Patent 8677398
Derivative works
Defensive disclosure: derivative variations of each claim designed to render future incremental improvements obvious or non-novel.
Active provider: Google · gemini-2.5-pro
Derivative works
Defensive disclosure: derivative variations of each claim designed to render future incremental improvements obvious or non-novel.
✓ Generated
Defensive Disclosure and Prior Art Generation
RE: U.S. Patent 8,677,398
Publication Date: April 30, 2026
Author: Senior Patent Strategist and Research Engineer
Abstract: This document discloses a series of methods, systems, and applications that build upon, vary, or invert the core concepts described in U.S. Patent 8,677,398. The purpose of this disclosure is to place in the public domain a range of foreseeable modifications and applications of the technology, thereby establishing prior art against future patent claims on these or similar concepts. The disclosures herein cover alternative components and protocols, operation in extreme environments, novel cross-domain applications, integration with emerging technologies like AI and blockchain, and privacy-centric or resource-constrained operational modes.
Section 1: Component and Protocol Substitution
The core mechanism of associating devices via a shared public IP address can be achieved with numerous alternative network identifiers and protocols, each with distinct advantages in different network topologies.
1.1. Association via IPv6 Prefix Delegation
- Enabling Description: In an IPv6-native environment, a single household is often assigned a stable network prefix (e.g., a /56 or /64 subnet) by an ISP via DHCPv6 Prefix Delegation (PD). All devices within the local network will subsequently derive their unique global IPv6 addresses from this shared prefix. A central server can associate devices by observing that their IPv6 addresses share the same delegated prefix, even if the full addresses are different. This method is more stable than NAT-based IPv4 association, as the prefix is typically long-lived. The server would ingest device identifiers and their full IPv6 addresses, apply a bitmask for the delegated prefix length, and use the resulting common prefix as the key for association.
- Diagram:
sequenceDiagram participant DeviceA as Device A (Mobile) participant DeviceB as Device B (STB) participant Router participant ISP participant AdServer as Association Server DeviceA->>Router: DHCPv6 Solicit Router->>ISP: DHCPv6 PD Request ISP-->>Router: Assigns Prefix (e.g., 2001:db8:1234::/56) Router-->>DeviceA: Assigns IPv6 (2001:db8:1234:0:..:A) DeviceB->>Router: DHCPv6 Solicit Router-->>DeviceB: Assigns IPv6 (2001:db8:1234:0:..:B) DeviceA->>+AdServer: Report (ID_A, 2001:db8:1234:0:..:A) AdServer->>AdServer: Store: Prefix(2001:db8:1234::/56) -> ID_A DeviceB->>+AdServer: Report (ID_B, 2001:db8:1234:0:..:B) AdServer->>AdServer: Match Prefix! Associate ID_A and ID_B deactivate AdServer
1.2. Association via Network BSSID and SSID
- Enabling Description: Mobile and stationary devices on a Wi-Fi network are aware of the Basic Service Set Identifier (BSSID), which is the MAC address of the wireless access point, and the Service Set Identifier (SSID), which is the network name. A client-side agent on each device can report the BSSID and/or a hash of the SSID to a central server along with the device's unique identifier. The server can then associate devices that report the same BSSID within a given time window. This method is independent of the public IP address and can distinguish between different access points within the same location (e.g., "Guest" vs. "Home" networks).
- Diagram:
flowchart TD subgraph DeviceA A1[Client Agent] A2[Wi-Fi Radio] end subgraph DeviceB B1[Client Agent] B2[Wi-Fi Radio] end subgraph "Wi-Fi AP" C1["SSID: MyHome_WiFi"] C2["BSSID: 0A:1B:2C:3D:4E:5F"] end subgraph AssociationServer D1{Association Logic} D2[Database] end A2 -- Scans --> C1 & C2 B2 -- Scans --> C1 & C2 A1 -- "ID_A, BSSID" --> D1 B1 -- "ID_B, BSSID" --> D1 D1 -- "BSSIDs match" --> D2[Link ID_A & ID_B]
1.3. Association via mDNS/Bonjour Service Discovery
- Enabling Description: Devices on a local network can discover each other using zero-configuration protocols like multicast DNS (mDNS). A client-side agent on a first device (e.g., a phone) could broadcast a specific mDNS service type (e.g.,
_my-app-association._tcp.local). An agent on a second device (e.g., a smart TV) on the same network would listen for this service type. Upon discovery, the two devices establish a direct peer-to-peer connection and exchange unique identifiers. One of the devices then reports the now-linked pair of identifiers to the central server, which finalizes the association. This method is decentralized and confirms direct LAN-level connectivity. - Diagram:
sequenceDiagram participant Phone as Device A (Phone) participant TV as Device B (TV) participant Server as Central Server Phone->>Multicast: mDNS Announce _my-app._tcp TV->>Multicast: mDNS Listen for _my-app._tcp TV-->>Phone: Discovered! Phone->>TV: Exchange Identifiers (ID_A, ID_B) TV-->>Phone: Acknowledge Phone->>Server: Report Association (ID_A, ID_B) Server->>Server: Store Association
Section 2: Operational Parameter Expansion
The core concept is adapted to operate under extreme network conditions and at massive industrial scales.
