Docket No.
`
`341244US91CONT
`
`IN THE UNITED ST ATES PA TENT AND TRADEMARK OFFICE
`INVENTOR(S) Daniel J. MENDEZ, et al.
`
`SERIAL NO:
`
`New Application
`
`FILING DA TE: Herewith
`
`ART UNIT:
`
`EXAMINER:
`
`FOR:
`
`SYSTEM AND METHOD FOR GLOBALLY AND SECURELY ACCESSING UNIFIED
`INFORMATION IN A COMPUTER NETWORK
`FEE TRANSMITTAL
`
`D No additional fee is required
`D Small entity status of this application under 37 C.F.R. § 1.9 and § 1.27 is claimed.
`
`The Fee has been calculated as shown below:
`
`FOR
`
`NUMBER
`EXTRA
`
`RATE
`
`CALCULATIONS
`
`NUMBER
`FILED
`- 20 =
`-
`3 =
`
`45
`5
`
`TOT AL CLAIMS
`INDEPENDENT CLAIMS
`
`UTILITY APPLICATION
`SIZE FEE
`
`25
`2
`0
`-
`44•
`(each addtl. 50
`100 =
`sheets over I 00)
`(* 58 x .75)
`D MULTIPLE DEPENDENT CLAIMS (If applicable)
`+ $390 =
`D LA TE FILING OF DECLARATION
`+ $130 =
`• EXAMINATION FEE BASIC FEES
`.FILING FEE
`.SEARCH FEE
`($330.00)
`($540.00)
`($220.00)
`TOT AL OF ABOVE CALCULATIONS
`D REDUCTION BY 50% FOR FILING BY SMALL ENTITY
`D FILING FEE REDUCED IF E-FILED - SMALL ENTITY
`D FILING IN NON-ENGLISH LANGUAGE
`
`x $52 =
`x $220 =
`
`x
`
`$270 =
`
`+ $-83
`
`=
`
`=
`
`+ $130
`TOTAL
`
`$1,300.00
`$440.00
`
`$0.00
`
`$0.00
`$0.00
`
`$1,090.00
`
`$2,830.00
`$0.00
`$0.00
`
`$0.00
`
`$2 ,830.00
`
`D Please charge Deposit Account No. 15-0030 in the amount of $0.00
`• Credit card payment is being made online (if electronically filed), or is attached hereto (if paper filed), in the amount of
`$2,830.00.
`The Director is hereby authorized to charge any additional fees which may be required for the papers being filed
`herewith and for which no payment is enclosed herewith, or credit any overpayment to Deposit Account No. 15-0030.
`
`•
`
`Submitted by: __ _ ~---7"~o____ ~~__.-c_·· _..<: _______ _
`
`
`SCottA~
`
`Registration No. 42,866
`
`Customer Number
`22850
`
`Tel. (703) 413-3000
`Fax. (703) 413-2220
`(OSMMN 10/08)
`
`MobileIron, Inc., Ex. 1002 - Page 001
`
`

`

`APPLICATION DATA SHEET
`
`APPLICATION INFORMATION
`Application Type::
`Subject Matter::
`CD-ROM or CD-R?::
`Title::
`
`Attorney Docket Number::
`Total Drawing Sheets::
`
`REGULAR
`UTILITY
`NONE
`SYSTEM AND METHOD FOR
`GLOBALLY AND SECURELY
`ACCESSING UNIFIED INFORMATION
`IN A COMPUTER NETWORK
`341244U S91 CONT
`15
`
`INVENTOR INFORMATION
`
`Applicant Authority Type::
`Primary Citizenship Country::
`Status::
`Given Name::
`Middle Name::
`Family Name::
`City of Residence::
`State or Province of Residence::
`Country of Residence::
`Street of Mailing Address::
`City of Mailing Address::
`State or Province of Mailing Address::
`Country of Mailing Address::
`Postal or Zip Code of Mailing Address::
`
`INVENTOR
`us
`FULL CAPACITY
`Daniel
`J.
`Mendez
`Menlo Park
`CA
`us
`275 Gloria Circle
`Menlo Park
`CA
`us
`94025
`
`Page 1
`
`Initial 06/22/09
`
`MobileIron, Inc., Ex. 1002 - Page 002
`
`

