I 1111111111111111 11111 lllll lllll 111111111111111 1111111111111111 IIII IIII IIII
`US008539047B2
`
`c12) United States Patent
`McNulty
`
`(IO) Patent No.:
`(45) Date of Patent:
`
`US 8,539,047 B2
`*Sep.17,2013
`
`(54) APPARATUS, METHOD AND SYSTEM FORA
`TUNNELING CLIENT ACCESS POINT
`
`(76)
`
`Inventor: Scott McNulty, Rowayton, CT (US)
`
`( * ) Notice:
`
`Subject to any disclaimer, the term ofthis
`patent is extended or adjusted under 35
`U.S.C. 154(b) by O days.
`
`This patent is subject to a terminal dis(cid:173)
`claimer.
`
`(21) Appl. No.: 12/950,321
`
`(22) Filed:
`
`Nov. 19, 2010
`
`(65)
`
`Prior Publication Data
`
`US 2011/0131292 Al
`
`Jun. 2, 2011
`
`Related U.S. Application Data
`
`(63)
`
`Continuation of application No. 10/807,731, filed on
`Mar. 23, 2004, now Pat. No. 7,861,006.
`
`(51)
`
`(2006.01)
`(2006.01)
`(2006.01)
`(2006.01)
`
`Int. Cl.
`G06F 15116
`G06F 151177
`G06F 13/00
`H04L29/06
`(52) U.S. Cl.
`USPC ............ 709/220; 709/250; 713/150; 711/115
`( 58) Field of Classification Search
`USPC .................. 709/250, 220; 713/150; 711/115
`See application file for complete search history.
`
`(56)
`
`References Cited
`
`U.S. PATENT DOCUMENTS
`6,233,568 Bl*
`5/2001 Kara ............................. 705/410
`6,732,278 B2 *
`5/2004 Baird et al ........................ 726/7
`
`6,763,399 B2 *
`6,970,927 Bl
`7,032,240 Bl*
`7,051,157 B2 *
`7,103,772 B2 *
`7,213,766 B2
`7,310,734 B2 *
`7,454,783 B2
`7,762,470 B2 *
`2002/0044663 Al *
`2004/0127254 Al
`2005/0132183 Al
`2005/0197859 Al
`2005/0198221 Al
`2006/0071066 Al
`
`7/2004 Margalit et al. ................. 710/13
`11/2005 Stewart et al.
`4/2006 Cronce et al ...................... 726/2
`5/2006 James ........................... 711/115
`9/2006 Jorgensen et al.
`............ 713/168
`5/2007 Ryan et al.
`12/2007 Boate et al. ................... 713/186
`11/2008 Dupouy et al.
`7/2010 Finn et al ...................... 235/492
`4/2002 King et al.
`.................... 380/284
`7/2004 Chang
`6/2005 Gearhart
`9/2005 Wilson et al.
`9/2005 Manchester et al.
`4/2006 Vanzini et al.
`
`WO
`
`FOREIGN PATENT DOCUMENTS
`00/49505
`2/2000
`
`* cited by examiner
`
`Primary Examiner - Asghar Bilgrami
`(74) Attorney, Agent, or Firm - Locke Lord LLP
`
`(57)
`
`ABSTRACT
`
`The disclosure details the implementation of a tunneling cli(cid:173)
`ent access point (TCAP) that is a highly secure, portable,
`power efficient storage and data processing device. The
`TCAP "tunnels" data through an access terminal's (AT)
`input/output facilities. In one embodiment, the TCAP con(cid:173)
`nects to an AT and a user employs theAT's user input periph(cid:173)
`erals for input, and views the TCAP' s activities on the AT' s
`display. This enables the user to observe data stored on the
`TCAP without it being resident on the AT, which can be useful
`to maintain higher levels of data security. Also, the TCAP
`may tunnel data through an AT across a communications
`network to access remote servers. The disclosure also teaches
`a plug-n-play virtual private network (VPN).
`
`31 Claims, 10 Drawing Sheets
`
`Fdrive backend
`server
`
`1 10
`
`~ -~ " ·1 : .
`
`~
`
`Storage (EMC)
`1 05
`
`Fdrive front end
`Load-balanced servers
`1 20
`
`Fdrive backend
`Redundancy server
`115
`
`Fdrive users
`1 27
`
`PayPal Ex. 1001, p. 1
`PayPal v. IOENGINE
`
`

