The present invention relates to the use of service contracts in disconnected transactions. Specifically, this invention relates to specifying contracts that enforce rules of interaction with a product/service application for pervasive computing devices while disconnected from a server.
There has been a substantial increase in the use of pervasive computing (e.g., hand held) devices to conduct electronic commerce over the last few years. Consequently, there is a need for systems that support disconnected transactions or transactions which, in part, are executed in a disconnected mode. Because pervasive computing devices are most often disconnected from a network (and, thus, any server), system features are required that enable the successful completion of these transactions upon reconnection to an application or resource provider server. Among other functionality, these features must provide for adherence to a set of rules in a pre-established service contract so as to enable the transaction as disclosed in U.S. patent application Ser. No. 09/148,618, filed Sep. 4, 1998, now U.S. Pat. No. 6,148,290 and assigned to the present assignee which is hereby incorporated by reference.
FIG. 1 depicts a conventional client-server interaction system model. The clients (101, 102), being any type of computer system, are connected to a server or servers 140 via a network 130 such as the Internet or an intranet. In this model, the clients (101, 102) execute a part of an application logic where the associated application code is either pre-installed in the clients (101, 102) or downloaded from the server 140 prior to execution. The overall application is designed by appropriately partitioning the application logic across the clients (101, 102) and the server 140. Periodic upgrades may also be shipped by the server 140 to the clients (101, 102). In any case, the clients are equipped with a program or client code (111, 112) that executes locally and provides a responsive interface for interaction with the server 140. The client code (111, 112) establishes contact with the server 140 through the network. For example, a simple client interface could be provided by the client code (111, 112) for interacting with several applications on the server, e.g., a VM Client application can be used to interact with several server applications like Email, HR forms etc. The client code (111, 112) makes method invocations to the server 140 and receives responses therefrom. For state-keeping purposes, the interactions could be logged at the client and/or the server depending on the features and logic of the client code. Examples of such distributed client-server applications are distributed file systems, transaction processing, and groupware.
FIG. 2 depicts a conventional dynamic client system, where the client code 201 is dynamically downloaded to the client 200 when the client establishes a connection with the server 230, rather than being statically pre-installed at the client and used for several interactions. That is, the interfaces provided to the user are composed at the server 230 and presented to the client 200 as a program that executes on the client. This code 201 is downloaded at run-time and, after the interactions, the code is deleted from the client. An example of this scenario is an Applet that is downloaded via the network 220 onto the client 200 and executes thereon by interacting with the server 230 making method invocations and receiving responses in return. The Applet is not permitted to write to the client""s file system and has certain other security restrictions. Another example of this model could be an HTML form that shows up on the client""s web browser when it opens a connection to the server. In both cases, the interactions are synchronous so that any disconnection with the server 230 would put the state of the interactions in an inconsistent state, unless the server 230 deploys mechanisms for logging and providing reliability and fault-tolerant functions. For example, a user at a client 200 may attempt to purchase goods through the web and a shopping cart may be filled with the user""s selections. In this scenario, the state of the interactions could be lost if the connection to the server 230 is broken at some instance prior to completing the purchase. However, in this model, if the server 230 maintained the state of interactions, the interaction could be resumed by synchronizing the client state to the server state. This server state maintenance, of course, requires the connected nature of the transaction.
Under a model of pervasive computing, clients may follow a mode of disconnected operation and periodic synchronization. FIG. 3a depicts an example of this model where client code 302 is downloaded from a database 306 of a server 305 and installed on a client 301 via a network 303. The client 301 can be any pervasive (or mobile) computing device such as a hand held device, a notebook computer or some other pervasive electronic device with processing capability, storage, I/O mechanisms and a communication system. At some subsequent time, the client 301 is disconnected from the server 305 and the client continues to operate on data in a disconnected mode. When the client 301 executes the code 302 in the disconnected mode as shown in FIG. 3b, a log 313 of all disconnected operations or actions is created by the client. Thus, in this pervasive computing model, the state of the disconnected operations is maintained on the client only. The client 301 periodically connects back to the server 305, as shown in FIG. 3c, to synchronize the client and server states in order to commit the transaction. In other words, the log 313 of the disconnected actions is uploaded to the server 305, and the server 305 executes each of these actions resulting in a change to its database resources 306. If these actions are completed successfully by the server 305, then the transaction is successfully completed. But due to changes in the state of the server 305, some of the actions will not be executed by the server 305 and the transaction will, therefore, fail. For instance, in the event that the data on the server is shared and accessed by more than one client, the data is free to change according to the actions that the other clients might perform. An example of this might be a movie ticket database which might be downloaded by a client. There may be clients that also have downloaded this database and reconnected in order to book tickets. In that case, if seats are sold on a First-Come-First-Served basis, when the client tries to commit a transaction for a seat which has been booked by some other client, the transaction fails because the data on this client is no longer current or, in other words, the data or the state at the server has changed. Thus, the client 301 would then have to re-attempt the transaction by receiving the current state of the server 305.
