WikiPatents - Community Patent Review
Create Free Account  |  License or Sell Your Patent  |  WikiPatents Marketplace  |  WikiPatents Blog
Username:  Password:  
    
Advanced Search
Intelligent remote location system    
United States Patent6519530   
Link to this pagehttp://www.wikipatents.com/6519530.html
Inventor(s)Crockett; Patrick W. (Chapel Hill, NC); Thacker; William E. (Durham, NC)
AbstractA remote location system for communicating location information between a movable remote location device that generates such location information and a location service includes at least one remote location device having detecting means for determining a location of a remote location device, communication capability for communicating the location information to the service and from the service to a user of the service, and intelligent location agent means in the form of algorithms for selectively defining location information in terms of location event data to be communicated to the locator service. The intelligent location agent algorithms define location event data to include a remote locator device crossing a specified boundary as established by the location service; traveling a specified distance from a prior location; and exceeding a specified velocity.



 Title Information Submit all comments and votes
 
Patent Text Patent PDF Print Page Summary File History
Plain text PDF images Print Summary File History
Inventor     Crockett; Patrick W. (Chapel Hill, NC); Thacker; William E. (Durham, NC)
Owner/Assignee     eWatchdogs, Inc. (Jacksonville, FL)
Patent assignment
All assignments
Publication Date     February 11, 2003
Application Number     09/930,060
PAIR File History     Application Data   Transaction History
Image File Wrapper   Patent Term   Fees
Litigation
Filing Date     August 15, 2001
US Classification     701/300 340/989
Int'l Classification     G06G  007/78
Examiner     Beaulieu; Yonel
Assistant Examiner    
Attorney/Law Firm     Yeager; Arthur G.
Address
Parent Case     CROSS-REFERENCE TO RELATED APPLICATIONS This application is related to provisional application, Serial No. 60/225,472 filed Aug. 15, 2000, entitled "INTELLIGENT REMOTE LOCATION SYSTEM", and is related to two U.S. Patent Applications each filed on Jul. 18, 2001 entitled "COMMUNICATION PROTOCOL FOR A REMOTE LOCATOR SYSTEM", Serial No. 09/907,801 and entitled "TIGHTLY COUPLED REMOTE LOCATION DEVICE UTILIZING FLEXIBLE CIRCUITRY", Ser. No. 09/907,800.
Priority Data    
USPTO Field of Search     701/300 709/203 709/1 340/988 340/989 340/992 379/106.02
Patent Tags     intelligent remote location
   
Enter a comma (,) or semicolon (;) between multiple tag words/phrases.
Describe this patent:
 Amusing   
 Clever   
 Complex   
 Efficient   
 Historic   
 Important   
 Innovative   
 Interesting   
 Practical   
 Simple   
[no votes]
Patent WIKI

Share information and news about this patent, including information and news about the technology, inventors, company, ligation and licensing.
 References Submit all comments and votes
 
*references marked with an asterisk below are user-added references
 U.S. References
 
Add a new US reference:  
ReferenceRelevancyCommentsReferenceRelevancyComments
5553609
Chen
600/301
Sep,1996
[0 after 0 votes]
 Foreign References
 Other References
 Market Review Submit all comments and votes
   
Market Size
Estimate the gross annual revenues of the relevant market sector:
> $10B
$5B - $10B
$2B - $5B
$500M - $2B
$100M - $500M
$10M - $100M
$1M - $10M
$500K - $1M
$100K - $500K
< $100K
[No votes]
$0
 
$0   $2.5B   $5B   $7.5B   $10B
Market Share
Estimate the percentage of the relevant market sector this invention will capture:
75% - 100%
50% - 74.99%
25% - 49.99%
10 - 24.99%
5 - 9.99%
2 - 4.99%
1 - 1.99%
< 1%
[No votes]
0.0%
 
0%   25%   50%   75%   100%
Reasonable Royalty
What percentage of gross sales should the inventor or assignee be paid?
75% - 100%
50% - 74.99%
25% - 49.99%
10 - 24.99%
5 - 9.99%
2 - 4.99%
1 - 1.99%
< 1%
[No votes]
0.0%
 
0%   25%   50%   75%   100%
Public's "Guesstimation" of Royalty Value
Market SizeN/A[No votes]
xMarket ShareN/A[No votes]
xReasonable RoyaltyN/A[No votes]
N/A
License Availablity
If you are NOT the owner or assignee, answer here:
Yes, license is available for purchase

No, license is not currently available



 [No votes]
License Availablity
If you ARE the owner or assignee, answer here:
Yes, license is available for purchase

No, license is not currently available



 [No votes]
Competitive Advantage
Does this invention have a significant competitive advantage over similar technologies?
Yes