`

`1 27
`Fdrive users
`
`--r
`
`1 20
`
`Load-balanced servers
`Fdrive front end
`
`....
`
`115
`
`Redundancy server
`Fdrive backend
`
`Figure 1
`
`1 05
`
`Storage (EMC)
`
`110
`
`server
`Fdrive backend
`
`PayPal Ex. 1001, p. 2
`PayPal v. IOENGINE
`
`

`

`U.S. Patent
`
`Sep.17,2013
`
`Sheet 2 of 10
`
`US 8,539,047 B2
`
`ngage unne mg
`Client
`Access Point
`
`Login using Access Terminal
`(AT) as a peripheral controller
`2 04
`
`Loc t:::~~t
`
`(cid:141) "rim~~--
`
`~t~'.
`
`c:=::::::J 2:
`
`CJRe1_!gte,
`ClRl!gg:eraFr,e,nd
`[lFQfg<ilu!«Tllme
`
`C.--tldi>Oo,kt
`
`TCAP Takes User Input from 14--------....
`AT210
`
`Execute on TCAP .2..2Q
`
`Access/store data/programs
`on TCAP/server 2...25
`
`N
`
`Display on AT 2 30
`
`Terminate TCAP 1/0
`driver on AT .2..5Q
`
`Shutdown/store on TCAP
`2 40
`
`~------------- -------------,
`! Unmount TCAP 2 45
`'
`: ____________________________ :
`
`I
`I
`I
`
`I
`
`I
`I
`I
`
`I
`I
`
`Figure 2
`
`PayPal Ex. 1001, p. 3
`PayPal v. IOENGINE
`
`

`

`U.S. Patent
`
`Sep.17,2013
`
`Sheet 3 of 10
`
`US 8,539,047 B2
`
`--------------------~-------....=.---~-~-~-....=.--~-,--------------
`Engage TCAP with Access
`Terminal (e.g., via BT,
`WiFi, USB, etc.) lilli
`
`~Q
`
`1 3o AT 3 27
`
`~9'·.
`
`•
`
`o,,;,,..,
`
`,.
`
`1 25
`
`1
`
`~~342
`desktoµtool .exe
`s
`memory to
`: issue instruction signals (e.9 .. executes
`1 a TCAP application by double-clicking mounted
`l;L.----=J..,>1,-~------'
`I
`I
`I
`I
`1
`
`TCAP powers up ill
`
`TCAP loads/accesses operating
`system ill
`
`TCAP provides memory space to
`Access Terminal (AT) .3..2.Q
`
`AT accesses/mounts the TCAP
`memory space l25
`
`N
`
`y
`
`y
`
`AT executes instructions from
`- - - - - - TCAP memory to provide 1/0 for
`:
`pngage Tunneling Client
`TCAP 3 45
`Access Point (TCA':) 1.Q1 _ _ _ _ _ _ _ _ _ _ _ _
`_ __________________ _
`
`Figure 3
`
`Execution
`19-8
`
`PayPal Ex. 1001, p. 4
`PayPal v. IOENGINE
`
`

`

`U.S. Patent
`
`Sep.17,2013
`
`Sheet 4 of 10
`
`US 8,539,047 B2
`
`Display Error
`Message {e.g., please go
`online to register or login again)
`4-35
`
`User selection !.1Q
`
`N
`
`Display login/
`registration welcome
`screen 4 05
`
`Display Error
`Message (e.g., please go
`line to register or login) 4 25
`
`--"~'
`
`< · · · -
`
`;:;,,------N-----
`,.,
`440a
`
`!~
`
`y
`
`User Provides
`Registration Information
`440
`
`y
`
`y
`
`N
`
`rovide Options (e.9 .•
`online{dimmed if not online)/USB
`storage) 4 53
`
`Message (e.g., Information
`incomplete, please re-enter, User
`exists, please choose different
`
`Provide TCAP off-line
`options (e.g., run
`program) 4 60
`
`Provide all TCAP options
`(e.g., nm program, order prims, print
`documents, etc.) 4 80
`
`Allow user to access/
`execute/store data/
`programs on TCAP
`off-line (e.g., decrypt) 1...65
`
`Figure 4
`
`i
`l
`S_.'tRetfro~i;e'on-ar,d
`~....;i~.~: off-line storage?
`'>---,...:
`:
`:
`................ rn _,.,,,,
`:
`·------------r------------
`'r
`N
`:
`
`.,.,
`
`' ,
`
`-
`
`/
`
`' ,
`
`.,.,,,,,.
`
`I
`
`I
`
`1
`
`Synchronize ill
`
`I
`
`I
`
`I
`
`I
`I
`I
`I
`I
`I
`I
`I
`
`---------------·
`
`PayPal Ex. 1001, p. 5
`PayPal v. IOENGINE
`
`

