U.S. patent application number 13/726099 was filed with the patent office on 2013-11-14 for restricted execution modes.
The applicant listed for this patent is Microsoft Corporation. Invention is credited to Sharad Agarwal, Alan Bennett Auerbach, Andrew P. Begun, David A. Braun, Ted Tai-Yu Chen, Todd Myles Derksen, Michael Burt Goulding, Shai Guday, Andrew Craig Haon, Bernardo Iturriaga Dubost, Jennifer Anne Karr, Joseph Spencer King, Joseph H. Matthews, III, Raman K. Sarin, Joseph A. Schrader, John D. Skovron, Shawn M. Thomas, Aaron Naoyoshi Sheung Yan Woo, John A. Yovin.
Application Number | 20130305354 13/726099 |
Document ID | / |
Family ID | 48669604 |
Filed Date | 2013-11-14 |
United States Patent
Application |
20130305354 |
Kind Code |
A1 |
King; Joseph Spencer ; et
al. |
November 14, 2013 |
RESTRICTED EXECUTION MODES
Abstract
In embodiments of restricted execution modes, a mobile device
can display a device lock screen on an integrated display device,
and transition from the device lock screen to display a shared
space user interface of a shared space. The transition to display
the shared space user interface is without receiving a PIN code
entered on the device lock screen. The mobile device implements a
restricted execution service that is implemented to activate a
restricted execution mode of the mobile device, and restrict access
of a device application to device content while the restricted
execution mode is activated. The restricted execution service can
also allow a shared device application that is included in the
shared space access to the device content while the restricted
execution mode is activated.
Inventors: |
King; Joseph Spencer;
(Seattle, WA) ; Goulding; Michael Burt; (Redmond,
WA) ; Derksen; Todd Myles; (Redmond, WA) ; Yan
Woo; Aaron Naoyoshi Sheung; (Seattle, WA) ; Iturriaga
Dubost; Bernardo; (Kirkland, WA) ; Auerbach; Alan
Bennett; (Sammamish, WA) ; Braun; David A.;
(Redmond, WA) ; Begun; Andrew P.; (Redmond,
WA) ; Haon; Andrew Craig; (Seattle, WA) ;
Matthews, III; Joseph H.; (Woodinville, WA) ; Karr;
Jennifer Anne; (Edmonds, WA) ; Schrader; Joseph
A.; (Kirkland, WA) ; Chen; Ted Tai-Yu;
(Seattle, WA) ; Sarin; Raman K.; (Redmond, WA)
; Agarwal; Sharad; (Seattle, WA) ; Guday;
Shai; (Redmond, WA) ; Thomas; Shawn M.;
(Redmond, WA) ; Skovron; John D.; (Bellevue,
WA) ; Yovin; John A.; (Woodinville, WA) |
|
Applicant: |
Name |
City |
State |
Country |
Type |
Microsoft Corporation; |
|
|
US |
|
|
Family ID: |
48669604 |
Appl. No.: |
13/726099 |
Filed: |
December 22, 2012 |
Related U.S. Patent Documents
|
|
|
|
|
|
Application
Number |
Filing Date |
Patent Number |
|
|
61580147 |
Dec 23, 2011 |
|
|
|
61695294 |
Aug 30, 2012 |
|
|
|
Current U.S.
Class: |
726/19 |
Current CPC
Class: |
G06F 21/6281 20130101;
H04W 12/10 20130101; G06F 21/629 20130101; H04W 12/00508 20190101;
G06F 21/6218 20130101; H04W 4/60 20180201; G06F 2221/2129 20130101;
G06F 2221/2149 20130101; G06F 21/53 20130101; H04L 63/105 20130101;
H04W 12/0027 20190101; G06F 21/31 20130101; H04W 88/02 20130101;
H04W 12/08 20130101 |
Class at
Publication: |
726/19 |
International
Class: |
G06F 21/31 20060101
G06F021/31 |
Claims
1. A mobile device, comprising: a display device configured to
display a device lock screen and transition to a shared space user
interface of a shared space without an authentication credential
entered on the device lock screen; a processing system to implement
a restricted execution service that is configured to: activate a
restricted execution mode of the mobile device; and restrict access
of a device application to device content while the restricted
execution mode is activated.
2. A mobile device as recited in claim 1, wherein: the shared space
includes a shared device application; and the restricted execution
service is configured to allow the shared device application access
to the device content while the restricted execution mode is
activated.
3. A mobile device as recited in claim 2, wherein: the device
application is configured to call the shared device application
with a request for the device content; and the restricted execution
service is further configured to restrict the device application
access to the device content via the shared device application
while the restricted execution mode is activated.
4. A mobile device as recited in claim 2, wherein: the device
application is configured to call the shared device application
with a request for the device content, the request including a
request token that indicates the device application is permitted to
access the device content via the shared device application in the
shared space; and the restricted execution service is further
configured allow the device application access to the device
content via the shared device application based on the request
token while the restricted execution mode is activated.
5. A mobile device as recited in claim 1, wherein the restricted
execution service is further configured to: deactivate the
restricted execution mode responsive to an authentication
credential entered on the device lock screen; and return to a user
mode of the mobile device in which the device application has
unrestricted access to the device content.
6. A mobile device as recited in claim 1, wherein: the device
application is configured to initiate a task call to access the
device content; and wherein the restricted execution service is
configured to restrict the access to the device content based on
one or more device application tasks being designated as restricted
while the restricted execution mode is activated.
7. A mobile device as recited in claim 1, wherein: the restricted
execution service is further configured to restrict the device
application from a file system of the mobile device while the
restricted execution mode is activated.
8. A mobile device as recited in claim 1, wherein: the restricted
execution service is configured to determine that the device
application is one of: user-designated to allow the device
application access to the device content if the device application
is included in the shared space as a shared device application; or
the device application is designed as not to be allowed access to
the device content even if the device application is included in
the shared space.
9. A method, comprising: displaying a device lock screen on an
integrated display device of a mobile device; transitioning from
displaying the device lock screen to display a shared space user
interface of a shared space without an authentication credential
entered on the device lock screen; activating a restricted
execution mode of the mobile device; and restricting access of a
device application to device content while the restricted execution
mode is activated.
10. A method as recited in claim 9, further comprising: allowing a
shared device application that is included in the shared space
access to the device content while the restricted execution mode is
activated.
11. A method as recited in claim 10, further comprising:
restricting the device application access to the device content via
the shared device application while the restricted execution mode
is activated when the device application calls the shared device
application with a request for the device content.
12. A method as recited in claim 10, further comprising: allowing
the device application access to the device content via the shared
device application while the restricted execution mode is activated
based on a request token that the device application includes in a
task call to the shared device application for the device content,
the request token indicating that the device application is
permitted to access the device content via the shared device
application in the shared space.
13. A method as recited in claim 9, further comprising:
deactivating the restricted execution mode responsive to an
authentication credential entered on the device lock screen; and
returning to a user mode of the mobile device in which the device
application has unrestricted access to the device content.
14. A method as recited in claim 9, further comprising: restricting
the access to the device content based on one or more device
application tasks being designated as restricted while the
restricted execution mode is activated.
15. A method as recited in claim 9, further comprising: restricting
the device application from a file system of the mobile device
while the restricted execution mode is activated.
16. A method as recited in claim 9, further comprising: determining
that the device application is one of: user-designated to allow the
device application access to the device content if the device
application is included in the shared space as a shared device
application; or the device application is designed as not to be
allowed access to the device content even if the device application
is included in the shared space.
17. Computer-readable storage media comprising a restricted
execution service stored as instructions that are executable and,
responsive to execution of the instructions at a mobile device, the
computing device performs operations of the restricted execution
service comprising to: transition from a device lock screen to a
shared space user interface of a shared space without an
authentication credential entered on the device lock screen;
activate a restricted execution mode of the mobile device; restrict
access of a device application to device content while the
restricted execution mode is activated; and allow access to the
device content for a shared device application that is included in
the shared space.
18. Computer-readable storage media as recited in claim 17, wherein
the mobile device performs the operations of the restricted
execution service further comprising to: restrict the device
application access to the device content via the shared device
application while the restricted execution mode is activated when
the device application calls the shared device application with a
request for the device content.
19. Computer-readable storage media as recited in claim 17, wherein
the mobile device performs the operations of the restricted
execution service further comprising to: allow the device
application access to the device content via the shared device
application while the restricted execution mode is activated based
on a request token that the device application includes in a task
call to the shared device application for the device content, the
request token indicating that the device application is permitted
to access the device content via the shared device application in
the shared space.
20. Computer-readable storage media as recited in claim 17, wherein
the mobile device performs the operations of the restricted
execution service further comprising to: restrict the access to the
device content based on one or more device application tasks being
designated as restricted while the restricted execution mode is
activated.