No



 [No votes]
Most helpful competitive advantage comment
[No comments]
Commercial Alternatives
Are there viable commercial alternatives for this invention?
Yes

No



 [No votes]
Most helpful commercial alternative comment
[No comments]
 Technical Review Submit all comments and votes
 Claims Submit all comments and votes
 


What is claimed as new and what it is desired to secure by Letters Patent of the United States is:

1. A remote location system for communicating physical location information between a movable remote location device that generates such location information and a location service comprising at least one remote location device having detecting means for receiving signal information and for computing a physical location of said remote location device, communication means for communicating said location information to said service and from said service to a user of said service, and intelligent location agent means for selectively defining said location information in terms of physical location event data to be communicated to said locator service.

2. The system as defined in claim 1 wherein said communication means includes a communication protocol for communicating with a said remote location device.

3. The system as defined in claim 2 wherein said communication means includes a computer system for communicating with a said remote locator device by way of said protocol.

4. The system as defined in claim 2 wherein said communication means includes user communication modes for communication between a user and said service.

5. The system as defined in claim 4 wherein said modes include service-initiated communication from said service to a user.

6. The system as defined in claim 4 wherein said communication means includes protocols for controlling communication between said service and a user.

7. The system as defined in claim 6 wherein said communication means includes software for integrating communication between said service and a said remote locator device and between a user and said service.

8. The system as defined in claim 1 wherein said intelligent location agent means defines physical location event data to include a said remote locator device crossing a specified boundary as established by said location service.

9. The system as defined in claim 1 wherein said intelligent location agent means defines location-event data to include a said remote location device traveling a specified physical minimum distance from a prior location as established by said location service.

10. The system as defined in claim 1 wherein said intelligent location agent means defines location event data to include a said remote locator device exceeding a specified velocity as established by said location service.

11. A remote location system for communicating physical location information between a movable remote location device that generates such location information and a location service comprising a plurality of remote location devices each having detecting means for receiving signal information and for computing the physical location of a said remote location device, communication means for communicating said location information to said location service from each said remote location device and from said location service to a user of said location service, and program means for selectively defining said location information in terms of physical location event data to be communicated to said location service and under what circumstances said data is communicated from said service to a user of said service.

12. The system as defined in claim 11 wherein said communication means includes a communication protocol for communicating with each said remote location device.

13. The system as defined in claim 12 wherein said communication means includes a computer system for communicating with each said remote locator device by way of said protocol.

14. The system as defined in claim 12 wherein said communication means includes user communication modes for communication between a user and said location service.

15. The system as defined in claim 14 wherein said modes include service-initiated communications from said location service to a user.

16. The system as defined in claim 14 wherein said communication means includes software protocols for controlling communication between said location service and a user.

17. The system as defined in claim 14 wherein said communication means includes human operator protocolis for controlling communication between said location service and a user.

18. The system as defined in claim 11 wherein said program means defines physical location event data to include a said remote locator device crossing a specified boundary as established by said location service.

19. The system as defined in claim 11 wherein said program means defines location event data to include a said remote location device traveling a specified physical minimum distance from a prior location as established by said location service.

20. The system as defined in claim 11 wherein said program means defines location event data to include a said remote locator device exceeding a specified velocity as established by said location service.

21. A remote location system for communicating physical location information between a movable remote location device that generates such location information and a location service comprising at least one remote location device having detecting means for receiving signal information and for computing a physical location of a said remote location device identified by said system and memory for storing said location information, communication means for communicating said location information to said location service and from said service to a user of said location service, and intelligent location agent means for selectively defining said location information in terms of physical location event data to be communicated to said locator service.

22. The system as defined in claim 21 wherein said intelligent location agent means includes at least one location algorithm for selecting which said location data is to be stored in said memory of said remote locator device.

23. The system as defined in claim 22 wherein said at least one location algorithm is for minimum distance sampling whereby the current location is recorded only when the distance from the most recently recorded location to the current location is at least as much as some prescribed distance.

24. The system as defined in claim 22 wherein said at least one location algorithm is for fixed time interval sampling whereby the current location is recorded only when a prescribed amount of time has passed since the most recently recorded location.

25. The system as defined in claim 22 wherein said at least one location algorithm is for velocity-determined sampling whereby the rate that the locations are recorded depends on the velocity of a said remote location device.

26. The system as defined in claim 1 wherein said intelligent location agent means defines physical location event data to include a said remote locator device failing to cross a specified boundary as established by said location service.

27. The system as defined in claim 1 wherein said intelligent location agent means defines location event data to include a said remote location device failing to travel a specified physical minimum distance from a prior location as established by said location service.