`

`U.S. Patent
`
`Sep. 17,2013
`
`Sheet 5 of 10
`
`US 8,539,047 B2
`
`Figure 5
`
`PayPal Ex. 1001, p. 6
`PayPal v. IOENGINE
`
`

`

`U.S. Patent
`
`Sep.17,2013
`
`Sheet 6 of 10
`
`US 8,539,047 B2
`
`7
`
`desktoptool
`
`~
`
`Your Pass~\·ord was sent by email to av1.#md:m.com
`
`• ···~ - , · ,·,, ~elect ~"" & Qu.:antitv
`
`:noos-, tr-t'< ,mnt ~•ze ""d QUantit'<>S vc.u'd 1,bi!
`uth-,p,,tu,.,sbElo..,
`~•Recomm.-,nd(a(lresolutionforpnnMo.
`
`-
`
`Figure 6
`
`,11;11:-, pl~as,,rntat.e,11,p;,n<'ltolorcorrect rour
`ws b"'fo«! ~outransf<!< !hem.
`
`CilD
`
`onhrmvourb11Lnoand~,1ddr<essthen
`lrclc"Plact-Order"tocomi:,W<!thEtran5.;,ctn:m.
`
`lllankroufor,-ourorder.Your~otO~"''"bt
`d,e~vered to YOU shortlv.
`
`OrdeTota!
`
`~;.~:~
`
`:::;~~3W>
`
`~~~ - "O
`
`PayPal Ex. 1001, p. 7
`PayPal v. IOENGINE
`
`

`

`U.S. Patent
`
`Sep. 17,2013
`
`Sheet 7 of 10
`
`US 8,539,047 B2
`
`Figure 7
`
`PayPal Ex. 1001, p. 8
`PayPal v. IOENGINE
`
`

`

`U.S. Patent
`
`Sep.17,2013
`
`Sheet 8 of 10
`
`US 8,539,047 B2
`
`ow 72 33 .. NASDAQ 18 6" S&~:
`
`,.,
`
`I
`
`u-,,,....idi-taffeffl0'-,¢a,..•""
`W"""""""'oo •tljtlllffl<lffffl. pr,.,,."'°""""'" D
`=.ir:.~-:-;-,,_~~~.:.,--•"4
`~~:::~::·::::~·) rl
`~ =;:~$:f:;!!1,.c:-1~":".!:. ~
`
`Figure 8
`
`PayPal Ex. 1001, p. 9
`PayPal v. IOENGINE
`
`

`

`U.S. Patent
`
`Sep.17,2013
`
`Sheet 9 of 10
`
`US 8,539,047 B2
`
`Computer Systemization 9 02
`
`Clock
`9 30
`
`g@J0000000g
`
`g CPU g
`g M.3 g
`
`0
`0
`0
`0
`000000000
`
`.___----3~ System Bus
`.9M
`
`,---- -------- ----
`' I : .-----.... __ __,_ __
`l RAM
`I :-_ .... ._ _ __.
`I : 9 05
`
`ROM
`9 06
`
`I
`I
`I
`I
`
`g~0000000g
`0
`0
`0 Crypto
`0
`g 926 g
`
`0
`0
`0
`0
`000000000
`
`Cryptographic
`Processor Interface
`w
`Input Output
`Interface (1/0)
`.9..illl
`Interface Bus
`.9..Ql
`
`Network Interface
`.9_jQ
`
`Storage Interface
`9 09
`
`I
`
`·------------------------
`
`Storage Device
`ill
`
`TCAPS Module ~
`
`TCAPS Database~
`
`Cryptographic Server Module 9.1Q
`Web Browser Module ill
`User Interface Module .9...11
`Information Server Module ill
`Operating System (OS) Module 9 15
`
`r-user _____ ~----------------
`: Accounts
`: User Data
`i ~ 1
`9__j_filj
`
`I
`
`r-user -----
`! Programs
`: ~
`
`___________________________________________________________________________ Memory a.29
`Tunneling Client Access Point Server (TCAPS) .9..Q1
`
`Figure9
`
`PayPal Ex. 1001, p. 10
`PayPal v. IOENGINE
`
`

