Active Session Defense (ASD)
"Closing the possession gap on every device possible."
Active Session Defense — Public Technical Overview (May 2026 Release) ASD is now live with OSF DOI 10.17605/OSF.IO/GT9UC and ResearchGate DOI 10.131
"Closing the possession gap on every device possible."
Modern devices assume the person holding the phone is the rightful, safe user.
Authentication ends at unlock — but harm begins after unlock.
Once a device is unlocked:
There is no protection for children or vulnerable users
There is no detection of coercion, fear, or duress
There is no awareness of hostile possession
There is no safety layer during active use
There is no system monitoring behavioral risk in real time
This creates a critical blind spot known as the Possession Gap:
The period after unlock where the device cannot tell if the user is safe, in control, or acting under threat.
Every major safety failure — grooming, coercion, duress, hostile possession, manipulation — happens inside this gap.
No existing technology addresses this.
Active‑Session Defense (ASD) is not an app, feature, or parental‑control tool.
It is a new safety architecture layer that operates during active device use — a layer that has never existed in mobile systems.
Traditional safety technologies focus on:
content (filters, scanners, AI moderation)
permissions (MDM, parental controls)
identity (authentication, biometrics)
But none of these systems protect the user after unlock, during the moment‑to‑moment interaction where harm actually occurs.
ASD introduces a new category:
Session‑Layer Behavioral Safety
A continuous, real‑time safety architecture that monitors possession, behavior, and risk during active use.
This category is defined by:
continuous possession assurance
real‑time behavioral inference
session‑bound safety states
engine‑driven risk detection
non‑content, privacy‑preserving signals
a standards‑level safety model
ASD is the first implementation of this new category, establishing the foundation for future safety architectures and standards
Active‑Session Safety Science (ASSS) establishes the scientific foundation for session‑layer behavioral safety.
Active‑Session Defense (ASD) is the first operational instantiation of that science — a full architecture built directly from the principles of ASSS.
Together, they introduce a set of inventions that have never existed in mobile safety before.
ASSS defines the Nine Engines of Protection, a scientific framework for interpreting behavioral signals that emerge during active device sessions.
These engines classify:
interaction rhythm
timing patterns
navigation behavior
decision‑making dynamics
compliance signals
micro‑behavioral changes under fear, coercion, or duress
The Nine Engines represent the current published foundation of the field.
As with any scientific discipline, future research may expand or refine this framework as new discoveries emerge.
ASSS introduces a privacy‑preserving inference model that detects harm states based solely on how a session behaves, not what content is shown or exchanged.
ASD implements this model in real time, transforming scientific theory into operational safety.
A method for determining whether the rightful user remains in control of the device during active use, without biometrics, prompts, or surveillance.
This is a foundational scientific contribution of ASSS and a core operational component of ASD.
ASD translates the outputs of the Nine Engines into actionable safety behavior through ten modular components that:
evaluate risk
classify safety states
trigger protective responses
maintain privacy boundaries
enforce session‑layer safety rules
These modules are part of the ASD architecture, not the ASSS field.
A real‑time classification system that determines whether a session is:
safe
uncertain
actively harmful
This model operationalizes the scientific principles of ASSS into a functioning safety architecture.
A formally published, timestamped standard defining:
the architecture
the safety model
the modules
the requirements for session‑layer protection
This standard locks ASD as the first implementation of ASSS.
A federal‑aligned evaluation framework that demonstrates ASD’s readiness for:
NIST Zero Trust
NIST SP 800‑53
NIST SP 800‑63
NIST AI RMF
FedRAMP / FISMA
COPPA / GDPR
This elevates ASD from “architecture” to standards‑level technology.
Phone Guardian Pro1 and Pro2 are the first operational embodiments of ASD, proving:
the engines function in real time
the modules operate correctly
the safety model is stable
the architecture works across devices
the science is valid in real‑world conditions
This embodiment completes the chain:
ASSS → ASD → Phone Guardian
Field → Architecture → Implementation
Active‑Session Defense does not fit into any existing category of mobile safety.
It is not a parental‑control system, not a content filter, not an MDM tool, and not a surveillance product.
It is a session‑layer safety architecture, which has never existed before.
Not content scanning
No message analysis
No image or video inspection
No AI moderation
No cloud processing
Not surveillance
No keystroke logging
No screen recording
No location tracking
No persistent behavioral profiles
Not parental control
No app blocking
No time limits
No restrictions
No remote commands
Not MDM (Mobile Device Management)
No device takeover
No enterprise control
No configuration enforcement
Not spyware
No hidden operation
No data extraction
No remote monitoring
ASD is the first architecture that protects the person holding the device during active use, using:
real‑time behavioral signals
session‑bound inference
continuous possession assurance
engine‑driven safety states
privacy‑preserving, non‑content signals
ASD solves a problem no existing technology even attempts to address:
The safety of the user during the active session — the moment harm actually occurs.
