US Patent No. 9,271,110

LOCATION AWARENESS SESSION MANAGEMENT AND CROSS APPLICATION SESSION MANAGEMENT


Patent No. 9,271,110
Issue Date February 23, 2016
Title Location Awareness Session Management And Cross Application Session Management
Inventorship David K. Fultz, Raymore, MO (US)
Victor Anend Vijayakirthi, Lenexa, KS (US)
Assignee Sprint Communications Company L.P., Overland Park, KS (US)

Claim of US Patent No. 9,271,110

1. A location aware session token generation and validation system, comprising:
a server system comprising at least one processor;
at least one non-transitory memory coupled to the at least one processor; and
a token component stored in the at least one non-transitory memory that, upon execution by the at least one processor of the
server system, configures the server system to:

receive a request to initiate an application level session from a mobile device comprising a global session management component
stored in non-transitory memory of the mobile device, wherein the request includes an identification of the mobile device
and a location of the mobile device within a predefined area of a communication network,

generate a token that initiates the application level session based on the request, wherein the token is time limited to a
specified period of time and location limited to the predefined area such that the application level session is designated
to expire based on at least one of the end of the specified period of time or the mobile device moving outside of the predefined
area,

send the token to the mobile device via the communication network, wherein the mobile device comprises a plurality of tokens
that each correspond to a respective one of a plurality of application level sessions, wherein each application level session
includes an interactive secure information exchange between an application server and an application via a radio transceiver
of the mobile device based on a completed authentication and authorization for the application that is stored in a non-transitory
memory of the mobile device,

receive an application level session message from the mobile device using the global session management component, wherein
the application level session message includes a requested application level session action associated with the application
level session, a current location of the mobile device, and the token for the application level session,

determine, by analysis of the token, that the current location does not match the location associated with the token due to
the mobile device moving outside of the predefined area and that a level of activity on the mobile device meets or exceeds
a pre-specified level of activity,

responsive to the determination, extend the application level session associated with the token despite the current location
of the mobile device being outside of the predefined area, and

perform the requested application level session action based on the extended application level session.