`

`,--
`
`--,
`
`I
`I
`I __________________ I
`
`Interface Bus
`10 07
`,.------------------,
`! Network Interface !
`!
`!
`1QJ.Q
`
`U.S. Patent
`
`Sep. 17,2013
`
`Sheet 10 of 10
`
`US 8,539,047 B2
`
`Computer Systemization .1Q....Q2
`----~
`g~ooooooog
`g CPU g
`g 1.Q_fil g
`
`Clock
`10 30
`
`0
`0
`0
`0
`000000000
`
`I
`
`~------------------7
`: Cryptographic
`:
`: Processor Interface:
`I
`I
`:
`10 27
`:
`• __________________ J
`
`I
`
`I
`
`I
`
`: c, .!!.~!!.~!!.~!~ c,:
`I
`I
`:c,: C
`I (11
`1CJ I
`I
`I
`t
`:,,:
`I--'-~~_.__-,
`ryp O
`:,,: 10 26
`I RAM
`ROM
`:,,:
`I
`: ,,:_ _________ :,,:
`I
`I
`.illJlli I
`I 1.Q....0.5
`I
`I
`L--------------
`I
`I
`------------ ----------------------
`
`I Cl1
`I (JI
`
`l(JI
`
`1CI I
`l('J:
`
`l(J I
`
`I CJ CJCJ CJ CJ CJ CJ Cl CJ 1
`
`Storage Interface
`10 09
`
`Storage Device
`1Q..1A
`
`TCAP Module 10 35
`Access Terminal Module .10..21
`Cryptographic Server Module .10..20
`Web Browser Module .10...1.§
`
`User Interface Module 1.Q...11
`
`Information Server Module .10...1.§
`
`lf-"-....:..l"-'-' ....... __,
`
`:-----user----(cid:173)
`: Programs
`: 10 19b
`
`TCAP Database .10Jil
`
`Operating System (OS) Module .1QJ.5
`
`emory 10 29
`.__:_:_:_-:;_:_-:;_-:;_-:;_-:;_:_:_:_:_:_:_:_:_: __ .-,-. :_:_:_:_:_:_:_:_:_:, r:--=t;----;=---.;------===\i
`f 5~~~~N~~~1os~fl~~~~s~~~~~ul ! r---------------- ! i ! i ve~UrlLY ! i Keypad ! i
`, ' 10.28
`: :
`: '==================! :=-================-=-~:'
`: Output (Alert)
`: '
`: : Device (e.g.,
`! ~ IE~!Pli!l119..1Qla! L_ ________ J !
`! !2.~!l~!_~~-~~-.1,MQ! L_ ___ ~.!!~ ____ J ! ~ Device (e.g.,
`L_ ______ ~9!1:'..e11~!~~'!1~!q~~-------l ! speaker)~ ! ! Control Device (e.g., b~
`unneling Client Access Point (TCAP) .1Q..Q.1 L_ ______________ J L-------------~l·_0!':) _____ _
`Figure 10
`
`PayPal Ex. 1001, p. 11
`PayPal v. IOENGINE
`
`