Description
RELATED APPLICATIONS
[0001] This application claims priority under 35 U.S.C. Section
119(e) to U.S. Provisional Application Ser. No. 61/580,147 filed
Dec. 23, 2011 entitled "Mobile Device Shared", the disclosure of
which is incorporated by reference herein in its entirety. This
application also claims priority under 35 U.S.C. Section 119(e) to
U.S. Provisional Application Ser. No. 61/695,294 filed Aug. 30,
2012 entitled "Mobile Device Kid Space", the disclosure of which is
incorporated by reference herein in its entirety.
BACKGROUND
[0002] Many types of devices, such as mobile phones, tablet
devices, and other computing, communication, and entertainment
devices increasingly offer more functions, applications, and
features which are beneficial to a user, and can enhance one's
personal time as well as work and social activities. For example,
not only can a mobile phone be used for text, email, and voice
communications, but may also be used for entertainment, such as to
listen to music, surf the Internet, watch video content, gaming,
and for photo and video imaging. Similarly, a portable tablet
device may be utilized for email, browser, navigation, and other
computing applications, as well as for the various entertainment
and photo features. In addition to the many computing,
communication, and entertainment applications that are available to
a user of a mobile phone or tablet device, a seemingly unlimited
number of third-party applications and features are also available
for download to a device.
[0003] Parents of younger children that do not yet have their own
mobile phones often find that a child wants to "play" with their
phone to play games, take pictures, listen to music, and other
activities. Typically, a parent may pass his or her phone to a
young child in the back seat of the car while driving to keep the
child entertained. The parent may not know then what features and
applications the childe access on the device, such as a Web browser
or unintentionally accessing an email application, or which device
settings may have been changed, such as audio settings, alarm
settings, calendar notices, and the like.
SUMMARY
[0004] This Summary introduces features and simplified concepts of
restricted execution modes, which are further described below in
the Detailed Description and/or shown in the Figures. This Summary
should not be considered to describe essential features of the
claimed subject matter, nor used to determine or limit the scope of
the claimed subject matter.
[0005] Restricted execution modes is described. In embodiments, a
mobile device can display a device lock screen on an integrated
display device, and transition from the device lock screen to
display a shared space user interface of a shared space. The
transition to display the shared space user interface happens
without receiving a PIN code or other authentication credential
entered on the device lock screen. The mobile device implements a
restricted execution service that is implemented to activate a
restricted execution mode of the mobile device, and restrict access
of a device application to device content while the restricted
execution mode is activated. The restricted execution service can
also allow a shared device application that is included in the
shared space access to the device content while the restricted
execution mode is activated.
[0006] In embodiments, the restricted execution service restricts
device application access to the device content via the shared
device application while the restricted execution mode is activated
when the device application calls the shared device application
with a request for the device content. Alternatively, the
restricted execution service can allow the device application
access to the device content via the shared device application
while the restricted execution mode is activated based on a request
token that the device application includes in a task call to the
shared device application for the device content. The request token
indicates that the device application is permitted to access the
device content via the shared device application in the shared
space.
[0007] In embodiments, a device application may be implemented or
designed so that a user can designate to allow the device
application access to the device content if the device application
is included in the shared space as a shared device application.
Alternatively, a device application may be designed as not to be
allowed access to the device content even if the device application
is included in the shared space. Additionally, this type of a
device application may also be implemented as not even being
eligible for user-designation to be included in the shared space. A
device application that is included in the shared space can
initiate a task call to access the device content. However, the
restricted execution service restricts access to the device content
based on one or more of the device application tasks being
designated as restricted while the restricted execution mode is
activated. The restricted execution service can also restrict the
device application from a file system of the mobile device while
the restricted execution mode is activated.
BRIEF DESCRIPTION OF THE DRAWINGS
[0008] Embodiments of restricted execution modes are described with
reference to the following Figures. The same numbers may be used
throughout to reference like features and components that are shown
in the Figures:
[0009] FIG. 1 illustrates an example of restricted execution
modes.
[0010] FIG. 2 illustrates an example system in which embodiments of
restricted execution modes can be implemented.
[0011] FIG. 3 illustrates example method(s) of restricted execution
modes in accordance with one or more embodiments.
[0012] FIG. 4 illustrates example method(s) of restricted execution
modes in accordance with one or more embodiments.
[0013] FIG. 5 illustrates example method(s) of restricted execution
modes in accordance with one or more embodiments.
[0014] FIG. 6 illustrates an example system in which embodiments of
private interaction hubs can be implemented.
[0015] FIG. 7 illustrates an example system in which embodiments of
restricted execution modes and/or family coordination can be
implemented.
[0016] FIG. 8 illustrates various client device services and
features in accordance with one or more embodiments.
[0017] FIG. 9 illustrates examples of a family hub in accordance
with one or more embodiments.
[0018] FIG. 10 illustrates an example system with an example device
that can implement embodiments of restricted execution modes.
DETAILED DESCRIPTION
[0019] Embodiments of restricted execution modes are described and
provide a restricted execution service that can be implemented as a
client device service or application, such as in a mobile phone,
portable tablet device, or other type of computing and/or
communication device. Restricted execution modes enable
implementation of a shared space on a device where a user owner can
include device applications that a guest or child can access
without requiring a password, and the device applications will be
programmatically prevented from being able to access other private
device content on the device.
[0020] There may be situations when a user owner of a device may
want to have access to some content or applications on their mobile
phone without unlocking the phone with a PIN code or other
authentication credential. Restricted execution modes enable the
user owner to make some experiences available without password
access, and without compromising the security of sensitive personal
or corporate data. In implementations, restricted execution modes
allow applications to run, but restricts access to sensitive data
or experiences using several mechanisms, such as security
capabilities, blocked navigation, and application origin. If an
application has a particular security capability, a runtime check
is made centrally when the application attempts to access a
protected resource, and if the application is running in a
restricted execution zone, an error is returned that can be handled
by the application. When a device is running in a restricted
execution mode, a device application may be referred to as running
in a restricted execution "zone".
[0021] For the blocked navigation security capability, applications
often take advantage of built in tasks to complete user actions
like sending an email, making a phone call, etc. When the
restricted execution mode is activated on a device, the origination
of a device application task at run-time is what is considered to
determine whether the device application, and more specifically,
whether the task will be allowed. An application task, which is
generally synonymous to an application programming interface (or
API) call, may include aspects of a data access API call, but it
also includes a request to initiate a particular action or actions
different than data access, and the task request may incorporate
metadata associated with the action of the requested task. The
level of functionality is provided on a task-by-task basis to
determine whether the action or actions of a requested task will be
available in the restricted execution mode during run-time
origination of a task request. A device application can be executed
by the device, but only some functions of the device application
will execute when the restricted execution mode is activated on the
device.
[0022] Examples of restricting the functionality of a device
application may include not permitting the device application to be
launched altogether or limiting the device application to calling
only a restricted subset of API calls that is narrower than the
normal set of API calls available to the application when the
mobile device is running in normal user mode. Restricting access to
device content also may include disallowing certain API calls that
provide access to particular sets of data or content. In many
examples, restricting functionality or access does not include
analyzing or changing Access Control Lists (ACLs), Access Control
Entries (ACEs), or similar file-system access control metadata
maintained by a file system. For example, a device application can
be restricted from access to device content while a restricted
execution mode is activated on a device.
[0023] When running in a restricted execution zone, all application
requested navigations are screened and only those allowed by the
system can continue. Others fail in a backwards compatible way so
that legacy applications do not need to be updated to run in the
restricted execution zone. For the application origin security
capability, only applications that originate and/or have been
downloaded from a first-party provider can run (e.g., execute) in a
restricted execution mode. This ensures that applications which
have not been security checked, and may access sensitive and/or
private data on a device, do not run without the user unlocking the
device first.
[0024] While features and concepts of restricted execution modes
can be implemented in any number of different devices, systems,
environments, and/or configurations, embodiments of restricted
execution modes are described in the context of the following
example devices, systems, and methods.
[0025] FIG. 1 illustrates an example of user interfaces of a
restricted execution mode. An example mobile device 100 may be any
one or combination of a mobile phone, tablet device, computing
device, communication, entertainment, gaming, navigation, and/or
other type of portable electronic device. A shared space can be
implemented for user access to functionality of device applications
without a password, as well as for access to any applications,
functions, and features of the mobile device 100 that are
designated by the user in the shared space.
[0026] The example mobile device 100 includes an integrated display
device 102 on which user interfaces can be displayed, such as a
device lock screen 104 that indicates the device is locked at 106.
For example, a user owner of the mobile device may set-up the
device to lock when not in use so that someone else cannot access
the full functionality of applications, such as email and text,
and/or have access to the Internet via a browser application
without providing authentication credentials such as a personal
identification number (PIN), login, or other authentication
credential.