Therefore, pervasive computing clients currently download data and attempt to execute transactions on the data without an understanding of the changes taking place at the server when they are disconnected. Thus, there is no guarantee of the validity of the data and the success of a transaction until the transaction is sent to the server and committed. Furthermore, users can tamper with data in the disconnected mode so that, upon reconnection, the transaction is erroneously completed. For instance, the price of a product could be adjusted so as to reduce the cost to the user. Thus, due to the disconnected nature of transactions in the pervasive computing arena and the associated characteristics that make transaction and data validity questionable, there is a need for a system and method for validating actions taken in the disconnected mode.
Service contracts can be used to facilitate the outcomes of transactions by requiring adherence to the guidelines outlined in the contract. By stating the guidelines for conducting actions, the outcomes can be characterized in an unambiguous way. This concept of guaranteed outcomes based on guidelines is attractive if applied in the context of disconnected transactions. Since pervasive computing clients operate on data without awareness of the changes that might take be taking place on the server, it becomes essential to make guarantees about the validity of the clients"" disconnected actions, based on certain conditions such as timeliness and other rules that the resource provider might decide appropriate to ensure the same success of transactions if the clients were connected and aware of the state of the server. Thus, there is a need for a system and method of enforcing rules of transactions, provided by a service contract, in a disconnected mode.
The present invention provides for a system of using service contracts to enforce rules of transactions performed when a pervasive computing client is disconnected from the server. Preferably, a service contract would be packaged along with the presentation logic to specify the interaction behavior of the end user on the data objects available in the disconnected mode.
According to the present invention, the service contract outlines the rules that the server specifies as valid actions on the applicable data objects. Compliance with the contract, guidelines is facilitated by an associated client program which extracts the appropriate rules and incorporates the appropriate user interface features. A user can download one such service contract and program and interact with the application data even while disconnected from the server. During the disconnected mode, the client program presents the appropriate interaction screens for operating on the data consistent with the rules of the contract during operations on the data objects.
When the client connects back to the server, the prepared transaction (in the form of an action log) is uploaded to the server and the server verifies the transaction(s) based on the contract. Depending on the rules of the contract, the transaction(s) either succeeds or fails. The transaction could fail, for instance, if the client tampered with the program while disconnected in an attempt to perform certain actions which were not permitted in the contract. Comparison to the service contract at the server allows detection of such tampering by the user.
The present invention thus provides a system and method for providing a service where one or more parties can interact with the service using a service contract which unambiguously specifies the rules of interaction. Since, in a preferred embodiment, the contracts are drafted and implemented by the provider, the user at the client need only choose the product or service and associated contract that suits his needs. The user can be assured of a successful transaction if he abides by the rules outlined in the contract.
This invention is very useful for enabling electronic commerce (e-commerce) using pervasive computing devices. There has been a significant increase in the use of hand held devices for conducting transactions in a mobile context. Since service contracts clearly spell out the rules imposed by the server, the client only needs to abide by the contract to achieve a successful transaction. With this invention, the server can issue guarantees to the clients by specifying service contracts. By abiding to the contracts, the clients have significantly higher chances of successful transactions.
Specifically, the present invention provides a method for conducting disconnected transactions, between a pervasive computing device and a server, relating to a service application, the method including the steps of: receiving, at the pervasive computing device, a service contract from the server during a connected mode, the service contract specifying rules of interaction with the service application in a disconnected mode; executing, with the pervasive computing device, at least one transaction of the service application in the disconnected mode; and sending transaction information, in response to the executing step, to the server during a reestablished connected mode, whereby the at least one transaction is recorded as valid if compliance with the rules of interaction are verified by the server.
The method can also include the step of receiving a service program which enables a user of the pervasive computing device to interact with the service application consistent with the rules of interaction. The service program can also provide, to the user, user interfaces for interaction, program logic for service application actions, security features specified by the service contract and/or alerts which facilitate successful completion of the at least one transaction.
Furthermore, the service program can be written to only enable interaction with the service application consistent with the rules of interaction of the service contract. The service program can also include a common module written to enable interaction with the service application consistent with the rules of interaction of a plurality of service contracts when combined with specialized modules written for each service contract.
The method of the present invention can also include the step of receiving a service contract with an identification code identifying the service application or server.
In one embodiment, the executing step includes the step of logging the at least one transaction as log data. The sending step can also include the step of sending the log data to the server during a reestablished connected mode. The reestablished connection mode can include a reestablished network-connected mode.