`

`Applicant Authority Type::
`Primary Citizenship Country::
`Status::
`Given Name::
`Middle Name::
`Family Name::
`City of Residence::
`State or Province of Residence::
`Country of Residence::
`Street of Mailing Address::
`City of Mailing Address::
`State or Province of Mailing Address::
`Country of Mailing Address::
`Postal or Zip Code of Mailing Address::
`
`Applicant Authority Type::
`Primary Citizenship Country::
`Status::
`Given Name::
`Family Name::
`City of Residence::
`State or Province of Residence::
`Country of Residence::
`Street of Mailing Address::
`City of Mailing Address::
`State or Province of Mailing Address::
`Country of Mailing Address::
`Postal or Zip Code of Mailing Address::
`
`Applicant Authority Type::
`Primary Citizenship Country::
`Status::
`Given Name::
`Middle Name::
`Family Name::
`City of Residence::
`State or Province of Residence::
`Country of Residence::
`Street of Mailing Address::
`City of Mailing Address::
`State or Province of Mailing Address::
`Country of Mailing Address::
`Postal or Zip Code of Mailing Address::
`
`INVENTOR
`us
`FULL CAPACITY
`Mark
`D.
`Riggins
`Mercer Island
`WA
`us
`3002 89th Place SE
`Mercer Island
`WA
`us
`98040
`
`INVENTOR
`India
`FULL CAPACITY
`Prasad
`Wagle
`Santa Clara
`CA
`us
`2831 Pruneridge Ave
`Santa Clara
`CA
`us
`95051
`
`INVENTOR
`us
`FULL CAPACITY
`Hong
`Q.
`Bui
`Cupertino
`CA
`us
`10250 Parkwood Drive, #4
`Cupertino
`CA
`us
`95014
`
`Page 2
`
`Initial 06/22/09
`
`MobileIron, Inc., Ex. 1002 - Page 003
`
`

`

`Applicant Authority Type: :
`Primary Citizenship Country::
`Status::
`Given Name::
`Family Name::
`City of Residence::
`State or Province of Residence::
`Country of Residence::
`Street of Mailing Address: :
`City of Mailing Address::
`State or Province of Mailing Address::
`Country of Mailing Address::
`Postal or Zip Code of Mailing Address::
`
`Applicant Authority Type::
`Primary Citizenship Country::
`Status::
`Given Name::
`Middle Name::
`Family Name::
`City of Residence::
`State or Province of Residence::
`Country of Residence::
`Street of Mailing Address::
`City of Mailing Address::
`State or Province of Mailing Address::
`Country of Mailing Address::
`Postal or Zip Code of Mailing Address::
`
`INVENTOR
`us
`FULL CAPACITY
`Mason
`NG
`Mountain View
`CA
`us
`217 Ada Avenue, #11
`Mountain View
`CA
`us
`94043
`
`INVENTOR
`us
`FULL CAPACITY
`Sean
`Michael
`Quinlan
`San Francisco
`CA
`us
`155 Haight Street, #211
`San Francisco
`CA
`us
`94102
`
`Applicant Authority Type::
`Primary Citizenship Country::
`Status::
`Given Name::
`Middle Name::
`Family Name::
`City of Residence::
`State or Province of Residence::
`Country of Residence::
`Street of Mailing Address::
`City of Mailing Address::
`State or Province of Mailing Address::
`Country of Mailing Address::
`Postal or Zip Code of Mailing Address::
`
`INVENTOR
`us
`FULL CAPACITY
`Christine
`C.
`Ying
`Foster City
`CA
`us
`1204 Moonsail Lane
`Foster City
`CA
`us
`94404
`
`Page 3
`
`Initial 06122109
`
`MobileIron, Inc., Ex. 1002 - Page 004
`
`