`

`US 8,539,047 B2
`
`1
`APPARATUS, METHOD AND SYSTEM FORA
`TUNNELING CLIENT ACCESS POINT
`
`This application is a continuation application ofU.S. appli(cid:173)
`cation Ser. No. 10/807,731, filed on Mar. 23, 2003, now U.S.
`Pat. No. 7,861,006.
`
`FIELD
`
`The present invention is directed generally to an apparatus,
`method, and system of accessing data, and more particularly,
`to an apparatus, method and system to execute and process
`data by tunneling access through a terminal.
`
`BACKGROUND
`
`Portable Computing and Storage
`
`Computing devices have been becoming smaller over time.
`Currently, some of the smallest computing devices are in the
`form of personal digital assistants (PD As). Such devices usu(cid:173)
`ally come with a touch screen, an input stylus and/or mini
`keyboard, and battery source. These devices, typically, have
`storage capacities around 64 MB. Examples of these devices
`include Palm's Palm Pilot.
`Information Technology Systems
`Typically, users, which may be people and/or other sys(cid:173)
`tems, engage information technology systems (e.g., com(cid:173)
`monly computers) to facilitate information processing. In
`turn, computers employ processors to process information;
`such processors are often referred to as central processing
`units (CPU). A common form of processor is referred to as a
`microprocessor. A computer operating system, which, typi(cid:173)
`cally, is software executed by CPU on a computer, enables
`and facilitates users to access and operate computer informa(cid:173)
`tion technology and resources. Common resources employed
`in information technology systems include: input and output
`mechanisms through which data may pass into and out of a
`computer; memory storage into which data may be saved; and
`processors by which information may be processed. Often
`information technology systems are used to collect data for
`later retrieval, analysis, and manipulation, commonly, which
`is facilitated through database software. Information technol(cid:173)
`ogy systems provide interfaces that allow users to access and
`operate various system components.
`User Interface
`The function of computer interfaces in some respects is
`similar to automobile operation interfaces. Automobile
`operation interface elements such as steering wheels, gear(cid:173)
`shifts, and speedometers facilitate the access, operation, and
`display of automobile resources, functionality, and status.
`Computer interaction interface elements such as check boxes,
`cursors, menus, scrollers, and windows ( collectively and
`commonly referred to as widgets) similarly facilitate the
`access, operation, and display of data and computer hardware
`and operating system resources, functionality, and status.
`Operation interfaces are commonly called user interfaces.
`Graphical user interfaces (GUis) such as the Apple Macin(cid:173)
`tosh Operating System's Aqua, Microsoft's Windows XP, or
`Unix's X-Windows provide a baseline and means of access(cid:173)
`ing and displaying information, graphically, to users.
`Networks
`Networks are commonly thought to comprise of the inter(cid:173)
`connection and interoperation of clients, servers, and inter(cid:173)
`mediary nodes in a graph topology. It should be noted that the
`term "server" as used herein refers generally to a computer,
`other device, software, or combination thereof that processes
`
`5
`
`2
`and responds to the requests of remote users across a com(cid:173)
`munications network. Servers serve their information to
`requesting "clients." The term "client" as used herein refers
`generally to a computer, other device, software, or combina-
`tion thereof that is capable of processing and making requests
`and obtaining and processing any responses from servers
`across a communications network. A computer, other device,
`software, or combination thereof that facilitates, processes
`information and requests, and/or furthers the passage ofinfor-
`10 mation from a source user to a destination user is commonly
`referred to as a "node." Networks are generally thought to
`facilitate the transfer of information from source points to
`destinations. A node specifically tasked with furthering the
`passage of information from a source to a destination is com-
`15 manly called a "router." There are many forms of networks
`such as Local Area Networks (LANs), Pico networks, Wide
`Area Networks (WANs), Wireless Networks (WLANs), etc.
`For example, the Internet is generally accepted as being an
`interconnection of a multitude of networks whereby remote
`20 clients and servers may access and interoperate with one
`another.
`
`SUMMARY
`
`25
`
`Although all of the aforementioned portable computing
`systems exist, no effective solution to securely access,
`execute, and process data is available in an extremely com(cid:173)
`pact form. Currently, PDAs, which are considered among the
`smallest portable computing solution, are bulky, provide
`30 uncomfortably small user interfaces, and require too much
`power to maintain their data. Current PDA designs are com(cid:173)
`plicated and cost a lot because they require great processing
`resources to provide custom user interfaces and operating
`systems. Further, current PDAs are generally limited in the
`35 amount of data they can store or access. No solution exists
`that allows users to employ traditional large user interfaces
`they are already comfortable with, provides greater portabil(cid:173)
`ity, provides greater memory footprints, draws less power,
`and provides security for data on the device. As such, the
`40 disclosed tunneling client access point (TCAP) is very easy to
`use; at most it requires the user to simply plug the device into
`any existing and available desktop or laptop computer,
`through which, the TCAP can make use of a traditional user
`interface and input/output (I/0) peripherals, while the TCAP
`45 itself, otherwise, provides storage, execution, and/or process(cid:173)
`ing resources. Thus, the TCAP requires no power source to
`maintain its data and allows for a highly portable "thumb"
`footprint. Also, by providing the equivalent of a plug-n-play
`virtual private network (VPN), the TCAP provides certain
`50 kinds of accessing of remote data in an easy and secure
`manner that was unavailable in the prior art.
`In accordance with certain aspects of the disclosure, the
`above-identified problems of limited computing devices are
`overcome and a technical advance is achieved in the art of
`55 portable computing and data access. An exemplary tunneling
`client access point (TCAP) includes a method to dispose a
`portable storage device in communication with a terminal.
`The method includes providing the memory for access on the
`terminal, executing processing instructions from the memory
`60 on the terminal to access the terminal, communicating
`through a conduit, and processing the processing instructions.
`In accordance with another embodiment, a portable tun(cid:173)
`neling storage processor is disclosed. The apparatus has a
`memory and a processor disposed in communication with the
`65 memory, and configured to issue a plurality of processing
`instructions stored in the memory. Also, the apparatus has a
`conduit for external communications disposed in communi-
`
`PayPal Ex. 1001, p. 12
`PayPal v. IOENGINE
`
`