2.1. High-Latency/Asynchronous Network Association (Maritime/Satellite)
- Enabling Description: For devices connected via high-latency satellite or VSAT links, real-time IP address matching is unreliable. In this system, each device maintains a local, time-stamped log of its public IP address history. When a device establishes a stable connection, it uploads its identifier and this historical IP log to a central server. The server's logic processor does not look for a real-time match but instead searches for overlapping IP address tenures between the logs of different devices. An association is created if two devices held the same IP address for a significant, overlapping period (e.g., >1 hour) within the last 24-48 hours. Actions triggered by activity are then queued for delivery until the target device next polls the server.
- Diagram:
graph TD subgraph "Device A (On Ship)" A1[IP Logger] --> A2(Log: [IP1, T1-T5]) A3[Batch Uploader] end subgraph "Device B (On Ship)" B1[IP Logger] --> B2(Log: [IP1, T2-T6]) B3[Batch Uploader] end subgraph "Central Server (Onshore)" C1[Data Ingest] C2{Time-Series IP Analysis} C3[Association DB] end A3 -- Sporadic Connection --> C1 B3 -- Sporadic Connection --> C1 C1 --> C2 C2 -- "Overlap detected for IP1 at T2-T5" --> C3 C3 --> C2 style C2 fill:#f9f,stroke:#333,stroke-width:2px
2.2. Carrier-Grade NAT (CGNAT) Level Association
- Enabling Description: In many mobile and some fixed-line networks, multiple households share a single public IP address via Carrier-Grade NAT. To disambiguate households behind a CGNAT, this system leverages additional network parameters available to the carrier. The association server ingests not only the public IP but also the source port range and a timestamp from the network's BNG (Broadband Network Gateway) or GGSN. The carrier's network elements assign specific port ranges to each subscriber's session. The server associates devices if they originate from the same public IP and their source ports fall within the same allocated range for a given session, thereby correctly identifying a single household even behind a shared public IP.
- Diagram:
classDiagram CGNAT_Router { +public_ip: IPAddress +assignPortRange(session) } Session { <<Entity>> session_id subscriber_id assigned_port_range } Device { <<Entity>> device_id source_ip source_port } AssociationServer { +correlate(device_a, device_b) } CGNAT_Router "1" -- "N" Session Session "1" -- "N" Device AssociationServer ..> Device : analyzes AssociationServer ..> Session : correlates with
---
### **Section 3: Cross-Domain Applications**
The core mechanism is applied to non-advertising use cases in distinct industrial sectors.
#### **3.1. Industrial IoT: Context-Aware Machine Control**
* **Enabling Description:** A factory floor maintenance technician uses a ruggedized tablet (Device A) to diagnose a specific CNC machine (Device B). Both the tablet and the machine's control unit are connected to the same industrial Wi-Fi network and thus share a public IP address through the factory's gateway. When the technician uses an app on the tablet to look up the service manual for "CNC Model XYZ", the app notifies a central factory management server. The server, having already associated the tablet with the CNC machine via their shared IP, sends a command via the OPC UA protocol to the machine's PLC. The command places the machine into a safe, diagnostic mode and illuminates the specific component referenced in the manual, guiding the technician.