[0027] The user owner of the mobile device 100 can allow another
person to use the phone, and hand the phone over without having to
unlock the device from the device lock screen 104 by entering a PIN
or other credential. As shown in the example 108, a person that has
borrowed the phone can swipe the device lock screen with a gesture
input to access a shared space user interface 110, which is
illustrated at 112 when displayed on the display device, and which
provides access to a limited subset of application functionality.
The borrower does not enter a PIN or other credential to access the
shared space user interface. In implementations, the gesture input
may be any type of user and/or gesture input in any direction on
the integrated display device 102 of the mobile device.
Alternatively or in addition, any type of device, button, and/or
gesture inputs may be utilized effective to transition from the
device lock screen 104 to the shared space user interface 110.
[0028] FIG. 2 illustrates an example system 200 in which
embodiments of restricted execution modes can be implemented. The
example system includes the mobile device 100 as described with
reference to FIG. 1, with the integrated display device 102 on
which a user interface can be displayed, such as the shared space
user interface 110 that is representative of a shared space on the
device. Additionally, the mobile device can be implemented with
various components, such as a processor and/or memory system, as
well as any number and combination of differing components as
further described with reference to the example device shown in
FIG. 10 to implement embodiments of restricted execution modes.
[0029] The mobile device 100 includes a restricted execution
service 202 that can be implemented as a software application
(e.g., executable instructions) stored on computer-readable storage
media, such as any suitable memory device or electronic data
storage. Additionally, the restricted execution service 202 can be
executed with a processing system at the mobile device to implement
embodiments of restricted execution modes as described herein. The
restricted execution service 202 may be implemented as an
independent device application that is executable on the device to
interface with the many applications, features, and functions of
the device.
[0030] The example system 200 may also include a cloud storage and
service 206 that can include any type of cloud-based (e.g.,
network-based) data services 208 used to store or maintain
accessible data 210 (e.g., data accessible by device applications
on the mobile device 100). Any of the devices and services (e.g.,
implemented as server devices) described herein can communicate via
a network 212, which can be implemented to include a wired and/or a
wireless network. The network can also be implemented using any
type of network topology and/or communication protocol, and can be
represented or otherwise implemented as a combination of two or
more networks, to include IP-based networks and/or the Internet.
The network may also include mobile operator networks that are
managed by a mobile network operator and/or other network
operators, such as a communication service provider, mobile phone
provider, and/or Internet service provider. Alternatively or in
addition, peer-to-peer communication techniques may be utilized,
such as multiple devices connected using a peer-to-peer
communication network.
[0031] The restricted execution service 202 is implemented to
manage a restricted execution mode 214 of a shared space 216, such
as to limit and/or restrict device applications 218 and shared
device applications 220 that are included in the shared space 216
that is accessible without a PIN or authentication credential. The
device applications 218 can include any type of software
applications, and the functions and features thereof, that run on
the device, such as for user interaction with messaging, gaming,
media playback, document viewing, and communication applications.
The device applications may also include system-level components
that users of a device generally do not access or utilize, but that
typically run in the background while the device is operational.
The shared device applications can include any subset of the device
applications, and are designated as a shared device application
when included in the shared space 216 for limited and/or restricted
functionality when a restricted execution mode 214 is activated on
the device.
[0032] A user owner of the mobile device 100 can choose the device
applications and features, and/or device content, that can be
included in the shared space and accessed by a child or guest while
the restricted execution mode is activated. Further, a device
application may be allowed a restricted level of functionality
while running in the shared space (i.e., the application may be
executed), yet generally cannot access device content 222 that is
restricted from access, such as contacts, email, and calendar
databases, as well as limited access to the device file system.
[0033] The content databases, device file system, Internet access,
and other device content and features can be protected from device
application access when the restricted execution mode is activated.
For example, a device application that can access the Internet,
email, contacts, etc. when a device is unlocked and operating in a
normal user mode will be automatically restricted when the
restricted execution mode is activated, such as if the device
application has been added to the shared space and is allowed
limited functionality in the shared space. As an example, a digital
camera application that has been added to the shared space may
allow a user to take and view new photos, but previous photos will
be restricted from viewing the restricted execution mode is
activated on the device.
[0034] The shared space user interface 110 of the shared space is
customizable by the user owner of the device. For example, the user
owner can add applications, such as games and music applications,
to the shared space so that the applications are recognized and can
be launched in the shared space, perhaps with limited
functionality. However applications that are not recognized in the
shared space cannot be launched in the shared space. For example,
if a game application that is pinned or recognized in the shared
space attempts to itself launch a browser application (e.g., as
part of the game's execution), the restricted execution service 202
will check if the browser application is pinned and recognized in
the shared space. If the browser application is not recognized in
the shared space, then the restricted execution service will fail
to launch the application, or if the browser application is
recognized, then the browser application can be launched in the
shared space by the game application.
[0035] As described with reference to FIG. 1, an input can be
received, such as a gesture input or device selectable control
input, and the restricted execution service 202 initiates a
transition from displaying the device lock screen 104 to display
the shared space user interface 110 of the shared space 216 without
receiving a PIN code or other authentication credential entered on
the device lock screen. The restricted execution service 202 is
implemented to manage the shared space 216 when the restricted
execution mode 214 is activated. The restricted execution service
202 can activate the restricted execution mode 214 of the mobile
device 100, and restrict access of a device application 218 to the
device content 222, to a file system of the mobile device, and/or
to limit the application to a limited set of functionality or tasks
while the restricted execution mode is activated.
[0036] The shared space 216 can include a shared device application
220, and the restricted execution service 202 can allow the shared
device application access to the device content 222 while the
restricted execution mode 214 is activated. The restricted
execution service 202 can determine whether a device application
218 is implemented or designed so that a user can designate to
allow the device application access to the device content if the
device application is included in the shared space 216 as a shared
device application. Alternatively, a device application may be
designed as not to be allowed access to the device content even if
the device application is included in the shared space.
Additionally, this type of a device application may also be
implemented as not even being eligible for user-designation to be
included in the shared space.
[0037] In restricted modes, a configuration of a device application
may be designed or programmed to indicate whether the device
application is ever to be allowed to run (e.g., execute) in a
restricted mode, irrespective of user choice. For example, a
confidential corporate application or another application
downloaded from a third-party application store that may access
private corporate data can be configured to never be allowed to run
(e.g., execute) in any restricted mode, even if a user would like
it to do so. A configuration of some device applications may be
user-controlled to indicate whether the device application is to be
allowed to run in a particular restricted mode, such as allowing a
subset of games or applications in a kid zone restricted mode, or
allowing a subset of camera lens applications to run when the phone
is locked.
[0038] The restricted execution service 202 can also be implemented
to validate whether or not a given device application can be
navigated to regardless of the reason for the navigation request,
taking into account the current restricted mode and the target
application's system and user configuration. Additionally, a
separate navigation stack can be maintained for a normal mode user
experience and for the current restricted execution mode. The
restricted execution service 202 is also implemented to allow or
disallow migration of applications from the normal mode stack to
the restricted mode stack or vice-versa based on scenario needs,
and to determine when to close applications on each stack based on
available resources and transitions into and out of a restricted
mode.
[0039] A device application 218 may initiate a task call to a
shared device application 220 with a request for the device content
222, and the restricted execution service 202 can restrict the
device application access to the device content via the shared
device application while the restricted execution mode 214 is
activated. The device application may also initiate a task call to
the operating system 204 to request device content access, and the
restricted execution service can restrict the access to the device
content based on one or more device application tasks being
designated as restricted while the restricted execution mode is
activated.
[0040] Alternatively, the device application 218 can initiate a
task call to the shared device application 220 with a request for
the device content 222, and the request includes a request token
that indicates the device application is permitted to access the
device content via the shared device application in the shared
space 216. The restricted execution service 202 can then allow the
device application access to the device content via the shared
device application based on the request token while the restricted
execution mode is activated. The restricted execution service can
also deactivate the restricted execution mode 214 responsive to a
PIN code or authentication credential entered on the device lock
screen, and return to a normal user mode of the mobile device in
which the device application 218 has unrestricted access to the
device content 222.
[0041] The restricted execution service 200 implements a mechanism
to indicate in which restricted modes a device application can run
(e.g., execute) based on a task information field of a device
application task. The task information field indicates whether a
specific task can be allowed to execute in a shared space when the
restricted execution mode is activated. This new field will be a
bit mask, which a navigation server will use to compare to the
navigation filter mask that MobileUI will give to it when a
restricted mode is entered. These are marked per task instead of by
application because some first-party device applications have tasks
that can be allowed to function in a child share space (e.g., Kid's
Corner), but not all of the application functionality is allowed
while a restricted execution mode is activated on a device. If a
device application is allowed to run in a shared space, the
restricted execution service can trace an API task call through the
application layer from an originator (e.g., device application)
that initiates the task call based on a token that is passed along
to a core system component that would not otherwise be able to
determine whether the task call was originated from a device
application running in the shared space. The token can be utilized
to determine if the task call is protected from a restricted
execution mode.