`

`US 8,539,047 B2
`
`3
`cation with the processor, configured to issue a plurality of
`communication instructions as provided by the processor,
`configured to issue the communication instructions as signals
`to engage in communications with other devices having com(cid:173)
`patible conduits, and configured to receive signals issued
`from the compatible conduits.
`
`BRIEF DESCRIPTION OF THE DRAWINGS
`
`The accompanying drawings illustrate various non-limit(cid:173)
`ing, example, inventive aspects in accordance with the
`present disclosure:
`FIG. 1 is of a flow diagram illustrating embodiments of a
`tunneling client access point (TCAP);
`FIG. 2 is of a flow diagram illustrating embodiments of a
`system of turmeling client access point and access terminal
`interaction;
`FIG. 3 is of a flow diagram illustrating embodiments of
`engaging the tunneling client access point to an access termi(cid:173)
`nal interaction;
`FIG. 4 is of a flow diagram illustrating embodiments of
`accessing the tunneling client access point and server through
`an access terminal;
`FIGS. 5-8 is of a flow diagram illustrating embodiments of
`facilities, programs, and/or services that the turmeling client
`access point and server may provide to the user as accessed
`through an access terminal;
`FIG. 9 is of a block diagram illustrating embodiments of a
`tunneling client access point server controller;
`FIG. 10 is of a block diagram illustrating embodiments of
`a tunneling client access point controller;
`The leading number of each reference number within the
`drawings indicates the first figure in which that reference
`number is introduced. As such, reference number 101 is first
`introduced in FIG. 1. Reference number 201 is first intro- 35
`duced in FIG. 2, etc.
`
`4
`cessing resources by engaging servers 110, 115, 120, which
`have access to and can provide extended storage 105 to the
`TCAP through the AT. In one embodiment, a single server and
`storage device may provide such TCAP server support. In
`5 another embodiment, server support is provided over a com(cid:173)
`munications network, e.g., the Internet, by an array offront(cid:173)
`end load-balancing servers 120. These servers can provide
`access to storage facilities within the servers or to remote
`storage 105 across a communications network 113b, c ( e.g., a
`10 local area network (LAN)). In such an embodiment, a back(cid:173)
`end server 110 may offload the front-end server with regard to
`data access to provide greater throughput. For purposes of
`load balancing and/or redundancy, a backup server 115 may
`be similarly situated to provide for access and backup in an
`15 efficient manner. In such an embodiment, the back-end serv(cid:173)
`ers may be connected to the front-end servers through a
`communications network 113b ( e.g., wide area network
`(WAN)). The backend servers 110, 115 may be connected to
`the remote storage 105 through a communications network
`20 113c as well ( e.g., a high speed LAN, fiber-channel, and/or
`the like).
`Thus, to the user 133a, the contents of the TCAP 130
`appear on the AT as being contained on the TCAP 125 even
`though much of the contents may actually reside on the serv-
`25 ers 115,120 and/or the servers' storage facilities 105. In these
`ways, the TCAP "tunnels" data through an AT. The data may
`be provided through the AT's I/O for the user to observe
`without it actually residing on the AT. Also, the TCAP may
`tunnel data through an AT across a communications network
`30 to access remote servers without requiring its own more com(cid:173)
`plicated set of peripherals and I/O.
`TCAP and AT Interaction
`FIG. 2 illustrates embodiments for a system of tunneling
`client access point (TCAP) (see FIG. 10 for more details on
`the TCAP) and access terminal interaction. FIG. 2 provides
`an overview for TCAP and AT interaction and subsequent
`figures will provide greater detail on elements of the interac(cid:173)
`tion. In this embodiment, a user engages the TCAP 201. For
`example, the user may plug the TCAP into an AT via the AT' s
`40 USB port. Thereafter the user is presented with a login prompt
`205 on the AT' s display mechanism, e.g., on a video monitor.
`After a user successfully logs in (for example by providing a
`user name and password) 204, the TCAP can then accept user
`inputs from the AT and its peripherals (the TCAP can then
`45 also provide output to the user via the AT's peripherals).
`The user may employ the AT's input peripherals as user
`input devices that control actions on the TCAP. Depending on
`the user's actions 215, the TCAP can be used by the AT as a
`storage device from which it can access and store data and
`50 programs 225. For example, if the user takes the action of
`opening a file from the TCAP's memory, e.g., by double
`clicking on an icon when the TCAP is mounted as a USB
`drive on the AT, then the AT may treat the TCAP as a memory
`device and retrieve information from the TCAP 225. If the
`user's action 215 is one that is directed at executing on the
`TCAP 215, then the AT will not be involved in any execution.
`For example, if the user drops an icon representing a graphics
`file onto a drag-and-drop location visually representing the
`TCAP, then the file may be copied to the TCAP where it will
`process and spool the file for sending the graphics file to be
`printed at a remote location. In such a case, all of the require-
`ments to process and spool the file are handled by the TCAP' s
`processor and the AT would only be used as a mechanism for
`user input and output and as a conduit through which the
`65 TCAP may send files.
`Regardless of if there is an action 215 to execute on the
`TCAP 220 or to access or store data on the TCAP 225, the AT
`
`DETAILED DESCRIPTION
`
`Topology
`
`FIG. 1 illustrates embodiments for a topology between a
`tunneling client access point (TCAP) (see FIG. 10 for more
`details on the TCAP) and TCAP server (TCAPS) (see FIG. 9
`for more details on the TCAPS). In this embodiment, a user
`133a may plug-in a TCAP into any number of access termi(cid:173)
`nals 127 located anywhere. Access terminals (ATs) may be
`any number of computing devices such as servers, worksta(cid:173)
`tions, desktop computers, laptops, portable digital assistants
`(PD As), and/or the like. The type of AT used is not important
`other than the device should provide a compatible mechanism
`of engagement to the TCAP 130 and provide an operating
`environment for the user to engage the TCAP through the AT.
`In one embodiment, the TCAP provides a universal serial bus
`(USB) connector through which it may plug into an AT. In 55
`other embodiment, the TCAP may employ Bluetooth, WiFi
`and/or other wireless connectivity protocols to connect with
`ATs that are also so equipped. In one embodiment, the AT
`provides Java and/or Windows runtime environments, which
`allows the TCAP to interact with the input/output mecha- 60
`nisms of the AT. See FIG. 9 for more details and embodiments
`on the types of connections that may be employed by the
`TCAP. Once the TCAP has engaged with an AT, it can provide
`the user with access to its storage and processing facilities.
`If the AT is connected to a communication network 113, the
`TCAP may then communicate beyond the AT. In one embodi(cid:173)
`ment, the TCAP can provide extended storage and/or pro-
`
`PayPal Ex. 1001, p. 13
`PayPal v. IOENGINE
`
`