* **Diagram:**
```mermaid
sequenceDiagram
participant Tablet as Technician Tablet (A)
participant CNC_PLC as CNC Machine PLC (B)
participant FactoryServer as Factory Mgmt Server
Tablet->>+FactoryServer: Report (Tablet_ID, Public_IP)
CNC_PLC->>+FactoryServer: Report (CNC_ID, Public_IP)
FactoryServer->>FactoryServer: Associate Tablet_ID & CNC_ID
deactivate FactoryServer
Tablet->>FactoryServer: Event: "Viewed Schematic for Part P42"
FactoryServer->>CNC_PLC: Command: EnterDiagnosticMode(Target=P42)
CNC_PLC-->>FactoryServer: Acknowledged
CNC_PLC->>CNC_PLC: Illuminate LED on Part P42
```
#### **3.2. Healthcare: Synchronized Clinical Workflows**
* **Enabling Description:** A nurse's workstation-on-wheels (WOW) computer (Device A) and a patient's in-room smart infusion pump (Device B) are connected to the same secured hospital Wi-Fi network segment, sharing an IP address visible to the internal hospital services network. When the nurse authenticates and accesses a patient's Electronic Health Record (EHR) on the WOW, the EHR system sends an event to a Clinical Workflow Orchestrator server. This server recognizes the WOW's IP address matches the one recently reported by the patient's infusion pump. Based on this association, it pushes context-specific information to the pump's display, such as "Awaiting dosage confirmation for Jane Doe," and pre-loads the prescribed medication and dosage parameters, requiring only the nurse's final confirmation on the pump itself to begin infusion.
* **Diagram:**
```mermaid
flowchart LR
subgraph Hospital Network (Same IP Subnet)
A[Nurse WOW - Device A]
B[Infusion Pump - Device B]
end
C[Clinical Orchestrator Server]
D[EHR System]
A -- "Accesses Patient X Record" --> D
D -- "Event: RecordAccessed(Patient X, WOW_ID)" --> C
B -- "Heartbeat(Pump_ID, IP_Address)" --> C
A -- "Heartbeat(WOW_ID, IP_Address)" --> C
C -- "1. IP Match => Associate(WOW, Pump)" --> C
C -- "2. Push Context to Pump B" --> B
B -- "Display: 'Confirm Dosage for Patient X'" --> B
```
#### **3.3. Automotive: Seamless In-Car Experience Handoff**
* **Enabling Description:** A vehicle's Telematics Control Unit (TCU) provides an in-car Wi-Fi hotspot, acting as a router. A passenger's smartphone (Device A) connects to this hotspot. The car's head unit/infotainment system (Device B) is also on this local network. Both devices communicate to the OEM's cloud services via the TCU's LTE connection, thus sharing the same public IP address. When the passenger uses a music streaming app on their phone, the app notifies the streaming service's backend. The backend informs the OEM cloud service. The OEM service, seeing the phone and the head unit share an IP, sends a message to the head unit, which then displays "Now Playing" information on its screen and offers playback controls, synchronizing the in-car experience without requiring Bluetooth pairing.
* **Diagram:**
```mermaid
graph TD
subgraph Vehicle
A(Passenger Phone) -- Wi-Fi --> R{In-Car Hotspot (TCU)};
B(Head Unit) -- Wi-Fi --> R;
R -- LTE --> Internet;
end
subgraph CloudServices
OEM[OEM Cloud]
Music[Music Service]
end
A -- "Activity: Play Song X" --> Music;
R -- "Source IP: 198.51.100.5" --> Internet;
B -- "Heartbeat from HeadUnit_ID @ 198.51.100.5" --> OEM;
Music -- "Notify Playback(User_Y, Song_X) from 198.51.100.5" --> OEM;
OEM -- "Match IP: Associate HeadUnit & User_Y" --> OEM;
OEM -- "Command: Display(Song_X)" --> B;
```
---
### **Section 4: Integration with Emerging Technologies**
#### **4.1. AI-Driven Probabilistic Association**
* **Enabling Description:** This system uses a machine learning model (e.g., a Gradient Boosting classifier) to determine the probability that two devices belong to the same household, even when their IP addresses do not match. The model is trained on a dataset of confirmed device pairs. Features for the model include: the first 3 octets of the IP address (IP subnet), the Autonomous System Number (ASN) of the ISP, device User-Agent strings (to identify device type), temporal access patterns (e.g., co-activity during evening hours), and previously associated IP addresses. When new device activity is reported, the server computes a feature vector and the model outputs a probability score. If the score exceeds a configurable threshold (e.g., 95%), the devices are associated, allowing for targeting across a user's mobile (cellular IP) and home (Wi-Fi IP) sessions.