`

`Applicant Authority Type::
`Primary Citizenship Country::
`Status: :
`Given Name::
`Middle Name::
`Family Name::
`City of Residence::
`State or Province of Residence::
`Country of Residence::
`Street of Mailing Address::
`City of Mailing Address::
`State or Province of Mailing Address::
`Country of Mailing Address::
`Postal or Zip Code of Mailing Address: :
`
`Applicant Authority Type::
`Primary Citizenship Country::
`Status::
`Given Name::
`Middle Name::
`Family Name::
`City of Residence: :
`State or Province of Residence::
`Country of Residence::
`Street of Mailing Address::
`City of Mailing Address::
`State or Province of Mailing Address::
`Country of Mailing Address: :
`Postal or Zip Code of Mailing Address::
`
`INVENTOR
`us
`FULL CAPACITY
`Christopher
`R.
`Zuleeg
`San Jose
`CA
`us
`5524 Blossom Vista Avenue
`San Jose
`CA
`us
`95124
`
`INVENTOR
`us
`FULL CAPACITY
`David
`J.
`Cowan
`Menlo Park
`CA
`us
`3000 Sand Hill Road, #3-225
`Menlo Park
`CA
`us
`94043
`
`Page4
`
`Initial 06/22/09
`
`MobileIron, Inc., Ex. 1002 - Page 005
`
`

`

`Applicant Authority Type::
`Primary Citizenship Country::
`Status::
`Given Name::
`Middle Name: :
`Family Name: :
`City of Residence::
`State or Province of Residence::
`Country of Residence::
`Street of Mailing Address::
`City of Mailing Address::
`State or Province of Mailing Address::
`Country of Mailing Address::
`Postal or Zip Code of Mailing Address::
`
`Applicant Authority Type::
`Primary Citizenship Country: :
`Status::
`Given Name::
`Family Name::
`City of Residence::
`State or Province of Residence::
`Country of Residence::
`Street of Mailing Address: :
`City of Mailing Address::
`State or Province of Mailing Address::
`Country of Mailing Address::
`Postal or Zip Code of Mailing Address::
`
`INVENTOR
`us
`FULL CAPACITY
`Joanna
`A.
`Apteka r-Strober
`Menlo Park
`CA
`us
`3000 Sand Hill Road, #3-225
`Menlo Park
`CA
`us
`94043
`
`INVENTOR
`us
`FULL CAPACITY
`R. Stanley
`Bailes
`San Jose
`CA
`us
`4829 Bela Drive
`San Jose
`CA
`us
`95129
`
`CORRESPONDENCE INFORMATION
`
`Correspondence Customer Number::
`
`22850
`
`REPRESENTATIVE INFORMATION
`
`Representative Customer Number::
`
`22850
`
`DOMESTIC PRIORITY INFORMATION
`Continuity Type::
`Application::
`Continuation of
`This Application
`12/480,500
`Continuation of
`11/340,083
`Continuation of
`Continuation of
`10/741, 113
`
`Parent Aoolication:: Parent Filing Date::
`06108109
`12/480,500
`11/340,083
`01/25/06
`10/741, 113
`12/19/03
`09/666,877
`09120100
`
`Page 5
`
`Initial 06/22/09
`
`MobileIron, Inc., Ex. 1002 - Page 006
`
`

`

`109/666,877
`J08/903, 118
`
`108/865,075
`
`108/835,997
`
`108/841,950
`
`Continuation of
`Continuation-in-Part
`of
`Continuation-in-Part
`of
`Continuation-in-Part
`of
`Continuation-in-Part
`of
`
`08/903, 118
`08/865,075
`
`107/30/97
`105/29/97
`
`08/835,997
`
`104/11/97
`
`08/841,950
`
`104/08/97
`
`08/766,307
`
`112/13/96
`
`FOREIGN PRIORITY INFORMATION
`
`I
`I
`
`I
`
`I
`
`I
`
`ASSIGNMENT INFORMATION
`
`Assignee Name::
`Street of Mailing Address::
`City of Mailing Address::
`State or Province of Mailing Address::
`Country of Mailing Address::
`Postal or Zip Code of Mailing Address::
`
`VISTO CORPORATION
`101 Redwood Shores Parkway, Suite 400
`Redwood City
`California
`United States
`94065
`
`Page 6
`
`Initial 06/22/09
`
`MobileIron, Inc., Ex. 1002 - Page 007
`
`