[0042] Example methods 300, 400, and 500 are described with
reference to respective FIGS. 3-5 in accordance with one or more
embodiments of restricted execution modes. Generally, any of the
services, components, modules, methods, and operations described
herein can be implemented using software, firmware, hardware (e.g.,
fixed logic circuitry), manual processing, or any combination
thereof. Example methods may be described in the general context of
executable instructions stored on computer-readable storage media
that is local and/or remote to a computer processing system, and
implementations can include software applications, programs,
functions, and the like.
[0043] FIG. 3 illustrates example method(s) 300 of restricted
execution modes. The order in which the method is described is not
intended to be construed as a limitation, and any number or
combination of the method operations can be combined in any order
to implement a method, or an alternate method.
[0044] At 302, a device lock screen is displayed on an integrated
display device of a mobile device. For example, the mobile device
100 (FIG. 1) displays a device lock screen 104 on the integrated
display device 102 of the mobile device. At 304, the display is
transitioned from the device lock screen to display a shared space
user interface of a shared space without a PIN code or other
authentication credential entered on the device lock screen. For
example, an input system of the mobile device 100 receives an
input, such as a gesture input or device selectable control input,
and the input is effective to transition from displaying the device
lock screen 104 to display the shared space user interface 110 of a
shared space 216 without a PIN code or other authentication
credential entered on the device lock screen.
[0045] At 306, a restricted execution mode of the mobile device is
activated. For example, the restricted execution service 202 at the
mobile device 100 activates the restricted execution mode 214 of
the mobile device in response to entering the shared space. At 308,
access of a device application to device content is restricted
while the restricted execution mode is activated. For example, the
restricted execution service 202 at the mobile device 100 restricts
access of a device application 218 to the device content 222 while
the restricted execution mode 214 is activated.
[0046] At 310, the restricted execution mode is deactivated
responsive to a PIN code or other authentication credential entered
on the device lock screen. For example, the restricted execution
service 202 at the mobile device 100 deactivates the restricted
execution mode responsive to a PIN code or other authentication
credential entered on the device lock screen. At 312, the device
returns to a user mode of the mobile device in which the device
application has unrestricted access to the device content. For
example, the restricted execution service 202 at the mobile device
100 returns to a user mode of the mobile device in which the device
application 218 has unrestricted access to the device content
222.
[0047] FIG. 4 illustrates example method(s) 400 of restricted
execution mode. The order in which the method is described is not
intended to be construed as a limitation, and any number or
combination of the method operations can be combined in any order
to implement a method, or an alternate method.
[0048] At 402, a shared device application that is included in the
shared space is allowed access to the device content while the
restricted execution mode is activated. For example, the restricted
execution service 202 (FIG. 2) at the mobile device 100 allows
access to the device content 222 to a shared device application 220
that is included in the shared space 216 while the restricted
execution mode is activated.
[0049] At 404, the device application that requests access to the
device content via the shared device application is restricted
while the restricted execution mode is activated on the device. For
example, restricted execution service 202 at the mobile device 100
restricts a device application 218 task call to the shared device
application 220 with a request to access the device content 222
while the restricted execution mode is activated on the device.
[0050] At 406, the device application is allowed access to the
device content via the shared device application while the
restricted execution mode is activated based on a request token
that the device application includes in a task call to the shared
device application for the device content. For example, restricted
execution service 202 at the mobile device 100 allows access to the
device content 222 by the device application 218 via the shared
device application while the restricted execution mode is activated
based on a request token that the device application includes in a
task call to the shared device application for the device content.
The request token indicates that the device application is
permitted to access the device content via the shared device
application in the shared space.
[0051] FIG. 5 illustrates example method(s) 500 of restricted
execution modes. The order in which the method is described is not
intended to be construed as a limitation, and any number or
combination of the method operations can be combined in any order
to implement a method, or an alternate method.
[0052] At 502, access to the device content is restricted based on
device application tasks being designated as restricted while the
restricted execution mode is activated, where the device
application initiates a task call to access the device content. For
example, restricted execution service 202 (FIG. 2) at the mobile
device 100 restricts access to the device content 222 based on
device application tasks being designated as restricted while the
restricted execution mode 214 is activated, where a device
application 218 initiates task calls to access the device
content.
[0053] At 504, the device application is restricted from a file
system of the mobile device while the restricted execution mode is
activated. For example, restricted execution service 202 at the
mobile device 100 restricts a device application 218 from a file
system of the mobile device while the restricted execution mode is
activated.
[0054] At 506, the device application is determined as
user-designated to allow the device application access to the
device content in a restricted execution mode if the device
application is included in the shared space as a shared device
application. Alternatively, at 508, the device application is
determined as designed as not to be allowed access to the device
content even if the device application is included in the shared
space. For example, restricted execution service 202 at the mobile
device 100 can determine whether a device application
user-designated to allow the device application access to the
device content in a restricted execution mode if the device
application is included in the shared space as a shared device
application. The restricted execution service 202 may also
determine that a device application is designed (e.g., programmed)
as not to be allowed access to the device content even if the
device application is included in the shared space. Additionally,
this type of a programmed device application may also be
implemented as not even being eligible for user-designation to be
included in the shared space.
[0055] Although described herein as a single restricted execution
mode, in some examples, a device provides multiple restricted
execution modes, such as a first restricted execution mode
associated with a child shared space for facilitating sharing a
mobile device with a child and a second restricted execution mode
associated with a safe driving shared space for facilitating safer
driving by a user of a mobile device. These various restricted
execution modes may each impose a different set of limitations on
the functionality of the device. For example, the child-related
execution mode might block access to email data, changes to device
settings, or in-app purchases, while the second driving safety
restricted execution zone might block graphical user interfaces
that could distract a driver from the road.
[0056] From the lock screen displayed on a device, without entering
a PIN or other authentication credentials, a user may be able to
reach different shared spaces, each of which has a different
restricted execution mode associated with it. For example, from the
lock screen, a user might enter a first gesture (e.g., a left
swipe) to reach a first shared space having a first restricted
execution mode and a second different gesture (e.g., a right swipe)
to reach a second, different shared space having a second
restricted execution mode. In some examples, a shared space
associated with a restricted execution mode may be accessed from
different entry points than receiving an input (e.g., a gesture
input) on the lock screen.
[0057] The features and concepts described herein for restricted
execution modes may be utilized to support and implement one or
more restricted execution modes associated with a child shared
space of a device for facilitating sharing the device with a child.
This Restricted Execution Modes application incorporates a related
U.S. patent application Ser. No. 13/726,095 filed Dec. 22, 2012
entitled "Mobile Device Child Share", the disclosure of which is
incorporated by reference herein in its entirety. Mobile device
child share enables implementation of a "Kid's Corner" (also
referred to as a kid space or child zone) for parental control of
any applications, data, functions, and features of a mobile device
so that a parent can allow a child to play with the device without
having access to the restricted applications, data, functions, and
features. Kid's Corner is a child shared space that provides a
custom destination on a mobile phone just for a child, and where
the child goes to "play" on the device. In a child share space,
child access is restricted with a restricted execution mode to only
the applications, games, music, videos, movies and other content
that a parent chooses. All of the settings and content outside of
the Kid's Corner is protected and purchases can be blocked while in
the Kid's Corner. The blocked and/or restricted applications and
features of a mobile device may include the ability to make a phone
call, send a text or access email, and access the Internet, such as
to post to social networks or to search the Internet.
[0058] The features and concepts described herein for restricted
execution modes may be utilized to support and implement one or
more restricted execution modes associated with a safe driving
shared space of a device for facilitating safe driving modes. This
Restricted Execution Modes application incorporates a related U.S.
patent application Ser. No. 13/726,097 filed Dec. 22, 2012 entitled
"Mobile Device Safe Driving", the disclosure of which is
incorporated by reference herein in its entirety. Mobile device
safe driving enables implementation of one or more safe driving
modes to minimize driver distractions of a mobile phone while
driving a vehicle.
[0059] FIG. 6 illustrates an example system 600 in which
embodiments of private interaction hubs and restricted access modes
can be implemented. The system 600 includes an example mobile
device 602, which may be any one or combination of a wired or
wireless device, such as a mobile phone, tablet, computing,
communication, entertainment, gaming, media playback, and/or other
type of device. Any of the devices can be implemented with various
components, such as a processing system and memory, as well as any
number and combination of differing components as further described
with reference to the example device shown in FIG. 10. As such, the
mobile device 602 may implement techniques previously described in
whole in or part, such as the techniques described with reference
to the restricted execution service 202.