* **Diagram:**
```mermaid
flowchart TD
A[Device A Activity<br>IP: 203.0.113.10<br>Time: 19:05<br>UA: Mobile] --> F1[Feature Extractor];
B[Device B Activity<br>IP: 198.51.100.50<br>Time: 19:08<br>UA: SmartTV] --> F1;
F1 --> FV{{Feature Vector<br>/24 Subnets<br>ASNs<br>Time Delta<br>UA Types}};
FV --> M{ML Model};
M -- "Prob(Match) = 0.98" --> D{Threshold > 0.95?};
D -- Yes --> R[Associate Devices];
D -- No --> E[Do Not Associate];
```
#### **4.2. Blockchain-Managed Consent and Micro-payments**
* **Enabling Description:** A decentralized application (dApp) is used by the user to manage consent for cross-device targeting. The user's preferences are stored in a smart contract on a public blockchain (e.g., Ethereum). When the association server identifies a potential device pairing, it first queries the smart contract to verify that the user has opted-in. The user's activity on the first device triggers a transaction to the smart contract. A second transaction is logged when a targeted action is delivered to the second device. This creates an immutable, user-auditable trail. Furthermore, the advertiser can pre-load the smart contract with cryptocurrency, which is then automatically distributed as a micro-payment to the user's wallet each time a targeted action is successfully delivered and viewed, creating a transparent value exchange.
* **Diagram:**
```mermaid
sequenceDiagram
participant User
participant DeviceA
participant DeviceB
participant Server
participant Blockchain
User->>Blockchain: Deploy ConsentContract(opt_in=true)
DeviceA->>Server: Activity from IP_1
DeviceB->>Server: Activity from IP_1
Server->>Server: Potential Match Found
Server->>Blockchain: Query: ConsentContract.isOptIn()?
Blockchain-->>Server: Response: true
Server->>DeviceB: Send Targeted Action
Server->>Blockchain: Log Tx: ActionSent(DeviceA, DeviceB)
DeviceB->>Server: Action Viewed
Server->>Blockchain: Execute Tx: TransferMicroPayment(to_user_wallet)
```
---
### **Section 5: The "Inverse" and Safe-Failure Modes**
#### **5.1. Graceful Degradation to Privacy-Preserving Mode**
* **Enabling Description:** The system is designed to operate in a "Limited Functionality" mode to respect user privacy or operate under certain legal jurisdictions (e.g., GDPR). In this mode, the server does not store full IP addresses. Instead, it uses a cryptographic one-way hash function (e.g., SHA-256) with a rotating daily salt on the IP address. The server associates devices only if their hashed IPs match. Furthermore, it only stores hashes of user activity categories (e.g., "sports enthusiast") rather than specific URLs visited. When a device checks in, its IP is hashed and compared to the stored activity hashes. If a match is found, a generic, category-based action is triggered on the associated device. The salt is discarded daily, breaking all associations and preventing long-term profiling.
* **Diagram:**
```mermaid
stateDiagram-v2
[*] --> Full_Functionality
Full_Functionality: Store Full IP<br>Store Specific User Activity<br>Precise Targeting
Full_Functionality --> Limited_Privacy_Mode: User Opt-Out or Regulation Trigger
Limited_Privacy_Mode: H = sha256(IP + daily_salt)<br>Store Hashed IP<br>Store Activity Category
Limited_Privacy_Mode --> Full_Functionality: User Opt-In
Limited_Privacy_Mode --> [*]: Session End / Salt Rotation
state Fork1 <<fork>>
Limited_Privacy_Mode --> Fork1
Fork1 --> Hash_IP
Fork1 --> Categorize_Activity
state Join1 <<join>>
Hash_IP --> Join1
Categorize_Activity --> Join1
Join1 --> Store_Anonymized_Data
Store_Anonymized_Data --> Match_And_Trigger
```
---
### **Section 6: Combination with Open-Source Standards**
#### **6.1. Combination with the Matter Standard for Smart Homes**
* **Enabling Description:** A user's smartphone (Device A) and a Matter-enabled smart display (Device B) are commissioned onto the same home Wi-Fi and Thread network, making them part of the same Matter "fabric". A cloud service, which has been granted access to the fabric, observes an HTTP request from the smartphone originating from a specific public IP address. The service's backend notes that the user was searching for vacuum cleaner reviews. Independently, the smart display checks in with the same cloud service from the same public IP. Recognizing the shared IP and fabric co-membership, the service uses the Matter application layer protocol to send a targeted message not as a generic ad, but as a contextual "card" to the smart display's UI, showing a "card" with pricing for the reviewed vacuum cleaner at a local store.