28. The system as defined in claim 11 wherein said program means defines physical location event data to include a said remote locator device failing to cross a specified boundary as established by said location service.

29. The system as defined in claim 11 wherein said program means defines location event data to include a said remote location device failing to travel a specified physical minimum distance from a prior location as established by said location service.
 Description Submit all comments and votes
 


STATEMENT REGARDING FEDERALLY SPONSORED RESEARCH OR DEVELOPMENT

Not Applicable.

REFERENCE TO A MICROFICHE APPENDIX

Not Applicable.

BACKGROUND OF THE INVENTION

1. Field of the Invention

The present invention pertains generally to communication systems, and more particularly to a communication system, which utilizes an intelligent location agent to provide, on demand, the current locations of one or more remote location devices as well as sets of past locations of the devices.

2. Related Art

In many fields of human endeavor it is useful to know the precise geographic location of a person or object. For example, if an individual were mentally handicapped, it would be desirable to continuously know the individual's exact whereabouts in order to ensure his or her well-being. Similarly, it would be useful to know in real time the location of a delivery person in the field so that more efficient delivery scheduling may be accomplished. A multitude of other applications for geographic location information can be found in the commercial sector, civilian agencies, law enforcement agencies, and the military., With the arrival of the Global Positioning System (GPS), which provides three-dimensional coordinates of any location on earth, such remote locator systems have become a practicality.

What is needed is a system (hardware, software, protocols) that provides, on demand, the current locations of one or more remote location devices as well as sets of past locations of the devices. The past locations should be selected according to intelligent algorithms so as to deliver only useful information and to minimize memory requirements. The system should also be able to initiate alerts based upon the current location of the devices and the intelligent location algorithms.

BRIEF SUMMARY OF THE INVENTION

In one aspect of the present invention there is provided a remote location system for communicating location information between a movable remote location device that generates such location information and a location service comprising at least one remote location device having detecting means for determining a location of the remote location device, communication means for communicating the location information to the service and from the service to a user of the service, and intelligent location agent means for selectively defining the location information in terms of location event data to be communicated to the locator service. The communication means includes a communication protocol for communicating with a remote location device and includes a computer system for communicating with a remote locator device by way of the protocol. The communication means also includes user communication modes for communication between a user and the service. The modes include service-initiated communication from the service to a user. The communication means further includes protocols for controlling communication between the service and a user. The communication means includes software for integrating communication between the service and a remote locator device and between a user and the service.

The intelligent location agent means defines location event data to include a remote locator device crossing a specified boundary as established by the location service. The intelligent location agent means can also define location event data to include a remote location device traveling a specified minimum distance from a prior location as established by the location service and to define location event data to include a remote locator device exceeding a specified velocity as established by the location service.

In other aspects of the present invention there is provided a remote location system for communicating location information between a movable remote location device that generates such location information and a location service comprising a plurality of remote location devices each having detecting means for determining the location of the remote location device, communication means for communicating the location information to the location service from each remote location device and from the location service to a user of the location service, and program means for selectively defining the location information in terms of location event data to be communicated to the location service and under what circumstances the data is communicated from the service to a user of the service. The communication means includes a communication protocol for communicating with each remote location device and a computer system for communicating with each remote locator device by way of the protocol. The communication means also includes user communication modes for communication between a user and the location service and service-initiated communications from the location service to a user. The communication means includes software protocols for controlling communication between the location service and a user and includes human operator protocols for controlling communication between the location service and a user.

The program means defines location event data to include a remote locator device crossing a specified boundary as established by the location service; a remote location device traveling a specified minimum distance from a prior location as established by the location service; and a remote locator device exceeding a specified velocity as established by the location service.

Another aspect of the present invention provides a remote location system for communicating location information between a movable remote location device that generates such location information and a location service comprising at least one remote location device having detecting means for determining a location of a remote location device identified by the system and memory for storing the location information, communication means for communicating the location information to the location service and from the service to a user of the location service, and intelligent location agent means for selectively defining the location information in terms of location event data to be communicated to the locator service. The intelligent location agent means includes at least one location algorithm for selecting which location data is to be stored in the memory of the remote locator device. The location algorithm is for minimum distance sampling whereby the current location is recorded only when the distance from the most recently recorded location to the current location is at least as much as some prescribed distance; for fixed time interval sampling whereby the current location is recorded only when a prescribed amount of time has passed since the most recently recorded location; and for velocity-determined sampling whereby the rate that the locations are recorded depends on the velocity of a remote location device.