`

`TITLE OF THE INVENTION
`
`SYSTEM AND METHOD FOR GLOBALLY AND SECURELY ACCESSING UNIFIED
`
`INFORMATION IN A COMPUTER NETWORK
`
`CROSS-REFERENCE TO RELATED APPLICATIONS
`
`[0001] This application is a continuation and claims the benefit of priority under 35 U.S.C. § 120
`
`from U.S. Application No. 12/480,500, filed June 8, 2009, which is a continuation of U.S.
`
`Application No. 11/340,083, filed January 25, 2006, which is a continuation of U.S. Application
`
`No. 10/741,113, filed December 19, 2003 now U.S. Patent No. 7,039,679, which is a
`
`continuation of U.S. Application No. 09/666,877 filed September 20, 2000 now U.S. Patent No.
`
`6,708,221, which is a continuation of U.S. Application No. 08/903,118 filed July 30, 1997,
`
`which is a continuation-in-part of co-pending patent application Ser. No. 08/766,307, filed on
`
`Dec. 13, 1996 now U.S. Patent No. 6, 131, 116, and of co-pending patent application Ser. No.
`
`08/841,950, filed on Apr. 8, 1997 now U.S. Patent No. 7 ,287 ,271 and of co-pending patent
`
`application Ser. No. 08/835,997, filed on Apr. 11, 1997 now U.S. Patent No. 6,085, 192, and of
`
`co-pending patent application Ser. No. 08/865,075, filed on May 29, 1997 now U.S. Patent No.
`
`6,023,708. The entire contents of these applications are incorporated herein by reference.
`
`BACKGROUND OF THE INVENTION
`
`[0002] 1. Field of the Invention
`
`[0003] This invention relates generally to computer networks, and more particularly provides a
`
`system and method for globally and securely accessing unified information in a computer
`
`network.
`
`MobileIron, Inc., Ex. 1002 - Page 008
`
`

`

`[0004] 2. Description of the Background Art
`
`[0005] The internet currently interconnects about 100,000 computer networks and several
`
`million computers. Each of these computers stores numerous application programs for providing
`
`numerous services, such as generating, sending and receiving e-mail, accessing World Wide
`
`Web sites, generating and receiving facsimile documents, storing and retrieving data, etc.
`
`[0006] A roaming user, i.e., a user who travels and accesses a workstation remotely, is faced
`
`with several problems. Program designers have developed communication techniques for
`
`enabling the roaming user to establish a communications link and to download needed
`
`information and needed service application programs from the remote workstation to a local
`
`computer. Using these techniques, the roaming user can manipulate the data on the remote
`
`workstation and, when finished, can upload the manipulated data back from the remote
`
`workstation to the local computer. However, slow computers and slow communication channels
`
`make downloading large files and programs a time-consuming process. Further, downloading
`
`files and programs across insecure channels severely threatens the integrity and confidentiality of
`
`the downloaded data.
`
`[0007] Data consistency is also a significant concern for the roaming user. For example, when
`
`maintaining multiple independently modifiable copies of a document, a user risks using an
`
`outdated version. By the time the user notices an inconsistency, interparty miscommunication or
`
`data loss may have already resulted. The user must then spend more time attempting to reconcile
`
`the inconsistent versions and addressing any miscommunications.
`
`[0008] The problem of data inconsistency is exacerbated when multiple copies of a document are
`
`2
`
`MobileIron, Inc., Ex. 1002 - Page 009
`
`