This is why ASD is a new category, not a competitor in an existing one.
Active‑Session Defense is not a prototype or concept.
It is a formally documented, academically indexed, standards‑level architecture with a complete set of technical artifacts.
ASD includes:
A timestamped, publicly published standard defining:
the architecture
the safety model
the engines
the modules
the requirements for session‑layer protection
This standard locks the field definition and establishes ASD as a first‑class safety discipline.
A comprehensive evaluation framework aligned with:
NIST SP 800‑207 (Zero Trust Architecture)
NIST SP 800‑53 (Security Controls)
NIST SP 800‑63 (Digital Identity)
NIST AI Risk Management Framework
FedRAMP / FISMA
COPPA and GDPR
Safety‑by‑Design principles
This evaluation demonstrates ASD’s readiness for federal review and enterprise adoption.
ASD is fully timestamped and academically anchored through:
OSF (10.17605/OSF.IO/GT9UC)
Zenodo (10.5281/zenodo.20083573)
ResearchGate (10.13140/RG.2.2.16702.04169)
These DOIs establish ASD as a publicly verifiable scientific field.
ASD includes:
the nine protection engines
the ten safety modules
the session‑layer inference model
the safety state system
the privacy‑first design
the full architecture diagrams and documentation
Phone Guardian Pro1 and Pro2 demonstrate that ASD is:
operational
stable
real‑world tested
multi‑device compatible
field‑validated over months of continuous use
This embodiment proves ASD is not theoretical — it is a functioning architecture.
Every parent believes their child is safe because their phone is locked.
They are wrong.
The lock screen is not protection. It is an illusion. The moment your child's phone unlocks — for any reason, in any situation — the device goes completely blind. It cannot tell if your child is safe. It cannot tell if someone else is holding it. It cannot tell if your child is scared, being pressured, or in danger. It simply trusts whoever is touching the screen.
That blind spot has a name. Security researchers call it the Possession Gap. Every smartphone your child owns has it. Every smartphone every child in America owns has it. And it has gone unaddressed for decades.
What happens inside that gap is where children are hurt.
A predator who gets a child's phone unlocked has full access — immediately, silently, completely. An abuser who pressures a child to hand over their device gets everything on it with no record of what happened. A child being groomed hands over more and more control in small steps that no parent ever sees, because the phone never sounds an alarm. The phone has no way to know. It was never designed to know.
The technology that was supposed to protect our children was only ever designed to protect data.
Nobody built protection for the child.
Until now.
Active Session Defense (ASD) is the first safety architecture ever designed to protect the person holding the device — not just the data on it.
ASD watches how a session behaves. Not what is being said. Not what messages are sent. Not what content is accessed. It watches the patterns — the timing, the rhythm, the behavioral signals that change when a child is afraid, when someone else has taken the phone, when something is wrong.
Fear changes how a child touches a screen. Coercion changes how decisions get made. Hostile possession changes how a device gets navigated. Grooming changes compliance patterns over time.
These signals are detectable. They are detectable without reading a single message. They are detectable in real time. And detecting them — silently, privately, without the child needing to ask for help — is exactly what ASD was built to do.
ASD does not read your child's messages. It does not surveil your child. It does not build profiles or store behavioral data. It watches the session the way a trained eye watches a room — not listening to every conversation, but knowing immediately when something is wrong.
This is what protection looks like when it is built for people instead of data.
This architecture exists because of a real child.
Hailey Busbee was an Indiana teenager. Her phone was on. It was unlocked. The technology that should have protected her had a gap it could not see past — and no one was warned until it was too late.
ASD was built so that gap never claims another child.
Active Session Defense is formally published and academically documented. It is not a product waiting to be built. It is a working, tested, timestamped architecture with a verifiable public record — built by a father raising three children, who refused to accept that the technology protecting his kids had a blind spot nobody was fixing.
OSF: osf.io/gr9uc Zenodo: DOI: 10.5281/zenodo.20083573 ResearchGate: DOI: 10.13140/RG.2.2.16702.04169
The work is real. The need is urgent. The gap is open right now on every child's phone in America.
ASD exists to close it.
Closing the safety gap that begins the moment a device is unlocked.
ASD is a new field of mobile safety science — the first architecture designed to protect people, not just data, during active device sessions. No content scanning. No surveillance. Real-time protection that works silently in the background.
Every smartphone has a blind spot.
Your phone protects itself with a lock screen. A fingerprint. A face scan. A PIN.
But the moment it unlocks — it trusts whoever is holding it. Completely. For as long as the screen stays on.