BRIEF DESCRIPTION OF THE SEVERAL VIEWS OF THE DRAWING

The novel features which are believed to be characteristic of this invention are set forth with particularity in the appended claims. The invention itself, however, both as to its organization and method of operation, together with further objects and advantages thereof, may best be understood by reference to the following description, taken in connection with the accompanying drawings, in which:

The sole figure is a block diagram of the system in accord with the present invention.

DETAILED DESCRIPTION OF THE INVENTION

Definitions

A remote location system consists of one or more remote location devices, a protocol for communicating with the remote location devices, and a service (protocol, software, and hardware) for delivering location information (from the location devices) on demand.

A remote location device is an electronic assembly that has a means for establishing its location and an ability to communicate that location to a querying agent at another location.

Purpose

This invention is a system that provides, on demand, the current locations of one or more remote location devices as well as sets of past locations of the devices. The sets of past locations may be selected according to an intelligent algorithm so as to avoid inundating the user with trivial data and so as to minimize memory requirements. The system 10 may initiate alerts based upon the current location of the device 11 and the intelligent location capability.

Parts--The intelligent location system 10 has four parts as shown in the figure.

1. The remote location devices 11,

2. The protocol for communicating with the remote location devices (communication protocol) 12,

3. The delivery service 13, and

4. The intelligent location agent 18.

Descriptions and examples of remote location devices 11 may be found in Appendix 2.

A description of the protocol for communication with remote location devices 12 is in Appendix 3.

The delivery service 13 consists of:

a) A computer system 14, which is capable of communicating with the remote location devices 11 through the communication protocol 12. The computer system 14 may be distributed across multiple physical locations or may be in a single site. In this context, "computer system" includes hardware (including, but not limited to, CPU, peripheral devices such as modems, network interface cards, data storage devices, and a console and other input and output devices) and operating software (including, but not limited to, an operating system and device controllers).

b) One or more client communication modes 15. Example client (or end user) communication modes 15 include (but are not limited to):

i. Internet access (including world wide websites),

ii. telephone call centers (including automated voice response systems, human operators, and combinations of the two),

iii. local and wide area networks, and

iv. direct console access.

The computer system 14 is preferably capable of initiating communication with clients 20. System-initiated communication modes include (but are not limited to):

i. email messages,

ii. fax messages,

iii. automated voice phone calls,

iv. messages to human operators' monitors directing the operators to make telephone calls.

c) Software and human operator protocols 16 for controlling communication with clients. Functions that may be required of client communication software 16 include (but are not limited to):

i. identify clients (verify account numbers and passwords),

ii. verify account status,

iii. manage accounts,

iv. accept and handle location requests,

v. accept and handle changes to smart location parameters,

vi. accept and handle requests for historical location data,

vii. initialize remote location devices 11,

viii. deliver locations to clients (maps, directions, or addresses faxed, e-mailed, or described by operator), and

ix. refine location data (scrolling, zooming, labeling of maps, conversion of measurement units).

Features that may be required of operator protocols 16 include (but are not limited to):

i. specification of information to be acquired from client 20 and order of acquisition,

ii. specification of which operators are allowed access to which data (As examples, the location operators may not be allowed access to identity data, and the account management operators may not be allowed access to current or historical location data).

d) Software for integrating 17 client communication, communication with the remote location devices; and access to necessary data (including, but not limited to data related to states of devices 11, smart location algorithms, and client accounts).

The intelligent location agent 18 is software that allows the location service 19 to be configured with user-specified location events of interest and which determines the location service's responses to the location events.

Examples of location events include (but are not limited to):

Crossing a specified boundary:

1. An amusement park rents remote location devices 11 to customers and wants to know when a device 11 travels more than 10 yards outside of the gates of the park.

2. A pharmaceutical company keeps track of the time the sales force is within physicians' offices (versus traveling between offices) by setting multiple boundaries, one around each physician's office.

3. An alarm installation contractor's employees drive company vans to many small jobs. By setting a boundary around each job site, the contractor is able to precisely monitor time spent on each job.

Traveling a specified minimum distance since the last recorded location event:

4. A person's movements are monitored over the course of a day or a week. It is common for a person to spend lengthy periods in a small location (at home, at the office, at a restaurant, in a grocery store). Only movements from one location to another need to be recorded; continually recording that the person is in the office every two minutes for four hours would waste memory; transmitting the information would waste battery charge. So, a new location and time are recorded only if the location is at least 25 yards away from the most recently recorded location.

Exceeding a specified velocity:

5. A delivery service monitors the speed of each of its vehicles (using elapsed time and distance traveled between locations observed at short time intervals) to ensure that drivers do not exceed legal speed limits.

Examples of responses to location events include (but are not limited to):

1. Send an alert to the client 20 (potentially appropriate for location event examples 1 and 5).

2. Record the event for later download to the client 20 (potentially appropriate for location event examples 2, 3, and 4).