`

`maintained at different network locations. For example, due to network security systems such as
`
`conventional firewall technology, a user may have access only to a particular one of these
`
`network locations. Without access to the other sites, the user cannot confirm that the version on
`
`the accessible site is the most recent draft.
`
`[0009] Data consistency problems may also arise when using application programs from
`
`different vendors. For example, the Netscape Navigatorm web engine and the Internet Explorerm
`
`web engine each store bookmarks for quick reference to interesting web sites. However, since
`
`each web engine uses different formats and stores bookmarks in different files, the bookmarks
`
`are not interchangeable. In addition, one web engine may store a needed bookmark, and the other
`
`may not. A user who, for example, runs the Internet Explorer.TM. web engine at home and runs
`
`the Netscape Navigator.TM . web engine at work risks having inconsistent bookmarks at each
`
`location.
`
`[00 IO] Therefore, a system and method are needed to enable multiple users to access computer
`
`services remotely without consuming excessive user time, without severely threatening the
`
`integrity and confidentiality of the data, and without compromising data consistency.
`
`SUMMARY OF THE INVENTION
`
`[00 I I] The present invention provides a system and methods for providing global and secure
`
`access to services and to unified (synchronized) workspace elements in a computer network. A
`
`user can gain access to a global server using any terminal, which is connected via a computer
`
`network such as the Internet to the global server and which is enabled with a web engine.
`
`3
`
`MobileIron, Inc., Ex. 1002 - Page 010
`
`

`

`[0012] A client stores a first set of workspace data, and is coupled via a computer network to a
`
`global server. The client is configured to synchronize selected portions of the first set of
`
`workspace data (comprising workspace elements) with the global server, which stores
`
`independently modifiable copies of the selected portions. The global server may also store
`
`workspace data not received from the client, such as e-mail sent directly to the global server.
`
`Accordingly, the global server stores a second set of workspace data. The global server is
`
`configured to identify and authenticate a user attempting to access it from a remote terminal, and
`
`is configured to provide access based on the client configuration either to the first set of
`
`workspace data stored on the client or to the second set of workspace data stored on the global
`
`server. It will be appreciated that the global server can manage multiple clients and can
`
`synchronize workspace data between clients.
`
`[0013] Service engines for managing services such as e-mail management, accessing bookmarks,
`
`calendaring, network access, etc. may be stored anywhere in the computer network, including on
`
`the client, on the global server or on any other computer. The global server is configured to
`
`provide the user with access to services, which based on level of authentication management or
`
`user preferences may include only a subset of available services. Upon receiving a service
`
`request from the client, the global server sends configuration information to enable access to the
`
`service.
`
`[0014] Each client includes a base system and the global server includes a synchronization agent.
`
`The base system and synchronization agent automatically establish a secure connection
`
`therebetween and synchronize the selected portions of the first set of workspace data stored on
`
`the client and the second set of workspace data stored on the global server. The base system
`
`4
`
`MobileIron, Inc., Ex. 1002 - Page 011
`
`

`

`operates on the client and examines the selected portions to determine whether any workspace
`
`elements have been modified since last synchronization. The synchronization agent operates on
`
`the global server and informs the base system whether any of the workspace elements in the
`
`second set have been modified . Modified version may then be exchanged so that an updated set
`
`of workspace elements may be stored at both locations, and so that the remote user can access an
`
`updated database. If a conflict exists between two versions, the base system then performs a
`
`responsive action such as examining content and generating a preferred version, which may be
`
`stored at both locations. The system may further include a synchronization-start module at the
`
`client site (which may be protected by a firewall) that initiates interconnection and
`
`synchronization when predetermined criteria have been satisfied.
`
`[0015] A method of the present invention includes establishing a communications link between
`
`the client and the global server. The method includes establishing a communications link
`
`between the client and a service based upon user requests. The method receives configuration
`
`data and uses the configuration data to configure the client components such as the operating
`
`system, the web engine and other components. Configuring client components enables the client
`
`to communicate with the service and provides a user-and-service-specific user interface on the
`
`client. Establishing a communications link may also include confirming access privileges.
`
`[0016] Another method uses a global translator to synchronize workspace elements. The method
`
`includes the steps of selecting workspace elements for synchronization, establishing a
`
`communications link between a client and a global server, examining version information for
`
`each of the workspace elements on the client and on the global server to determine workspace
`
`elements which have been modified since last synchronization. The method continues by
`
`5
`
`MobileIron, Inc., Ex. 1002 - Page 012
`
`