[0060] The mobile device 602 includes an integrated display device
604 on which user interfaces can be displayed, such as a hub user
interface 606 of a hub application 608. The hub user interface
offers a unified interactive view of the hub data 610 for a single,
private interaction hub and the hub application 608 aggregates
disparate types of the hub data 610 originating from the various
member users of the private interaction hub. For example, the hub
user interface may provide a single unified access point to shared
hub messages, status updates, check-ins, hub calendar events, hub
media, hub applications, and other types of hub content. As
described above, a private interaction hub (or simply "hub") is a
private network or association of member users who voluntarily
elect to privately interact and collaborate with each other in a
bi-directional manner. The hub data 610 includes any shared data or
metadata that is used to facilitate the interaction and
collaboration between the members of a private interaction hub, and
may include shared data for messaging, notes, contact management,
documents, tasks, location updates, photos, calendar events,
applications (to include collaborative gaming applications), and/or
other media content, such as any type of audio, music, video,
and/or image data that may be available or accessed from any
source.
[0061] The basic functionality of an example private interaction
hub is shown as a golf hub displayed in the hub user interface 606
of the hub application 608. For example, the hub user interface can
include various selectable user interface tiles 612, such as a
members tile that is selectable to initiate a display of the
constituent members of the private interaction hub. The user
interface tiles 612 may also include hub chat and/or messages tiles
to allow a hub member to participate in shared messaging threads
with the other member users of the hub. For example, as shown, the
member "Bob" has asked "Anyone up for a round right now?" The user
interface tiles 612 may also include a photo album tile that is
selectable to view photos shared by any of the hub members with the
hub, and a shared notebook tile from which the hub members can view
shared notes. For example, the golf hub may include a shared notes
document that compiles the hub members' collective research of new
golf equipment. The hub user interface 606 may also display a
shared calendar that allows a member of the hub to view, edit, and
post calendar events that will be shared with all of the other hub
members. For example, the calendar tile shows an upcoming tee time
at St. Andrews on Saturday at 9:00 a.m. for all of the members.
When a user selects a group item (e.g., the message from Bob) or
tile (e.g., the messaging tile), further details about the selected
item or group items related to the selected tile may be displayed
by the hub application itself or the hub application may call a
different device application 636 (e.g., a messaging application) to
display further details about the item(s).
[0062] When a user selects or otherwise engages with a piece of
displayed hub data, such as the golf message from Bob, the hub
application may provide additional details or options to the user
to permit the user to interact further with the hub data. For
example, the hub application may display controls to allow the user
to edit or reply to Bob's message. Alternatively or in addition,
when a user selects or otherwise engages with a piece of displayed
hub data (e.g., Bob's message), the hub application may launch or
call another device application to permit the user to further
interact with the piece of hub data (e.g., the hub application may
call a native messaging application).
[0063] The hub user interface 606 of the hub application 608 can
also include user-selectable access to third-party applications,
such as when an application is "pinned" to, or otherwise shared
with a private interaction hub. A pinned third-party application
may also utilize the shared hub data, such as shared application
preferences or shared application state data. For example, the golf
hub shown displayed in the hub user interface 606 includes a live
tile representing a third-party weather application that the
members of the hub can quickly access to check the weather forecast
at their local golf club, such as when planning an upcoming golf
outing. A user of the mobile device 602 can also customize display
aspects of a hub user interface, such as the content of the user
interface and how the elements of the hub user interface are
arranged. Another example of a hub user interface of the hub
application 608 is a panoramic hub user interface, such as for a
family-centric private interaction hub as shown and described in
greater detail with reference to FIG. 9.
[0064] The example system 600 also includes a hub management
service 614, and a cloud storage and service 616. The hub
management service 614 manages the formation and maintenance of
private interaction hubs 618. The hub management service can
correlate or associate member users of a hub by associating account
identifiers 620 of the members with one or more of the private
interaction hubs. The account identifier 620 of a member user may
be associated with an identifier of a private interaction hub 618
in a data table that the hub management service maintains to
correlate the hub members with one or more of the private
interaction hubs. The hub management service 614 may also associate
devices that correspond to hub members based on device identifiers.
The account identifiers 620 can include user membership identifiers
and/or sign-on credentials, such as an email and password
combination, or a username and password combination. The sign-on
credentials may be single sign-on ("SSO") credentials that are
utilized for authentication purposes at a number of Web services,
including the cloud storage and service 616.
[0065] The cloud storage and service 616 can include any type of
cloud-based (e.g., network-based) data and messaging services 622.
The messaging services may include any type of email, text (e.g.,
SMS, MMS), and/or instant messaging services. The data services may
include any type of calendar, photo album, file or document
sharing, location, mapping, music sharing, video sharing, gaming,
contacts management, and/or notebook services, as well as any other
type of services that can be used to share stored hub data 624. The
stored hub data can include any form of messages, updates, events,
content, media, and information that is maintained for the private
interaction hubs 618, and is accessible from the mobile device 602,
either upon a request from a device and/or upon a data "push" to
the device. The cloud storage and service 616 also maintains stored
hub metadata 626 that includes settings and information pertaining
to the private interaction hubs 618, such as the name of a hub, the
background image or photo of the hub, and an association of the hub
members.
[0066] Although shown together as data and messaging services 622,
various application data services and various messaging services
may be operated on separate devices and/or operated by separate,
distinct entities. Additionally, although the hub management
service 614 and the cloud storage and service 616 are shown as
independent services, they may be implemented together as a single
service. Further, a server device (or group of server devices) can
include implementations of both the hub management service 614 and
the cloud storage and service 616, representative of a single
entity that may be the same server system, company system, domain,
and the like.
[0067] The cloud storage and service 616, and its constituent data
and messaging services 622, interchange the stored hub data 624 and
the stored hub metadata 626 between the mobile devices that are
associated with member users of a private interaction hub 618. For
example, a data and/or messaging service of the cloud storage and
service 616 can receive a copy of hub data 610 and/or hub metadata
628 from the mobile device 602 that is used by a hub member, store
this hub data and hub metadata in the cloud storage as the
respective stored hub data 624 and stored hub metadata 626, and
then distribute the stored hub data and stored hub metadata to
other mobile devices associated with other member users of the same
private interaction hub, as well as to other mobile devices
associated with the same hub member. The stored hub metadata 626
can include membership information pertaining to the member users
of a private interaction hub, hub identifiers that correlate a
piece of hub data to a particular private interaction hub, user
identifiers that correlate a piece of hub data to a particular
member user, modification dates, and/or other metadata.
[0068] The cloud storage and service 616, and its constituent data
and messaging services 622, may utilize single sign-on ("SSO")
credentials for authentication purposes to limit the dissemination
of the stored hub data 624 and the stored hub metadata 626 to only
the authorized devices of hub members. Additionally, any of the
devices and services (e.g., implemented as server devices)
described herein can communicate via a network 630, which can be
implemented to include a wired and/or a wireless network. The
network can also be implemented using any type of network topology
and/or communication protocol, and can be represented or otherwise
implemented as a combination of two or more networks, to include
IP-based networks and/or the Internet. The network may also include
mobile operator networks that are managed by a mobile network
operator and/or other network operators, such as a communication
service provider, mobile phone provider, and/or Internet service
provider.
[0069] The mobile device 602 includes an operating system 632 of
the device, and the operating system includes a hub operating
system service 634 that is implemented to integrate cloud-based
services, a hub application 608, and local device applications 636
with the operating system to implement aspects of the private
interaction hubs 618. The aspects that may be implemented include
hub formation and membership maintenance, synchronizing the hub
data 610 on the mobile device with the stored hub data 624, as well
as the hub metadata 628 with the stored hub metadata 626, with the
cloud storage and service 616, and providing the hub application
608 and the local device applications 636 on the mobile device 602
with access to the hub data 610 and the hub metadata 628. For
example, the hub operating system service 634 may directly access
the stored hub metadata 626 at the cloud storage and service
616.
[0070] The hub operating system service 634 (or alternatively, the
hub application 608) may also determine and maintain a local copy
of the membership associations of member users account identifiers
620 and identifiers of the private interaction hubs. The hub
operating system service 634 may also synchronize the stored hub
data 624 from the cloud storage and service 616 with the hub data
610 at the mobile device 602, and synchronize the stored hub
metadata 626 from the cloud storage and service with the hub
metadata 628 at the mobile device. The hub operating system service
634 may also synchronize with the cloud storage and service 616
(e.g., by sending changes or additions to hub data 610 and hub
metadata 628 to the cloud storage and service 616). Such data
synchronizations may occur in response to a user launching the hub
application.
[0071] The mobile device 602 includes the device applications 636
that permit a user of the mobile device to access, create, and/or
modify the hub data 610, private data 638 of the user, as well as
the stored hub data 624 that is managed by any of the data and
messaging services 622 at the cloud storage and service 616. Some
or all of the device applications 636 may be implemented as
client-side components or modules of any of the data and messaging
services 622, or may be implemented as standalone, native
applications (e.g., local device applications) at the mobile
device. The device applications 636 typically each consume and
provide access to only a portion or subset of the hub data 610 and
the private data 638, such as only a single type of hub data and
private data (e.g., only messaging data, but not calendar data).