It doesn't matter if someone else took it. It doesn't matter if your child is being pressured. It doesn't matter if a session is happening under coercion or threat. Once unlocked, the phone sees no difference between safety and danger.
Security researchers call this the Possession Gap. Every smartphone on the market has it. And until now, no architecture existed to close it.
The breakthrough: safety states leak through sessions.
Every harm state a person can experience while holding a device produces a detectable change in how that session behaves.
Fear changes interaction rhythm. Coercion changes decision-making patterns. Hostile possession changes navigation behavior. Grooming changes compliance signals. Duress changes timing and motor control.
These signals appear even when messages look completely normal. They are detectable without reading content. They are detectable in real time.
That insight is the foundation of Active-Session Safety Science — and ASD is its first architecture.
ASD is a formally documented, academically published safety architecture that operates at the session layer of mobile devices. It uses AI-mediated behavioral pattern reasoning — not content scanning — to detect harm states as they happen.
ASD does not read messages. It does not analyze content. It does not build persistent profiles. It does not surveil. It watches how a session behaves, compares it to what safety looks like, and acts when the patterns say something is wrong.
The architecture consists of nine protection engines, ten safety modules, and a privacy-first design that aligns with NIST Zero Trust (SP 800-207), NIST SP 800-53, FedRAMP, COPPA, and GDPR.
ASD is not a product. It is a publicly documented, academically indexed field — with a working implementation called Phone Guardian that proves the science works.
ASD is designed for the people that existing safety technology has failed.
Children and teenagers whose phones offer no protection after unlock. Adults in coercive or abusive relationships whose devices are used as instruments of control. Domestic violence survivors who need silent, non-revealing protection. Individuals in high-risk situations where asking for help isn't safe. Families who want meaningful digital protection without surveillance. Federal and enterprise environments where session-level Zero Trust enforcement is required.
ASD protects people — not content.
One Indiana teenager. One active phone. No warning sent to anyone.
Hailey Busbee's story is the reason this architecture exists. Her phone was on. It was unlocked. And the technology that should have protected her had a gap it couldn't see past.
ASD was built to close that gap — so that no family has to learn about the Possession Gap after it's too late.
Formally Published. Timestamped. Indexed.
ASD is not a concept waiting to be proven. It is a documented, published, academically anchored field with a verifiable record of development.
OSF: osf.io/gr9uc — DOI: 10.17605/OSF.IO/GT9UC Zenodo: DOI: 10.5281/zenodo.20083573 ResearchGate: DOI: 10.13140/RG.2.2.16702.04169
Supporting documentation includes a Technical Standard (ASD-TS-2026-001), a Category Lock Packet locking the field definition, a complete Engines of Protection framework, and a comprehensive Safety Evaluation (ASD-SEV-001) aligned with federal acquisition standards.
ASD's architecture formally aligns with:
NIST SP 800-207 — Zero Trust Architecture NIST SP 800-53 — Security Controls NIST SP 800-63 — Digital Identity NIST AI Risk Management Framework FedRAMP / FISMA COPPA and GDPR Privacy by Design (7 Principles) Safety by Design
A complete Safety Evaluation document is available for review by federal agencies, enterprise security organizations, and safety-tech partners.
Phone Guardian is the first operational embodiment of ASD. It demonstrates that the architecture works — not in theory, but in practice, on real devices, in real sessions, over multiple months of stable operation.
Phone Guardian Pro1 and Pro2 provide the lineage that proves ASD's real-world viability — a multi-month operational record of continuous session protection across diverse devices and environments.
Active Session Defense was created by Kurt Sparks, an Indianapolis father raising three children, who identified a gap in mobile safety technology that no existing architecture had addressed — and built the framework to close it.
ASD was not born in a lab. It was born from the specific knowledge of what it means to be responsible for people who need protection, and from the recognition that the technology meant to protect them had a fundamental flaw.
The architecture, the technical standard, the safety evaluation, the field definition — every document on this site was built from scratch, published with timestamped DOIs, and placed in the public record so that anyone — researchers, federal agencies, engineers, or families — can verify, build on, and trust what ASD is.
Active Session Defense | Indianapolis, Indiana Founded by Kurt Sparks | Hamd Transportation LLC OSF: osf.io/gr9uc | activesessiondefense.com
ASD is an open, publicly documented safety architecture. All technical standards, field definitions, and research publications are formally indexed with DOI timestamps.
Future Research Direction
Active‑Session Defense (ASD) establishes the foundation for a broader class of behavioral‑safety science.
A next‑generation discipline — focused on cross‑session, cross‑context behavioral integrity — is currently under private development.
This future work is not part of the ASD field and remains reserved for independent research and advancement.