* **Diagram:**
```mermaid
erDiagram
USER }o--|| SMARTPHONE : uses
USER }o--|| SMART_DISPLAY : owns
SMARTPHONE ||--o{ "MATTER FABRIC" : belongs
SMART_DISPLAY ||--o{ "MATTER FABRIC" : belongs
"MATTER FABRIC" ||--|{ WIFI_NETWORK : runs_on
SMARTPHONE {
string DeviceID
string ActivityData
}
SMART_DISPLAY {
string DeviceID
}
CLOUD_SERVICE {
string AssociationLogic
string MatterAPI_Endpoint
}
SMARTPHONE o..o CLOUD_SERVICE : "reports activity via IP"
SMART_DISPLAY o..o CLOUD_SERVICE : "reports presence via IP"
CLOUD_SERVICE o..o SMART_DISPLAY : "sends contextual card via Matter API"
```
#### **6.2. Combination with OpenID Connect (OIDC) for Authenticated Experiences**
* **Enabling Description:** A user logs into a news website on their laptop (Device A) using a third-party OIDC identity provider (e.g., "Sign in with AcmeID"). The OIDC provider's server records the successful authentication event, the client_id of the news website, and the source IP address. Later, the user opens a Connected TV (CTV) app (Device B) and uses the OIDC "device flow" to log in with the same AcmeID. The CTV app also reports its public IP. The OIDC provider's backend service joins these two events on the user's identity and sees the shared IP address, creating a strong association. Based on the user reading financial news on Device A, the OIDC service can pass an additional `audience_segment: 'finance'` claim in the ID Token it issues to the CTV app, allowing the app to personalize its home screen with a "Stock Market Today" widget.
* **Diagram:**
```mermaid
sequenceDiagram
actor User
participant Laptop as Laptop (Device A)
participant OIDC as OIDC Provider
participant CTV as CTV App (Device B)
User->>Laptop: Clicks "Sign in with AcmeID"
Laptop->>OIDC: AuthN Request
OIDC-->>Laptop: Returns Auth Code
Laptop->>OIDC: Token Request (from IP_1)
OIDC->>OIDC: Log: User_X, IP_1, Client_News
User->>CTV: Chooses "Sign in with AcmeID"
CTV->>OIDC: Device AuthZ Request (from IP_1)
OIDC->>OIDC: Join on User_X and IP_1
OIDC->>OIDC: Infer context ('finance')
OIDC-->>CTV: ID Token with claim "audience_segment: 'finance'"
CTV->>CTV: Personalize UI based on claim
```
#### **6.3. Combination with MQTT for IoT Messaging**
* **Enabling Description:** An array of environmental sensors (e.g., temperature, humidity; Devices A) in a smart greenhouse all publish their data to a public MQTT broker under topics like `greenhouse/z1/temp`. A central climate control system (Device B) subscribes to a command topic `greenhouse/z1/control`. A cloud-based analytics service subscribes to all `greenhouse/z1/#` topics. The service notices that all sensor telemetry and the controller's connection originate from the same static IP address of the greenhouse. When the analytics service processes the data stream from the temperature sensor and detects an anomaly (e.g., a sudden spike), it immediately publishes a command message to the `greenhouse/z1/control` topic (e.g., `{"actuator": "vent", "state": "open"}`), directly triggering an action on the co-located control system without needing to know its specific internal IP address.
* **Diagram:**
```mermaid
graph TD
subgraph Greenhouse LAN (Shared Public IP)
A[Temp Sensor] -- pub: /z1/temp --> B((MQTT Broker));
C[Humidity Sensor] -- pub: /z1/humidity --> B;
D[Control System] -- sub: /z1/control --> B;
end
E[Cloud Analytics] -- sub: /z1/# --> B;
E -- "Analyzes data stream" --> F{Anomaly Detected?};
F -- Yes --> G[Publish Command];
G -- pub: /z1/control --> B;
```
Generated 4/30/2026, 8:55:18 PM