The device applications also typically present the consumed hub
data to a user in conjunction with the private data 638. Private
data is data or metadata that is not associated with a private
interaction hub and that has not been shared with other members of
the hub (e.g., data that has not been shared via the cloud storage
and service 616).
[0072] The device applications 636 at the mobile device 602 may
include a native or third-party messaging application that provides
a user with messaging alerts and access to messaging threads. The
messaging application provides access to both shared message
threads shared with a private interaction hub and private message
threads between a user of the mobile device and others who are not
members of the hub. The messaging application also allows a user to
send a message to all of the hub members without accessing a hub
user interface of the hub application. The messaging application
may not provide user access to other types of the hub data 610,
other than the hub messages. For example, the messaging application
may not provide access to the shared calendar events or shared
photo albums of the hub.
[0073] The device applications 636 may also include a native or
third-party calendaring application that provides scheduling alerts
and access to a visual calendar. The calendaring application
provides user access to both shared calendar events that are shared
with hub members, and private calendar events (e.g., Exchange
calendar events) that have not been shared with other members of
the hub. The calendaring application also allows a user to create
and/or share a calendar event to all members of the hub without
accessing a hub user interface of the hub application. The
application may not provide user access to other types of the hub
data 610, other than the hub calendar events. For example, the
calendaring application may not provide access to the shared
message threads or shared photo albums of the hub.
[0074] The device applications 636 may also include a native or
third-party media viewing and/or editing application that provides
access to photo albums of digital photos or other digital media.
The media application provides user access to both shared media
files (e.g., photos, videos, and/or music) shared with a private
interaction hub, and private media files that have not been shared
with other members of the hub. The media application also allows a
user to share media files with all members of the hub without
accessing a hub user interface of the hub application. The media
application may not provide user access to other types of hub data
610, other than hub media files. For example, the media application
may not provide access to the shared message threads or shared
calendar events of the hub.
[0075] The hub operating system service 634 can expose one or more
Application Programming Interfaces ("APIs"), application binary
interfaces, and/or other types of interfaces 640 to the hub
application 608 and to the device applications 636 on the mobile
device 602 to allow these applications to access, generate, and/or
modify the hub data 610 and/or the hub metadata 628, as described
herein. The hub operating system service 634 can be implemented as
an integrated software component or module of the operating system
632. The hub operating system service can be maintained at the
mobile device 602 as executable instructions that are stored on
computer-readable storage media, such as any suitable memory device
or electronic data storage as described with reference to the
example device shown in FIG. 10. Additionally, the hub operating
system service can be executed with a processing system at the
mobile device to implement aspects of private interaction hubs.
[0076] In embodiments, the hub operating system service 634 can
initiate the hub management service 614 to provision a private
interaction hub 618. A user of the mobile device 602 can start a
private interaction hub 618 and also invite others to join an
existing private interaction hub. For example, the hub user
interface 606 of the hub application 608 may provide an existing
hub member with the option to add a new member to the hub, and the
user may identify the prospective member by providing either a
mobile device number, or by selecting an existing contact from one
of their social networks or other contacts.
[0077] The hub operating system service 634 can receive the request
from an existing member user of the device and, in response, the
hub operating system service 634 and/or the hub management service
614 communicates an invitation to join the hub as an SMS, MMS, or
instant message sent to the prospective member's mobile device that
may include a link to a registration site or other registration
instructions. The hub operating system service 634 and/or the hub
management service 614 receives (e.g., via a registration website)
an acceptance to the invitation to join the private interaction hub
that includes at least an account identifier (such as an SSO
credential), and associates the new member with the existing hub at
the hub management service 614. Updated membership information,
including the new member's account identifier 620 may also be
propagated to other mobile devices of other members in the private
interaction hub from the hub management service 614. When the new
member user joins the hub, he or she may be prompted to download
and/or install various applications configured to provide access to
the stored hub data 624 and the stored hub metadata 626, such as
the hub application 608 and/or the any of the device applications
636. The hub application 608 may also be the entry point by which a
user creates a new hub and/or modifies the membership of an
existing hub.
[0078] A private interaction hub 618 can be provisioned for any
association of people, such as family members, coworkers, friends,
neighbors, and any other people that may be associated together in
a hub. Additionally, a member user of one private interaction hub
may also be a member of multiple hubs, which can be based on a
single member sign-on that identifies the member to the hub
operating system service 634 and/or to the hub management service
614. For example, a person may be a member of a family hub that
associates members of the person's family, as well as a member of a
neighborhood hub that associates members of the person's
neighborhood, and a golf hub that associates the person's friends
that often golf together.
[0079] The integration of the hub application 608 with the
operating system 632 of the mobile device provides that a user of
the device can view a message or update on the hub user interface
606 and in an application user interface of an application that is
associated with the message or the update. For example, a hub
calendar is integrated with the calendar application (e.g., a
device application 636) on the mobile device 602, and a calendar
update that is displayed in the hub user interface 606 can be
selected by the user to initiate the update being displayed in a
calendar user interface of the calendar application. Alternatively,
the user may view the calendar user interface and select a calendar
event that is associated with a private interaction hub to initiate
a display of the hub calendar, which includes the calendar event
for the members of the hub. As another example, a hub calendar
event can be displayed in a hub user interface, and the device
calendar application can access and display the hub calendar event
along with any private data calendar events that only the user of
the device has access to view in a user interface of the device
calendar application. The hub application 608 and the device
application 636 both acquire the same hub calendar event data
(e.g., the same hub data 610 stored on the mobile device). The two
different user interfaces (e.g., a hub user interface and a device
application user interface) display the same calendar event
data.
[0080] In another example, the hub messages and chat features are
integrated with messaging applications (e.g., the device
applications 636) on the mobile device 602, and an email, text, or
instant message that is displayed in the hub user interface 606 can
be selected by the user of the mobile device 602 to initiate the
message being displayed in a messaging application user interface.
Alternatively, the user may view a recent message from a member of
a private interaction hub in a messaging application user
interface, and select the message to initiate a display of the hub
messages interface, such as to view the discussion thread
associated with the recent message.
[0081] In embodiments, the hub operating system service 634 at the
mobile device 602 can receive social network updates for the member
users of a private interaction hub 618, such as when two or more of
the members of the hub are also "friends" on a public social
network site, such as (e.g., FACEBOOK.RTM., TWITTER.RTM., or
LINKEDIN.RTM.). The social network updates can be pulled from a
social network site based on the established association of the
account identifiers 620 of the hub members of a private interaction
hub 618 at the hub management service 614. The hub operating system
service 634 can then aggregate the social network updates for a
particular hub for display in the hub user interface 606 or on a
homepage "live tile" associated with the hub. The hub operating
system service 634 at the mobile device 602 can also be implemented
to coordinate multi-user interactive updates to an event that is
managed in a private interaction hub. For example, several members
of a hub may participate in a multi-player interactive game, and
each successive interactive update from a member of the hub is
initiated by the member at a respective associated mobile
device.
[0082] FIG. 7 illustrates an example system 700 in which various
embodiments of private interaction hubs, restricted execution
modes, and/or family coordination can be implemented. The example
system includes a client device 702, which may be any one or
combination of a mobile phone 704, tablet device 706, computing
device 708, communication, entertainment, gaming, navigation,
and/or other type of portable electronic device. Any of the client
devices 710 can be implemented with various components, such as a
processor and/or memory system, as well as any number and
combination of differing components as further described with
reference to the example device shown in FIG. 10.
[0083] The example system 700 includes a device association service
712 that associates or correlates the client devices 710 by device
identifiers 714, user identifiers 716, and/or by any other type of
identifiable association. Any of the devices and services can
communicate via a network 718, which can be implemented to include
wired and/or wireless networks. The network can also be implemented
using any type of network topology and/or communication protocol,
and can be represented or otherwise implemented as a combination of
two or more networks, to include IP-based networks and/or the
Internet. The network may also include mobile operator networks
that are managed by mobile operators, such as a communication
service provider, cell-phone provider, and/or Internet service
provider. A mobile operator can facilitate mobile data and/or voice
communication for any type of a wireless device or mobile
phone.
[0084] The client devices 710 can each be associated with a
different user, and the users are defined members of a family 720.
The example client device 702 is representative of the various
client devices 710 in the family. Any of the client devices in the
family can include services, such as software applications (e.g.,
computer-executable instructions), that can be executed by a
processor or processor system to implement the embodiments
described herein. In this example, the client device 702 includes a
family coordination architecture 722 that implements features of a
family hub; a parental control service 724 that implements features
of a parent dashboard; a family check-in service 726; a device
quiet service 728 that implements features of quiet time and quiet
zone; a safe driving service 730; and a device sharing service 732.
The client device services are further described with reference to
FIG. 8.