Novel Features--The present invention is the first remote location system to include an intelligent location agent. The intelligent agent allows the system to conserve memory and/or power resources on board the remote locator devices by selectively recording location data. It also allows the system to send alert messages when location events of interest occur, and allows the system's delivery service to present information to the clients in the most useable format (digesting large quantities of location data and presenting useful extracts). Additional features are discussed below.

1. First Embodiment--Personal Locator System

This embodiment is the first remote location system:

To include comprehensive location data (personal, vehicle, goods, etc.) with an intelligent agent.

To-provide multiple client access modes with an intelligent agent.

To provide minimum-distance sampling for recording location events.

To provide velocity-determined sampling for recording events.

2. Second Embodiment--Park Location System

This embodiment is the first park locator system:

To include an intelligent agent 18.

To notify the system owner if a remote location device 11 leaves the park.

To provide location information without the use of permanently installed transmitters.

3. Third Embodiment--Sales Force Location System

This embodiment is the first sales force location system.

To provide real-time data.

To include an intelligent agent 18.

To provide verification that a sales representative has visited a specific client.

To provide differentiation between various internal locations of a client's office.

To provide data on how many clients and of what type are visited on a given day.

To provide data on how much time is spent at each location and in transit.

4. Fourth Embodiment--Delivery Fleet Location System

To provide an intelligent location agent 18.

That can be utilized by a fleet of bicycles.

That can be carried by delivery personnel to provide data on personnel within buildings and at other locations.

SYSTEM DESCRIPTION

Embodiments of the intelligent remote location system 10 include (but are not limited to) the following examples.

Personal Location System

The purpose of this embodiment of the invention is to provide an ability to locate an individual person without the person having to actively participate in the act of location, or to locate valuable goods. The embodiment also provides an ability to track the movements of the person, and provides the person with the ability to send an alarm signal in an emergency.

The remote location devices 11 are small and unobtrusive and may be built with flexible circuitry (Appendix 2). This allows the devices to be conveniently carried on a person or valued pet. Methods of carrying a remote location device 11 include, but are not limited to, the following:

1. The device 11 may be sewn into clothing;

2. The device 11 may be embedded in a watch or watchband or a pet collar;

3. The device 11 may be carried in a wallet or a purse.

The remote location devices 11 may also be inserted into or attached to shipments of valuable goods or attached to a vehicle. Because the device 11 is small and unobtrusive, it should be unnoticed in the event of theft or abduction, allowing the client 20 to locate and recover the person, pet, goods or vehicle. Because the flexible version of the remote location device 11 can be sewn into clothing (or a pet collar), the device will not annoy non-responsible carriers (including, but not limited to, persons with Alzheimer's disease, autistic or very young children, and pets). Thus it is unlikely that a non-responsible carrier will discard the device 11.

The remote location devices 11 use global positioning system (GPS) satellite receivers to determine location and AMPS cellular telephones to communicate with the location system 19. Consequently, the remote location device 11 can determine can determine its position virtually anywhere in the world, and can communicate from any location that has AMPS cellular coverage (including most of North America).

The remote location devices 11 have on-board memory and logic allowing storage of a history of 200 or more locations and times. Part of the intelligent location agent 18 resides in the remote location devices 11--that part which determines whether the device has moved a set distance since the last recorded location. If so, the device 11 will store the current location in memory along with the most recent 199 locations. If the device 11 has not moved far enough to satisfy the algorithm, the current location will be discarded. When the client 20 requests the location of the device 11, the past history will also be available.

Another part of the intelligent location agent 18 resides in the service 19: The client 20 specifies named locations by specifying the centers, radii and names of the locations. (Named locations might include such locations as "home", "school", "mall", "Grandmother's house", etc.) If the remote location device 11 is in one of the named locations when the service 19 delivers the location information, the service 19 will deliver that name as the location.

Clients 20 may access the service 19 through three modes:

1. Automated voice response system,

2. Call center staffed by human operators,

3. World-wide-website.

In each mode, the client 20 first is identified (through account number and password) and then may request: the current location of the remote location device 11 or may request the location history of the device 11 (up to 200 most recently recorded locations and times). The service 19 telephones the remote location device 11 to acquire the requested information and then delivers the information to the client 20. The information may be delivered as named location(s), as a map (via world-wide-web, e-mail or fax), or by a human operator describing a map delivered to the operator's computer display. Through the same access modes, the client 20 may set parameters controlling the intelligent agent 18 (whether to record at specified fixed time intervals or when movement exceeds a specified distance, named location information, etc.).

