
`a particular enterprise. The IIS server 18 refers to the SQL
`server 19 for the data necessary to perform these tasks, and
`thus the SQL server 19 performs data storage for account
`access purposes. The IIS servers 18 process individual active
`server pages, or ASPs, that provide the requested informa
`tion back across data link 16 to the user or subscriber. The
`data center 17 transmits data through a dedicated connection
`20, Which is preferably an IPSEC tunnel through the
`Internet, or a PPTP connection via the Internet. The dedi
`cated connection 20 is provided through data transmission
`media 21, Which may be the Internet, a Wide Area NetWork
`(WAN), or any other media used for server communication.
`The dedicated connection 20 provides the robustness nec
`essary to update the subscriber and provide information in a
`reasonable time period. Use of a connection that is not
`dedicated can result in delays and service disruptions, and
`
`10
`
`15
`
`25
`
`35
`
`45
`
`55
`
`Petitioner Apple Inc. - Exhibit 1052, p. 14
`
`

`

`US 6,609,148 B1
`
`7
`address on a browser (or micro-broWser) interface of the
`remote access device 104. The address partially identi?es
`the enterprise network 403 that the subscriber is associated
`With (i.e., company, employer, etc.) and the address may be
`in the form of an HTTP URL (Hypertext Transfer Protocol
`Uniform Resource Locator). The remote access devices 104
`have communication capabilities, alloWing them to interface
`With Wireless and Wireline communication netWorks. In one
`implementation, the remote access devices 104 are Wireless
`and include devices that are Well-knoWn in the art, such as
`hand-held Wireless phones, Personal Digital Assistants
`(PDAs), MICROSOFT® WindoWs CE devices, and mobile
`computers. Such devices operate in Wireless netWorks that
`include, but are not limited to PSTN, CDPD, CDMA/IS-95,
`TDMA/IS-136, MOBITEX, and GSM netWorks.
`In addition, these remote access devices 104 generally
`have graphical displays to accommodate their broWsing
`capabilities. The remote access devices may use different
`markup languages to interpret, format, and display the
`contents of the retrieved subscriber information. Such lan
`guages may include Hypertext Markup Language (HTML),
`Handheld Markup Language (HDML), Extensible Markup
`Language (XML), Extensible Stylesheet Language (XSL),
`and Wireless Markup Language (WML).
`2. NetWork Access to Data Center
`As stated above, the remote access devices 104 have
`communication capabilities to interface With a variety of
`communication netWorks including Wireless communication
`systems. FIG. 1B illustrates the basic elements of a Wireless
`implementation of netWork 100 in FIG. 1A. Artisans of
`ordinary skill Will readily appreciate that these elements, and
`their interfaces, may be modi?ed, augmented, or subjected
`to various standards knoWn in the art, Without limiting their
`scope or function.
`In one implementation, the remote access device 104 ?rst
`communicates and sustains a session With a Base Station
`Controller/Mobile SWitching Center (BSC/MSC) 106 via
`the Wireless interface (i.e., air-link) Um in accordance With
`a Wireless communication netWork scheme, such as CDPD,
`CDMA/IS-95, TDMA/IS-136, MOBITEX, and GSM. The
`BSC/MSC 106 employs a transceiver to transmit to the
`remote access device 104 (i.e., forWard link) and receive
`from the remote access device 104 (i.e., reverse link),
`consistent With the Wireless netWork scheme. The BSC/
`MSC 106 supervises, manages, and routes the calls betWeen
`the remote access device 104 and the Inter-Working Func
`tion (IWF) 108.
`The IWF 108 serves as a gateWay betWeen the Wireless
`system 100 and other netWorks. The IWF 108 is coupled to
`the BSC/MSC 106 and in many cases it may be co-located
`With the BSC/MSC 106. The IWF 108 provides the session
`betWeen the remote access device 104 and the BSC/MSC
`106 With an IP address, consistent With the Well-knoWn
`Internet Protocol (IP).
`As is Well-knoWn in the art, the IP protocol is a netWork
`layer protocol that speci?es the addressing and routing of
`packets (datagrams) betWeen host computers and speci?es
`the encapsulation of data into such packets for transmission.
`Addressing and routing information is af?xed in the header
`of the packet. IP headers contain 32-bit addresses that
`identify the sending and receiving hosts. These addresses are
`used by intermediate routers to select a path through the
`netWork for the packet toWards its ultimate destination at the
`intended address. Providing the session betWeen the remote
`access device 104 and the BSC/MSC 106 With an IP address,
`the session can be intelligently routed to other networks.
`
`10
`
`15
`
`25
`
`35
`
`45
`
`55
`
`65
`
`8
`The IWF 108 is subsequentl