[0085] Additionally, any one or combination of the various client
device services may be abstracted for implementation by a network
service provider, such as the device association service 712. For
example, the client devices 710 that are associated in the family
720 can be interconnected through a central computing device or
system (e.g., may be one of the client devices 710), which may be
local to the multiple devices or may be located remotely from the
devices. In embodiments, the central computing device may be a
cloud service of one or more server computers that are connected to
the multiple devices via the network 718 or other communication
link. The interconnection architecture enables functionality across
multiple devices to provide a common and seamless experience to a
user of the multiple devices. Each of the client devices may have
different physical configurations and capabilities, and the central
computing device implements a platform to enable delivery of an
experience that is both tailored to a particular device and yet
common to all of the devices.
[0086] FIG. 8 further illustrates the various client device
services that are described with reference to FIG. 7. The client
device 702 includes the family coordination architecture 722, the
parental control service 724, the family check-in service 726, the
device quiet service 728, the safe driving service 730, and the
device sharing service 732, which may be embodied as the restricted
execution service 202 described with reference to FIGS. 1-6. In
embodiments, the family coordination architecture 722 may generally
be implemented as a service, as described herein. Generally, any of
the described services may be implemented and/or described in the
general context of software, firmware, hardware (e.g., fixed logic
circuitry), manual processing, applications, routines, programs,
objects, components, data structures, procedures, modules,
functions, or any combination thereof. A software implementation
represents program code that performs specified tasks when executed
by a computer processor. In embodiments, any of the processing,
computation, filtering, code execution, etc. can be implemented
with distributed computing services and/or devices, such as on a
client device, a server device, and/or network-based service.
[0087] In this example of the client device services, the family
coordination architecture 722 includes a family hub manager 800
that implements, coordinates, and/or manages various family
features, such as family calendar 802, family chat 804, family
shared contacts 806, family journal and memories 808, tasks and
chores 810, family keys 812, and family budget 814. The parental
control service 724 implements features such as a parent dashboard
manager 816, age appropriate content control 818, and safe social
networking 820. The device quiet service 728 implements features
such as quiet time 822 and quiet zone 824. The various client
device services and features are further described throughout the
document.
[0088] Any of the client device services can include, be integrated
with, or implement any of the other client device services and
applications. For example, the family coordination architecture 722
can include any one or combination of the parental control service
724, the family check-in service 726, the device quiet service 728,
the safe driving service 730, and the device sharing service 732.
In embodiments, the family coordination architecture may be
implemented for the coordination of time, messaging, data,
activities, and any other shared services. The shared services may
be any of the client device services and/or any type of shared
services that may be associated with a service and/or multi-system
operator (MSO) devices. Further, the parental control service can
be implemented to throttle, expand, manage, and/or reallocate data
sharing of the client device services.
[0089] Any of the family features and/or applications of the family
coordination architecture can be implemented as private, some
private and some public, or private with optional user control to
share information and data with public third-party services and
applications. Similarly, any of the client device services and
applications described herein may be private, public, sharable,
user-controllable, and/or any combination thereof. In embodiments,
the family coordination architecture and/or the family hub manager
can be implemented as an overall managing architecture, a
collective embodiment of, and/or integration of any of the client
device services and/or applications that may be implemented for
expandability and instantiated together as the family coordination
and/or the family hub architecture. Further, any of the client
device services can include, be integrated with, or implement any
of the other client device services and applications, and
collectively may be embodied as a family hub and/or coordination
architecture or service.
[0090] The device sharing service 732 can embody the restricted
execution service 202 described with reference to FIGS. 1-6, such
as to implement a phone share feature provides that a user can
share his or her phone (e.g., a mobile device) with another person,
yet limit the other person's access to features, functions, and
information on the phone. For example, a user owner of a mobile
phone can activate a restricted execution mode on the device and
then share the phone with a stranger. In the restricted execution
mode, only outgoing phone calls will be allowed and the restricted
execution mode enforces the task restrictions to restrict an
incoming call, yet allow the outgoing call when the origin of the
outgoing call is traced to the device phone application that has
been included in the shared space.
[0091] In an implementation, a parent can share his or her phone
with a child to play a game on the phone, but the child cannot
answer phone calls, read emails, access texting, access any other
data and phone settings, or initiate any type of a monetary
transaction (e.g., to buy a phone app or music download).
Similarly, a phone user can share his or her photos on her phone
with a friend that asks to look through the photos, but the friend
cannot access any other phone data or settings. A phone user may
also share his or her phone with anyone needing to make a phone
call, but without giving access to any other phone data or
settings.
[0092] Phone share as a feature of a restricted execution mode can
be pass-coded to only allow another person access to designated
functionality of the phone based on user set restrictions. A phone
share pass-code can be quickly initiated with a gesture, key input,
or sequence of key inputs. Additionally, phone share profiles can
be implemented for different types of individuals, such as Friend,
Parent, Stranger, Kid, Child, etc. The phone share features can
also be implemented for a family phone in the house that any family
member may take with them, such as when kids go out with friends,
or a parent runs an errand to the store, or given to a house guest
to use during their stay.
[0093] The device sharing service 732 is also implemented to
restrict incoming phone calls and message displays to limit the
communication functions of the mobile device 1000, yet can allow an
outgoing phone call for shared use. The message displays may
include email and text message displays, calendar events and
alerts, instant messages, and any other messages that may be
displayed for the user that owns the device (e.g., rather than the
temporary, shared user). In a shared use mode of the mobile device,
the device sharing service 732 can also restrict access to
applications that allow a user to initiate a monetary transaction,
such as via a browser, music, and/or gaming application via which a
user can conduct a purchase transaction, download music, purchase
and download an application, and any other type of monetary
transaction. Although, there may be instances when a child may be
allowed to access more money, such as to take a cab in an
emergency. The device sharing service 732 can also be implemented
to limit a younger child's ability to pair his or her phone with
the car, or to send items to the printer in a home from a phone. As
phones become NFC enabled and the phone can replace keys when
providing secure access, device sharing service 732 can be
implemented to limit the ability of a child to open some doors
using a phone device.
[0094] FIG. 9 is an example of a system 900 showing two different
examples of hub user-interfaces 902, 904 for a family-orientated
hub. The description, layout, orientation, features, and
organization of the text, images, photos, graphics, links, data,
information, and presentation features shown with reference to the
hub user interfaces, as well as with reference to any other user
interfaces described herein and/or shown in the figures, are merely
examples that may be altered in any aspect for various embodiments
and/or implementations of mobile device check-in.
[0095] The hub is a central space for membership-orientated
coordination of communications, activities, information, and
integration. Designated member relationships can be utilized to
define how the data and information is managed, and can be
implemented to leverage the social contract, such as between
members of a defined familial group in the illustrated example. In
one or more implementations, the hub is implemented as a user
interface (e.g., via a client device application) for integration
and aggregation of the membership-orientated communications,
activities, and information. A hub can be implemented as a private,
shared space between defined members. The hub contains links to
other members' profiles, and based on restriction settings, allows
aggregation for visibility of some of other members' data and
information within the hub. The hub shares a group calendar which
can be viewed and edited, a common text message window, a posting
board, a shared photo album, a check-in feature, and any other type
of shared information.
[0096] Devices and/or device accounts can be associated within a
set of devices or device accounts (e.g., a family phone account,
user accounts, a connected set of devices, and so on), and all or a
subset of the devices or accounts can communicate with other
devices or accounts. The members of a hub can be defined by any
number of different classes of people, such as Junior, Teen, Mom,
Dad, (or Parent), Grandparent, Nanny, Life-Coach, and so on for the
illustrated example of a family. Further, the members of a family
can be defined to distinguish a live-in Nanny from a Babysitter,
for example.
[0097] Additionally, membership of the hub as well as use of the
hub by the members can be controlled by a select collection of
users, such as one or two mobile phones by the associated users of
the client devices. For example, one of the members in the hub can
be the designated control person, such as Mom who runs the
household, employer, and so on.
[0098] From a single configuration of the members, the hub can be
provisioned, setup, and propagated out, e.g., automatically. The
features and configuration of a hub may default to an automatic,
easy setup, but any rule, feature, or configuration aspect can be
readily modified by a user. Provisioning a hub may be based on
billing, e.g., a family or corporate billing plan. However, if a
phone device is changed to a different carrier, for example, the
phone device can still receive texts related to the hub.
Alternatively or in addition, provisioning a hub can be based on
email addresses, phone numbers, user account identifiers, or any
other identifier.
[0099] A retail person selling a new phone package, for instance,
can easily identify the members each to their new phone devices and
initiate the hub being instantiated. From a consumer perspective,
it just works and members can walk out of the store all set up. All
of the data and information can be shared with a single selection,
and thus the members do not have to share each item (e.g., a
grocery list, photos, calendar, etc.) individually and
separately.
[0100] The hub user interface may act as a shared space that is
customizable and provides for user-generated and shared content.