`

`comparing the corresponding versions and performing a responsive action. Responsive actions
`
`may include storing the preferred version at both stores or reconciling the versions using content(cid:173)
`
`based analysis.
`
`[0017] The system and methods of the present invention advantageously provide a secure
`
`globally accessible third party, i.e. the global server. The system and methods provide a secure
`
`technique for enabling a user to access the global server and thus workspace data remotely and
`
`securely. Because of the global firewall and the identification and security services performed by
`
`the global server, corporations can store relatively secret information on the global server for use
`
`by authorized clients. Yet, the present invention also enables corporations to maintain only a
`
`portion of their secret information on the global server, so that there would be only limited loss
`
`should the global server be compromised. Further, the global server may advantageously act as a
`
`client proxy for controlling access to services, logging use of keys and logging access of
`
`resources.
`
`[0018] A client user who maintains a work site, a home site, an off-site and the global server site
`
`can securely synchronize the workspace data or portions thereof among all four sites. Further, the
`
`predetermined criteria (which control when the synchronization-start module initiates
`
`synchronization) may be set so that the general synchronization module synchronizes the
`
`workspace data upon user request, at predetermined times during the day such as while the user
`
`is commuting, or after a predetermined user action such as user log-off or user log-on. Because
`
`the system and method operate over the Internet, the system is accessible using any connected
`
`terminal having a web engine such as an internet-enabled smart phone, television settop (e.g.,
`
`web TV), etc. and is accessible over any distance. Since the system and method include format
`
`6
`
`MobileIron, Inc., Ex. 1002 - Page 013
`
`

`

`translation, merging of workspace elements between different application programs and different
`
`platforms is possible. Further, because synchronization is initiated from within the firewall, the
`
`typical firewall, which prevents in-bound communications and only some protocols of out-bound
`
`communications, does not act as an impediment to workspace element synchronization.
`
`[0019] Further, a roaming user may be enabled to access workspace data from the global server
`
`or may be enabled to access a service for accessing workspace data from a client. For example, a
`
`user may prefer not to store personal information on the global server but may prefer to have
`
`remote access to the information. Further, the user may prefer to store highly confidential
`
`workspace elements on the client at work as added security should the global server be
`
`compromised.
`
`[0020] The present invention may further benefit the roaming user who needs emergency access
`
`to information. The roaming user may request a Management Information Systems (MIS)
`
`director controlling the client to provide the global server with the proper keys to enable access
`
`to the information on the client. If only temporary access is desired, the keys can then be later
`
`destroyed either automatically or upon request. Alternatively, the MIS director may select the
`
`needed information as workspace elements to be synchronized and may request immediate
`
`synchronization with the global server. Accordingly, the global server and the client can
`
`synchronize the needed information, and the user can access the information from the global
`
`server after it has completed synchronization.
`
`[0021] The present invention also enables the system and methods to synchronize keys, available
`
`services and corresponding service addresses to update accessibility of workspace data and
`
`7
`
`MobileIron, Inc., Ex. 1002 - Page 014
`
`

`

`services. For example, if the user of a client accesses a site on the Internet which requires a
`
`digital certificate and the user obtains the certificate, the system and methods of the present
`
`invention may synchronize this newly obtained certificate with the keys stored on the global
`
`server. Thus, the user need not contact the global server to provide it with the information. The
`
`synchronization means will synchronize the information automatically.
`
`BRIEF DESCRIPTION OF THE DRAWINGS
`
`[0022] FIG. 1 is a block diagram illustrating a secure data-synchronizing remotely accessible
`
`network in accordance with the present invention;
`
`[0023] FIG. 2 is a block diagram illustrating details of a FIG. 1 remote terminal;
`
`[0024] FIG. 3 is a block diagram illustrating details of a FIG. 1 global server;
`
`[0025] FIG. 4 is a block diagram illustrating details of a FIG. 1 synchronization agent;
`
`[0026] FIG. 5 is a graphical representation of an example bookmark in global format;
`
`[0027] FIG. 6 is a graphical representation of the FIG. 3 configuration data;
`
`[0028] FIG. 7 is a block diagram illustrating the details of a FIG. 1 client;
`
`[0029] FIG. 8 is a block diagram illustrating the details of a FIG. 1 base system;
`
`8
`
`MobileIron, Inc., Ex. 1002 - Page 015
`
`