`

`US 8,539,047 B2
`
`5
`is used to display the status of any actions 230. At any time the
`user may select to terminate TCAP related facilities executing
`either on the AT, a backend server, on the TCAP itself, and/or
`the like 235. In one embodiment, the user may select a quit
`option that is displayed on the AT's screen. In another 5
`embodiment, the user may simply disengage the TCAP from
`the AT by severing the connection ( e.g., turning power off,
`physically pulling the device off the AT, turning off wireless
`transmissions, and/or the like). It should be noted that such
`abrupt severing may result in the loss of data, file corruption, 10
`etc. if the TCAP has not saved data that is on the AT or on
`some remote server, however, if the TCAP is employing flash
`like memory, its contents should remain intact.
`If there is no instruction signal to terminate the TCAP 235,
`execution will continue and the TCAP will continue to take
`and look for input from the user. Of course if the TCAP has
`been set to perform certain actions, those actions will con(cid:173)
`tinue to execute, and the TCAP may respond to remote serv-
`ers when it is communicating with them through the AT.
`When the user issues a terminate signal 235, then the TCAP
`will shut down by saving any data to the TCAP that is in the
`AT' s memory and then terminating any programs executing
`on both the AT and TCAP that were executed by and/or from
`the TCAP 240. Ifno activities are taking place on the TCAP
`and all the data is written back to the TCAP 240, then the
`TCAP may optionally unmount itself from the AT's file(cid:173)
`system 245. At this point, if there is a TCAP I/O driver
`executing on the AT, that driver may be terminated as trig(cid:173)
`gered by the absence of the TCAP at a mount point 250. After
`the TCAP is unmounted and/or the TCAP I/O driver is ter(cid:173)
`minated, it is safe to disengage the TCAP from the AT.
`TCAP and AT Interaction
`FIG. 3 illustrates embodiments engaging the tunneling cli(cid:173)
`ent access point to an access terminal interaction. Examples
`of engaging the TCAP 301 with an AT were discussed above
`in FIG. 1127, 130, 133a and FIG. 2 201. In one embodiment,
`the TCAP 130 is engaged with an access terminal 327, 305.
`As mentioned in FIG. 1, the TCAP is capable of engaging
`withATs using a number of mechanisms. In one embodiment,
`the TCAP has a USB connector for plugging into an AT,
`which acts as a conduit for power and data transfer. In another
`embodiment, the TCAP may use Bluetooth to establish a
`wireless connection with a number of ATs. In another
`embodiment, the TCAP may employ WiFi. In yet another
`embodiment, the TCAP may employ multiple communica(cid:173)
`tions mechanisms. It should be noted, with some wireless
`mechanisms like Bluetooth and WiFi, simply coming into
`proximity with an AT that is configured for such wireless
`communication may result in the TCAP engaging with and
`establish a communications link with the AT. In one embodi(cid:173)
`ment, the TCAP has a "connect" button that will allow such
`otherwise automatically engaging interactions take place
`only if the "connect" button is engaged by a user. Such an
`implementation may provide greater security for users (see
`FIG. 10 for more details on the TCAP).
`After being engaged 305, the TCAP will then power on. In
`an embodiment requiring a direct connection, e.g., USB,
`simply plugging the TCAP into the AT provides power. In a
`wireless embodiment, the TCAP may be on in a lower pow(cid:173)
`ered state or otherwise turned on by engaging the connect 60
`button as discussed above. In such an embodiment, the TCAP
`can employ various on-board power sources (see FIG. 10 for
`more details on the TCAP). The TCAP then may load its own
`operating system 315. The operating system can provide for
`interaction with the AT. In one embodiment, a Java runtime is 65