The remote location device 11 may initiate communication with the remote location service in two circumstances. If the battery is low, the device 11 will call a dedicated phone number to report this fact and download its history of locations before going into a dormant mode. If the panic button on the device 11 is pressed, the device 11 will call a dedicated emergency phone number and the system 19 will initiate a specified emergency procedure (typically a call to 911 in the appropriate jurisdiction and notification of the client 20 that an emergency is in progress).

Remote Location Device 11 (Appendix 2) The components of this embodiment are as follows:

The remote location device 11 is a self-contained unit combining:

1. a battery,

2. global positioning (GPS) antenna and circuitry,

3. cellular telephone antenna and circuitry (AMPS),

4. modem circuitry,

5. on-board memory for storing data for 100 locations (including latitude, longitude, elevation, time, and number of satellites contributing to the location fix),

6. logical processing capability (a CPU).

The remote location device 11 also has a panic button 21 that the carrier may press in an emergency. If the panic button 21 is pressed, the device 11 calls a specified telephone number to inform the location service 19 that an emergency is occurring. The service 19 then alerts the appropriate agency (PSAP and/or the client 20 ) and requests the device's current location at short intervals until the emergency is over.

The remote location device 11 fixes its location at regular intervals (typically at least once per minute). A sample of these location fixes is saved. The sample is chosen according to an intelligent location algorithm.

To conserve battery power the device 11 checks in with the cellular telephone network less frequently. A typical setting for cellular telephone contact is for the device 11 to advise the network of its presence once every three minutes and to be available to receive calls for 60 seconds after each notification of availability.

If the device's battery level falls below a prescribed level, the device 11 calls a specified primary phone number to inform the service 19 that the battery is low and to download the stored location data. Then the device 11 becomes dormant until the battery is recharged.

Through the location service 19, a client 20 can:

1. request the current location of his device 11,

2. request the stored past locations,

3. instruct the device 11 to store locations either

a. at fixed time intervals (intervals specified by the user),

b. as the device 11 moves a fixed distance (distance specified by the user) from the most recently stored location, or

c. according to other intelligent location algorithms.

When any of these actions is initiated, the service 19 telephones the remote location device 11 through the service's modem and the device's cell phone), issues the instruction or requests the data, receives confirmation and/or data from the device, and then delivers the data to the client 20 in suitable format.

Before a personal location device 11 can be put into service, it must be initialized or registered with the location service 19. This is done via the device's cell phone in a call initiated by the device 11. One mechanism, but not the only mechanism for doing this is for the device 11 to store a logical flag indicating whether it has been initialized. If it has not been initialized, then pressing the panic button will cause the device 11 to place an initialization call to the location service 19.

The device 11 is provided (by its manufacturer) with an electronic serial number (ESN) that is unique to that specific device. The device 11 also knows:

1. whether it has been assigned a mobile identification number (MIN--its cell phone number) and a cellular home system identification number (SID) by a cellular phone service provider,

2. its MIN and SID if they have been assigned,

3. its manufacturer's identification code,

4. its manufacturer's private encryption key (for a public key encryption algorithm),

5. its manufacturer's public encryption algorithm,

6. the service's public encryption (for the public key encryption algorithm),

7. a symmetric key encryption algorithm, the algorithm's identification code, and the device's unique encryption key,

8. the error-detecting algorithm used by the service,

9. the initialization phone number for the service.

Items 1, 2, 3, and 8, the identification code from Item 7, and the ESN are transmitted to the location service during initialization.

The service 19 knows:

1. the public key and encryption algorithm associated with every manufacturer's identification code,

2. The symmetric encryption algorithm associated with every symmetric encryption identification code,

3. primary and secondary phone numbers for the device 11 to call,

4. appropriate, available MIN and SID for the device 11 if these have not already been assigned.

Items 3 and 4 are transmitted to the remote location device 11 during initialization.

Communication Protocol 12 (Appendix 3) Part 1--Initialization The physical communication channel layer is the cellular telephone network and the telephone network between the cellular telephone service provider and the location service's physical location.

The link layer is an onboard modem using a standard low-level modulation protocol such as V.34, V.32bis, V.32, V.22bis, or V.22.

For the initial phase of the initialization call, the encryption/encoding layer will be encryption-null (no encryption, error-detection encoding with the algorithm used by the service). As communication is established and an encryption algorithm is negotiated, the encryption/encoding layer will convert (in stages, as described in the following description of an initialization call) to the agreed upon encryption algorithm. An error in the initialization call will require re-transmission of the block containing the error. After five unsuccessful attempts to transmit a block error-free, the initialization call will be terminated by the service 19.

The content layer consists of the legal instructions and data identified in the following description of an initialization call.