`

`[0030] FIG. 9 illustrates an example services list;
`
`[0031] FIG. 10 is a flowchart illustrating a method for remotely accessing a secure server;
`
`[0032] FIG. 11 is a flowchart illustrating details of the FIG. 10 step of creating a link between a
`
`client and global server;
`
`[0033] FIG . 12 is a flowchart illustrating details of the FIG. 10 step of providing access to a
`
`service in a first embodiment;
`
`[0034] FIG. 13 is a flowchart illustrating details of the FIG. 10 step of providing access to a
`
`service in a second embodiment,
`
`[0035] FIG. 14 is a flowchart illustrating details of the FIG. 10 step of providing access to a
`
`service in a third embodiment; and
`
`[0036] FIG. 15 is a flowchart illustrating a method for synchronizing multiple copies of a
`
`workspace element over a secure network.
`
`DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENT
`
`[0037] FIG . 1 is a block diagram illustrating a network I 00, comprising a first site such as a
`
`remote computer terminal I 05 coupled via a communications channel 110 to a global server 115.
`
`The global server 115 is in turn coupled via a communications channel 120 to a second site such
`
`9
`
`MobileIron, Inc., Ex. 1002 - Page 016
`
`

`

`as a Local Area Network (LAN) 125 and via a communications channel 122 to a third site such
`
`as client 167. Communications channel 110, communications channel 120 and communications
`
`channel 122 may be referred to as components of a computer network such as the Internet. The
`
`global server 115 is protected by a global firewall 130, and the LAN 125 is protected by a LAN
`
`firewall 135.
`
`[0038) The LAN 125 comprises a client 165, which includes a base system 170 for
`
`synchronizing workspace data 180 (e-mail data, file data, calendar data, user data, etc.) with the
`
`global server 115 and may include a service engine 175 for providing computer services such as
`
`scheduling, e-mail, paging, word-processing or the like. Those skilled in the art will recognize
`
`that workspace data 180 may include other types of data such as application programs. It will be
`
`further appreciated that workspace data 180 may each be divided into workspace elements,
`
`wherein each workspace element may be identified by particular version information 782 (FIG.
`
`7). For example, each e-mail, file, calendar, etc. may be referred to as "a workspace element in
`
`workspace data." For simplicity, each workspace element on the client 165 is referred to herein
`
`as being stored in format A. It will be further appreciated that the workspace data 180 or portions
`
`thereof may be stored at different locations such as locally on the client 165, on other systems in
`
`the LAN 125 or on other systems (not shown) connected to the global server 115.
`
`[0039) The client 167 is similar to the client 165. However, workspace data stored on the client
`
`167 is referred to as being stored in format B, which may be the same as or different than format
`
`A. All aspects described above and below with reference to the client 165 are also possible with
`
`respect to the client 167. For example, client 167 may include services (not shown) accessible
`
`from remote terminal 105, may include a base system (not shown) for synchronizing workspace
`
`10
`
`MobileIron, Inc., Ex. 1002 - Page 017
`
`

`

`elements with the global server 115, etc.
`
`[0040] The global server 115 includes a security system 160 for providing only an authorized
`
`user with secure access through firewalls to services. The security system 160 may perform
`
`identification and authentication services and may accordingly enable multiple levels of access
`
`based on the level of identification and authentication. The global server 115 further includes a
`
`configuration system 155 that downloads configuration data 356 (FIGS. 3 and 6) to the remote
`
`terminal l 05 to configure remote terminal l 05 components such as the operating system 270
`
`(FIG. 2), the web engine 283 (FIG. 2), the applet engine 290 (FIG. 2), etc. The configuration
`
`system 155 uses the configuration data 356 to enable the remote terminal l 05 to access the
`
`services provided by the service engine 175 and to provide a user-and-service-specific user
`
`interface.
`
`[0041] The global server 115 stores workspace data 163, which includes an independently
`
`modifiable copy of each selected workspace element in the selected portions of the workspace
`
`data 180. Accordingly, the workspace data 163 includes an independently modifiable copy of
`
`each corresponding version information 782 (FIG. 7). The workspace data 163 may also include
`
`workspace elements which originate on the global server 115 such as e-mails sent directly to the
`
`global server 115 or workspace elements which are downloaded from another client (not shown).
`
`The global server I 15 maintains the workspace data 163 in a format, referred to as a "global
`
`format," which is selected to be easily translatable by the global translator 150 to and from
`
`format A and to and from format B. As with format A and format B, one skilled in the art knows
`
`that the global format actually includes a global format for each information type. For example,
`
`there may be a global format for bookmarks (FIG. 5), a global format for files, a global format
`
`1 1
`
`MobileIron, Inc., Ex. 1002 - Page 018
`
`