Another aspect of the present invention provides a program storage device, readable by a machine, tangibly embodying a program of instructions executable by the machine to perform method steps for conducting disconnected transactions, between a pervasive computing device and a server, relating to a service application, the method including the steps of receiving, at the pervasive computing device, a service contract from the server during a connected mode, the service contract specifying rules of interaction with the service application in a disconnected mode; executing, with the pervasive computing device, at least one transaction of the service application in the disconnected mode; and sending transaction information, in response to the executing step, to the server during a reestablished connected mode, whereby the at least one transaction is recorded as valid if compliance with the rules of interaction are verified by the server.
Another aspect of the present invention includes a system for conducting disconnected transactions with a server relating to a service application, including: a device for receiving, at the pervasive computing device, a service contract from the server during a connected mode, the service contract specifying rules of interaction with the service application in a disconnected mode; a device for executing, with the pervasive computing device, at least one transaction of the service application in the disconnected mode; and a device for sending transaction information, in response to the executing step, to the server during a reestablished connected mode, whereby the at least one transaction is recorded as valid if compliance with the rules of interaction are verified by the server. The system can also include a device for receiving a service program which enables a user of the pervasive computing device to interact with the service application consistent with the rules of interaction.
In another aspect, the present invention includes a method for facilitating disconnected transactions, between a pervasive computing device and a server, relating to a service application, the method including the steps of: receiving, from the pervasive computing device a request for service application information; presenting one or more service application options and associated service contracts to the pervasive computing device; receiving, from the pervasive computing device, a service application selection; sending, to the pervasive computing device, a service contract associated with the service application selection, the service contract specifying rules of interaction with the service application in a disconnected mode; receiving, from the pervasive computing device, transaction information logged during the disconnected mode; and validating the transaction information.
The method can also include the step of sending, to the pervasive computing device, a service program which enables a user of the pervasive computing device to interact with the service application consistent with the rules of interaction. The service program could provide, to the user, user interfaces for interaction. The service program could also provide, to the user, program logic for service application actions. Also, the service program could provide, to the user, security features specified by the service contract to prevent tampering. Finally, the service program could provide, to the user, alerts which facilitate successful completion of the at least one transaction.
In one embodiment, the service program is written to only enable interaction with the service application consistent with the rules of interaction of the service contract. The service program could also include a common module written to enable interaction with the service application consistent with the rules of interaction of a plurality of service contracts when combined with specialized modules written for each service contract.
The service contract sending step could also include the step of sending a service contract with an identification code identifying the service application or the server. The validating step can include the step of comparing the transaction information to the rules of interaction specified by the service contract.
Another aspect of the present invention provides a program storage device, readable by a machine, tangibly embodying a program of instructions executable by the machine to perform method steps for facilitating disconnected transactions, between a pervasive computing device and a server, relating to a service application, the method including the steps of: receiving, from the pervasive computing device a request for service application information; presenting one or more service application options and associated service contracts to the pervasive computing device; receiving, from the pervasive computing device, a service application selection; sending, to the pervasive computing device, a service contract associated with the service application selection, the service contract specifying rules of interaction with the service application in a disconnected mode; receiving, from the pervasive computing device, transaction information logged during the disconnected mode; and validating the transaction information.
Yet another aspect of the present invention provides a server system for facilitating disconnected transactions in a pervasive computing device relating to a service application, including: a device for receiving, from the pervasive computing device a request for service application information; a device for presenting one or more service application options and associated service contracts to the pervasive computing device; a device for receiving, from the pervasive computing device, a service application selection; a device for sending, to the pervasive computing device, a service contract associated with the service application selection; a device for receiving, from the pervasive computing device, transaction information logged during a disconnected mode; and a device for validating the transaction information.
A final aspect of the invention provides a disconnected transaction system for pervasive computing devices including: a service provider server; a pervasive computing device; a communication network; and a service contract downloadable from the service provider server to the pervasive computing device over the communication network during a connected mode, the service contract specifying rules of interaction with a service application associated with the service contract and providing a service provider with a mechanism for validating, upon reconnection to the service provider server, at least one transaction of the service application performed by a user of the pervasive computing device during a disconnected mode.
The service contract preferably specifies unambiguous rules of interaction with downloaded transaction information in the disconnected mode. The system can further include a service program downloadable from the service provider server to the pervasive computing device over the communication network during a connected mode, the service program adapted to enable a user of the pervasive computing device to interact with the service application consistent with the rules of interaction. The service program can include user interfaces for interacting with the transaction information, implementation logic which presents the user interfaces and computes the results of the actions, security features that enable identification of the service provider server or the service contract, and/or alert features to assist the user in making decisions when the pervasive computing device is in the disconnected mode.