Description of an initialization call Once modem handshaking has been completed, the device 11 will send a four-character device manufacturer identification code (unencrypted). (The four-character length is before encoding for error detection). The manufacturer and the owner of the service 19 will agree upon each manufacturer's identification code in advance. An unrecognized code is an error.

Next the device 11 will send a code identifying a symmetric encryption algorithm and an encryption key. The algorithm code and the key will both be encrypted with a standard public key encryption algorithm (such as PGP) using both the service's public key and the device manufacturer's private key. One encryption algorithm code will specify that no encryption will be used. An unrecognized encryption identification code is an error.

If a symmetric encryption algorithm is specified, it will be used for the remainder of the initialization process.

All data and codes described below are part of the content layer. When the call description says that the device 11 will send a particular code or datum, this means that the code or datum is first encrypted, then encoded for error detection, then modulated, then transmitted.

The device 11 next sends its ESN, and a three-character code identifying the device type. This device type code will allow the protocol to be used for specialized devices (with some standard features disabled or with non-standard features added) as well as for the standard devices. An unrecognized device type code is an error.

The next information the device 11 will send is a code indicating whether the device 11 has already been assigned an SID and an MIN by a cellular phone service provider. If an SID and an MIN have been assigned, the device 11 will also send these numbers to the service 19. An illegal SID or MIN is an error.

The service 19 will respond (using the specified encryption algorithm and key) by sending the device 11 an SID and an MIN (if the device does not already have these), and sending primary and secondary telephone numbers (which the device 11 may use to contact the service for subsequent communication sessions).

The service 19 will then send a call termination code and terminate the call.

In summary, for initialization the device 11 sends the following data to the service 19:

1. Device manufacturer identification code (unencrypted).

2. Symmetric encryption algorithm identification code (using public key encryption).

3. Symmetric encryption key (using public key encryption).

4. ESN (using symmetric encryption).

5. Code identifying device type (using symmetric encryption).

6. Cod indicating whether device has been assigned SID and MTN (using symmetric encryption).

7. (If SID and MIN have been assigned) SID (using symmetric encryption).

8. (If SID and MIN have been assigned) MIN (using symmetric encryption).

The service 19 responds by sending the following data to the device:

9. (If SID and MIN have not been assigned) SID (using symmetric encryption).

10. (If SID and MIN have not been assigned) MIN (using symmetric encryption).

11. Primary telephone number for contacting service (using symmetric encryption).

12. Secondary telephone number for contacting service (using symmetric encryption).

When the initialization call has been successfully completed, the service 19 will call the device 11 and issue each legal instruction and data request (defined below) to test the initialization and will instruct the device 11 to call the primary and secondary phone numbers. If the instruction and data requests are correctly received by the device 11, if the data transmitted by the device are correctly received by the service 19, and if the primary and secondary phone numbers are successfully called by the device 11 within 10 minutes, then the device 11 is initialized. Otherwise the client 20 is notified that initialization failed.

Communication Protocol 12: Part 2--Communicating with an Initialized Personal Location Device.

The physical communication channel layer is the cellular telephone network and the telephone network between the cellular telephone service provider and the location services physical location.

The link layer is an onboard modem using a standard low-level modulation protocol such as V.34, V.32bis, V.32, V.22bis, or V.22.

For calls initiated by the service 19, the encryption/encoding layer will be the symmetric encryption algorithm agreed upon during initialization, and the service's error detecting algorithm. Calls initiated by the device 11 will begin with null-encryption and switch to the agreed-upon symmetric encryption algorithm as soon as the service correctly acknowledges receipt of a registered ESN. Device-initiated calls will use the service's error-detecting algorithm throughout. An error in recognition of the call-initiator (device or service) will require retransmission. After five unsuccessful attempts, the call will be terminated. Other errors will result in a single attempt to retransmit. If retransmission is unsuccessful, the particular request, data transfer, or instruction will be abandoned and the call will continue.

The procedure for re-establishing communication if a call is interrupted before all tasks have been completed (a missing call-terminator code error) is:

1. If a service-initiated communication session is interrupted before the call-terminator is sent and acknowledged, the session will be re-initiated by the service 19.

2. If a device 11 initiated communication session is interrupted before the service 19 has acknowledged the device ESN, the device will re-initiate the session.

3. If a device 11 initiated communication session is interrupted after the service 19 has acknowledged the device ESN, but before the call-terminator is sent and acknowledged, the service 19 will re-initiate the session.

The content layer consists of the instructions and data identified in the following descriptions of calls.

Description of a service-initiated communication call. The service 19 may initiate a call to poll the device 11 for its location (current and/or past), to instruct the device 11 on appropriate time intervals or distance intervals for saving past locations, or to toggle the device 11 between standard and emergency states.