`executed on the TCAP, and Java applets communicate with
`the AT through JavaAPis. In another embodiment, a driver is
`
`6
`loaded onto the AT, and the on-TCAP Java operating system
`applets communicate to and through the AT via the driver
`running on the AT, wherein the driver provides an API
`through and to which messages may be sent.
`After engaging with the AT, the TCAP can provide its
`memory space to the AT 3 20. In one embodiment, the TCAP' s
`memory is mapped and mounted as a virtual disk drive 125
`storage 325. In this manner, the TCAP may be accessed and
`manipulated as a standard storage device through the AT's
`operating system. Further, the TCAP and in some cases the
`AT can determine if the AT is capable of accessing program
`instructions stored in the TCAP's memory 330. In one
`embodiment, the AT's operating system looks to auto-run a
`specified file from any drive as it mounts. In such an embodi-
`15 ment, the TCAP's primary interface may be specified in such
`a boot sequence. For example, under windows, anautorun.inf
`file can specify the opening of a program from the TCAP by
`the AT; e.g., OPEN=TCAP.EXE.
`Many operating systems are capable of at least accessing
`20 the TCAP as a USB memory drive 330 and mounting its
`contents as a drive, which usually becomes accessible in file
`browsing window 125. If the TCAP does not mount, the AT' s
`operating system will usually generate an error informing the
`user of a mounting problem. If the AT is not capable of
`25 executing instruction from the TCAP, a determination is
`made if an appropriate driver is loaded on the AT to access the
`TCAP 335. In one embodiment, the TCAP can check to see if
`anAPI is running on the AT. For example, the TCAP provide
`an executable to be launched, e.g., as specified through auto-
`30 run.inf, and can establish communications through its con(cid:173)
`nection to the AT, e.g., employing TCP/IP communications
`over the USB port. In such an embodiment, the TCAP can
`ping the AT for the program, and if an acknowledgement is
`received, the TCAP has determined that proper drivers and
`35 APis exist. If no such API exists, the TCAP may launch a
`driver installation program for the AT as through an autorun(cid:173)
`.inf. In an alternative embodiment, if nothing happens, a user
`may double click onto an installer program that is stored on
`the mounted TCAP 342, 340. It should be noted, that although
`40 the TCAP' s memory space may be mounted, certain areas of
`the TCAP may be inaccessible until there is an authorization.
`For example, certain areas and content on the TCAP may be
`encrypted. It should be noted that any such access terminal
`modules that drive AT and TCAP interaction may be saved
`45 onto the TCAP by copying the module to a mounted TCAP.
`Nevertheless, if the AT is capable of accessing program
`instructions in TCAP memory 330, a TCAP driver is loaded
`on the AT 335, and/ortheuserengages a program in the TCAP
`memory 340, then the AT can execute program instructions
`50 from the TCAP' s memory, which allows the TCAP to use the
`AT' s I/O and allowing the user to interface with TCAP facili(cid:173)
`ties 345. It should be noted that some ATs may not be able to
`mount the TCAP at all. In such an instance, the user may have
`to install the TCAP drivers by downloading them from a
`55 server on the Internet, loading them from a diskette or CD,
`and/or the like. Once the TCAP is engaged to the AT 301,
`execution may continue 398.
`TCAP and AT Interaction
`FIG. 4 illustrates embodiments accessing the tunneling
`client access point and server through an access terminal.
`Upon engaging the TCAP to the AT as described in FIG. 3
`301, 398, the user may then go on to access the TCAP and its
`services 498. It should be noted that users may access certain
`unprotected areas of the TCAP o