Some information can be shared, while other information is not. For
example, Mom's complete Christmas list is not viewable by the other
family members, but Dad and Kids can add to the list (and only view
their contribution). Hub setup may be performed "a la carte,"
meaning only the features that members want displayed on the hub
wall can be selected. For example, Mom wants to see the shopping
list, whereas Dad does not shop and so wants to avoid having the
list displayed on his device, yet he could still access the
shopping list to add items when desired.
[0101] The hub user interface integrates functions, calendar
functionality, event and/or data summaries (i.e., on the "wall"),
as well as content that is shared between the members of the hub
(e.g., lists, documents, etc.). For example, the hub user interface
may include a "family check-in" or "check-in" option. The hub user
interface may also include a chat section where location check-ins
messaged are displayed along with other messages interchanged
between the members of the hub. The hub "wall" is representative of
an area via which members of the group may add to as desired, like
a lunchroom bulletin board, family refrigerator, and so on. In
implementations, the information can be aggregated in pillars or
columns and shown on the hub wall as illustrated. The hub wall can
also represent an interrelation between any of the information and
data that appears on the wall and its placement in time. The hub
settings provide that a user can control which functions are
integrated and displayed within the hub, such as on the wall.
[0102] The hub information may also be context relevant to the
members of the hub, and the calendar includes shared hub events.
Calendar updates can be posted as notice events on the wall, and a
user can look at the wall to see upcoming hub events, or the events
that pertain to one or more other members of the hub. Messaging may
also be performed that is private among the members of the hub. A
member can instant text (or other communication) to all other
members in the hub. Texting--such as for a work meeting--can divide
each members' display on their respective devices into individual
screens for each member.
[0103] The hub may also be extensible, and may link to a hard drive
on a home computer, or sync to just one of the other devices, the
manager, or cloud control (e.g., from a network-based service). The
hub may also be extensible to third parties that add a note on the
hub wall, such as implemented with application program interfaces
(APIs) for functions to post data to the hub. A third-party
application, however, would not have access to the context of the
hub wall, such as to obtain or display hub data. The private
information and hub data could be encrypted and only decrypted by
the phone devices that are associated with the hub.
[0104] Thus, the hub supported by a hub coordination architecture
may be thought of as a central space for coordination of
communications, activities, information, and integration of members
of the hub. Hubs may be defined to support a variety of different
membership, such as for family members, coworkers, friends,
acquaintances, fan clubs, and so forth. Therefore, although
examples are discussed that relate to a family in the following
discussion it should be readily apparent that membership in the hub
may be defined in a variety of other ways without departing from
the spirit and scope thereof. Accordingly, the hub coordination
architecture may be used to support a variety of different
functionality. An example of this functionality is described herein
as a hub restricted execution service, and further aspects of
private interaction hubs are also described herein.
[0105] FIG. 10 illustrates an example system 1000 that includes an
example device 1002, which can implement embodiments of restricted
execution modes. The example device 1002 can be implemented as any
of the devices, services, and/or servers described with reference
to the previous FIGS. 1-9, such as any type of client or mobile
device, mobile phone, tablet, computing, communication,
entertainment, gaming, media playback, and/or other type of device.
For example, the mobile device 100 shown in FIGS. 1-2 may be
implemented as the example device 1002.
[0106] The device 1002 includes communication devices 1004 that
enable wired and/or wireless communication of device data 1006,
such as media content and the shared messages, updates, and events
data at the device. The media content can include any type of
audio, video, and/or image data. The communication devices 1004 can
also include transceivers for cellular phone communication and/or
for network data communication.
[0107] The device 1002 also includes input/output (I/O) interfaces
1008, such as data network interfaces that provide connection
and/or communication links between the device, data networks, and
other devices. The I/O interfaces can be used to couple the device
to any type of components, peripherals, and/or accessory devices.
The I/O interfaces also include data input ports via which any type
of data, media content, and/or inputs can be received, such as user
inputs to the device, as well as any type of audio, video, and/or
image data received from any content and/or data source.
[0108] The I/O interfaces 1008 also support natural user interface
(NUI) inputs to the device 1002, such as any interface technology
that enables a user to interact with a device in a "natural"
manner, free from artificial constraints imposed by input devices
such as mice, keyboards, remote controls, and the like. Examples of
natural user interface inputs may rely on speech recognition, touch
and stylus recognition, gesture recognition on-screen and motion
gesture recognition proximate the device, head, eye, and
environment recognition and tracking, augmented reality and virtual
reality systems, and any other type of audible, vision, touch,
gesture, and/or machine intelligence that may determine user input
intentions.
[0109] The device 1002 includes a processing system 1010 that may
be implemented at least partially in hardware, such as with any
type of microprocessors, controllers, and the like that process
executable instructions. The processing system can include
components of an integrated circuit, programmable logic device, a
logic device formed using one or more semiconductors, and other
implementations in silicon and/or hardware, such as a processor and
memory system implemented as a system-on-chip (SoC). Alternatively
or in addition, the device can be implemented with any one or
combination of software, hardware, firmware, or fixed logic
circuitry that may be implemented with processing and control
circuits. The device 1002 may further include any type of a system
bus or other data and command transfer system that couples the
various components within the device. A system bus can include any
one or combination of different bus structures and architectures,
as well as control and data lines.
[0110] The device 1002 also includes computer-readable storage
media 1012, such as data storage devices that can be accessed by a
computing device, and that provide persistent storage of data and
executable instructions (e.g., software applications, programs,
functions, and the like). Examples of computer-readable storage
media include volatile memory and non-volatile memory, fixed and
removable media devices, and any suitable memory device or
electronic data storage that maintains data for computing device
access. The computer-readable storage media can include various
implementations of random access memory (RAM), read-only memory
(ROM), flash memory, and other types of storage media in various
memory device configurations.
[0111] Generally, computer-readable storage media is representative
of media and/or devices that enable persistent and/or
non-transitory storage of data in contrast to mere signal
transmission, carrier waves, or signals per se. A computer-readable
signal media may refer to a signal-bearing medium that transmits
instructions, such as via a network. The signal media can embody
computer-readable instructions as data in a modulated data signal,
such as carrier waves or other transport mechanism.
[0112] The computer-readable storage media 1012 provides storage of
the device data 1006 and various device applications 1014, such as
an operating system that is maintained as a software application
with the computer-readable storage media and executed by the
processing system 1010. In this example, the device applications
also include a device share service 1016 that implements
embodiments of restricted execution modes, such as when the example
device 1002 is implemented as the mobile device 100 shown in FIG.
1. An example of the device share service 1016 is the restricted
execution service 202 that is integrated with the operating system
204 at the mobile device 100, as described with reference to FIG.
1.
[0113] The device applications 1014 can also include any of the
services and applications 1018 that implement embodiments of
restricted execution modes. The example device 1002 also includes a
family coordination architecture 1020, which may be implemented in
the general context of software, firmware, hardware (e.g., fixed
logic circuitry), or any combination thereof to support embodiments
of restricted execution modes and/or mobile devices family
coordination. The device 1002 can also include a positioning system
1022, such as a GPS transceiver, or similar positioning system
components, that can be utilized to determine a global or
navigational position of the device.
[0114] The device 1002 also includes an audio and/or video system
1024 that generates audio data for an audio device 1026 and/or
generates display data for a display device 1028. The audio device
and/or the display device include any devices that process,
display, and/or otherwise render audio, video, display, and/or
image data. In implementations, the audio device and/or the display
device are integrated components of the example device 1002.
Alternatively, the audio device and/or the display device are
external, peripheral components to the example device.
[0115] In embodiments, at least part of the techniques described
for restricted execution modes may be implemented in a distributed
system, such as over a "cloud" 1030 in a platform 1032. The cloud
1030 includes and/or is representative of the platform 1032 for
services 1034 and/or resources 1036. For example, the services 1034
may include the cloud storage and service 206, and any of the data
services 208 as described with reference to FIG. 1. Additionally,
the resources 1036 may include the accessible data 210 as described
with reference to FIG. 1.
[0116] The platform 1032 abstracts underlying functionality of
hardware, such as server devices (e.g., included in the services
1034) and/or software resources (e.g., included as the resources
1036), and connects the example device 1002 with other devices,
servers, etc. The resources 1036 may also include applications
and/or data that can be utilized while computer processing is
executed on servers that are remote from the example device 1002.
Additionally, the services 1034 and/or the resources 1036 may
facilitate subscriber network services, such as over the Internet,
a cellular network, or Wi-Fi network. The platform 1032 may also
serve to abstract and scale resources to service a demand for the
resources 1036 that are implemented via the platform, such as in an
interconnected device embodiment with functionality distributed
throughout the system 1000. For example, the functionality may be
implemented in part at the example device 1002 as well as via the
platform 1032 that abstracts the functionality of the cloud
1030.
[0117] Although embodiments of restricted execution modes have been
described in language specific to features and/or methods, the
appended claims are not necessarily limited to the specific
features or methods described. Rather, the specific features and
methods are disclosed as example implementations of restricted
execution modes.
* * * * *