After modem handshaking has been completed, the service 19 will send a signature and the device 11 will acknowledge that the signature is genuine. Then the service 19 will send instruction codes and parameters (where needed) to the device 11 and the device 11 will respond by sending requested data or by acknowledging the instruction (if the instruction is not a request for data). Data, commands, and acknowledgements are all encrypted using the specified symmetric encryption algorithm, and coded using the service's error-detecting algorithm.

The service 19 will send one instruction code and accompanying parameters, wait for the device 11 to send data or acknowledgement, and then send the next code and parameters. When all instructions have been send and acted upon, the service 19 will send a code that terminates the session.

The set of instructions and parameters correspond to the entries in Table 1.

TABLE 1 Instruction/Parameter Set for Personal Location System. Instruction Parameters Action Send location None Send most recent latitude, longitude, elevation, time of fix, and number of satellites in fix. Send past None Send latitudes, longitudes, locations elevations, times, numbers of satellites for all saved locations, starting with the most recent. Send battery None Send status of battery. status Set time Time interval Acknowledge receipt of interval instruction, set interval of time between saved locations. Set distance Distance Interval Acknowledge receipt of interval instruction, set interval of distance between saved locations. Set state New state Acknowledge receipt of instruction, (emergency or set state of device. standard)

Description of a primary device-initiated call--The device 11 initiates a call to the primary phone number to notify the service 19 that the device's battery is low.

After modem handshaking is completed, the device 11 will send its ESN using public-key encryption with the service's public key. If the ESN is properly registered (via initialization), the service 19 will respond by sending the ESN back, encrypted using the symmetric encryption algorithm and key specified when initializing the device.

Next the device 11 will send the latitudes, longitudes, elevations, times, and numbers of satellites for the saved locations, starting with the most recent. When the data has all been sent and received without error, the service 19 will send a code to terminate the communication session.

Description of a secondary device-initiated call--The device 11 initiates a call to the secondary phone number to alert the service that the device 11 carrier has pressed the panic button.

After modem handshaking is completed, the device 11 will send its ESN using public-key encryption with the service's public key. If the ESN is properly registered (via initialization), the service 19 will respond by sending the ESN back, encrypted using the symmetric encryption algorithm and key specified when initializing the device.

Next the device 11 will send the latitude, longitude, elevation, time, and number of satellites for the most recent location. The service 19 will acknowledge, and then the device 11 will await instructions from the service 19. When appropriate, the service 19 will send a code to terminate the session.

Delivery Service--The client 20 may contact the service 13 through any of three modes: automated voice response system, a call center staffed by human operators, or through a world-wide-website. The client 20 is led through the same series of steps in any of the three modes. Each mode implements security through the use of passwords. The world-wide-website uses encryption to provide additional security. When calling operator-staffed call center, the client 20 is first greeted by an automated voice response system, but may opt out of the system (and into the operator queue) at any point.

Call center operators access the software portions of the delivery service 13 through a local or wide area network or via the Internet, using either a traditional client/server model or a web-browser/website model. Call center operators typically do not know the identity of clients 20 they are serving, nor do they know the clients' passwords or contact information. If a client 20 opts to have the operator enter either the account number or the password (rather than doing these through the automated voice response system), the operator will necessarily discover these items, but otherwise the call is anonymous unless the client 20 voluntarily discloses information about his identity.

For account set-up and modification (contact information, billing plan, password choice, etc.), the client 20 uses the world-wide-website or calls an account service representative (who does not have access to any information about the current or past locations of the remote location devices). This separation of access to data (between call center operators and account service representatives) assures confidentiality for those clients 20 who require a high level of security.

Appendix 1 presents a flow diagram for a typical call to the call center to request the current location of a remote location device 11. A request submitted through the automated voice response system or through the world-wide-website follows virtually the same flow, with obvious modifications (for example, data sent to the operator's monitor would instead be sent to the client's web browser, etc.). The following notes clarify some points in the diagrams.

1. The software attempts to contact the remote location device 11 as soon as it has enough information (if the clients' account has good or marginal status). This will reduce waiting time for the client 20 if the client has given the automated voice response system enough information to contact the device 11 before going into the operator queue.

2. If the client 20 determines that an emergency exists, he may request that the automated voice response system promote him to the head of the operator queue.

3. If the client 20 has forgotten his password, a hint will be provided (through any of the three access modes). If he has forgotten his account number, it can be provided by an account service representative (or through the world-wide-website).

4. If an account has marginal status (up to two months in arrears), the service 19 will honor location requests, but the client 20 will be referred to accounting afterward to discuss payment. If an account is more than two months in arrears, its status is bad and location requests will not be honored. The delivery serv