`

`for calendar data, a global format for e-mails, etc.
`
`[0042] The global server 115 also includes a synchronization agent 145 for examining the
`
`workspace elements of workspace data 163. More particularly, the base system I 70 and the
`
`synchronization agent 145, collectively referred to herein as "synchronization means," cooperate
`
`to synchronize the workspace data I 63 with the selected portions of the workspace data I 80. The
`
`synchronization means may individually synchronize workspace elements (e.g., specific word
`
`processor documents) or may synchronize workspace element folders (e.g., a bookmark folder).
`
`Generally, the base system I 70 manages the selected portions of the workspace data 180 within
`
`the LAN 125 and the synchronization agent 145 manages the selected portions of workspace data
`
`I 63 within the global server I I 5. It will be appreciated that the global translator I 50 cooperates
`
`with the synchronization means to translate between format A (or format B) and the global
`
`format. It will be further appreciated that the global server 115 may synchronize the workspace
`
`data I 63 with workspace data 180 and with the workspace data (not shown) on the client I 67.
`
`Accordingly, the workspace data I 63 can be easily synchronized with the workspace data (not
`
`shown) on the client 167.
`
`[0043] The remote terminal 105 includes a web engine 140, which sends requests to the global
`
`server 115 and receives information to display from the global server 115. The web engine 140
`
`may use HyperText Transfer Protocol (HTTP) and HyperText Markup Language (HTML) to
`
`interface with the global server 115. The web engine 140 may be enabled to run applets, which
`
`when executed operate as the security interface for providing access to the global server 115 and
`
`which operate as the application interface with the requested service. Using the present invention,
`
`a user can operate any remote client I 05 connected to the Internet to access the global server I 15,
`
`12
`
`MobileIron, Inc., Ex. 1002 - Page 019
`
`

`

`and thus to access the services and the workspace data on or accessible by the global server 115.
`
`[0044] FIG. 2 is a block diagram illustrating details of the remote terminal 105, which includes a
`
`Central Processing Unit (CPU) 210 such as a Motorola Power PC.TM. microprocessor or an
`
`Intel Pentium.TM. microprocessor. An input device 220 such as a keyboard and mouse, and an
`
`output device 230 such as a Cathode Ray Tube (CRT) display are coupled via a signal bus 235 to
`
`CPU 210. A communications interface 240, a data storage device 250 such as Read Only
`
`Memory (ROM) and a magnetic disk, and a Random-Access Memory (RAM) 260 are further
`
`coupled via signal bus 235 to CPU 210. The communications interface 240 is coupled to a
`
`communications channel 110 as shown in FIG. l.
`
`[0045] An operating system 270 includes a program for controlling processing by CPU 210, and
`
`is typically stored in data storage device 250 and loaded into RAM 260 (as shown) for execution.
`
`Operating system 270 further includes a communications engine 275 for generating and
`
`transferring message packets via the communications interface 240 to and from the
`
`communications channel 110. Operating system 270 further includes an Operating System (OS)
`
`configuration module 278, which configures the operating system 270 based on OS
`
`configuration data 356 (FIG. 3) such as Transmission Control Protocol (TCP) data, Domain
`
`Name Server (DNS) addresses, etc. received from the global server 115.
`
`[0046] Operating system 270 further includes the web engine 140 for communicating with the
`
`global-server 115. The web engine 140 may include a web engine (WE) configuration module
`
`286 for configuring elements of the webengine 140 such as home page addresses, bookmarks,
`
`caching data, user preferences