Network service access control

US 10,015,671 B2
Filed: 01/19/2016
Issued: 07/03/2018
Est. Priority Date: 01/19/2016
Status: Active Grant

First Claim

Patent Images

1. A telecommunications network, comprising:

a home subscriber server (HSS);

an authorization server that is different from the HSS; and

an anchoring network device communicatively connectable with user equipment, wherein the anchoring network device is configured to;

receive from the user equipment a first service message associated with a communication session, the first service message including information of a first session attribute;

determine identification information of the user equipment, wherein the user equipment is associated with a first party of one or more parties of the communication session and the identification information identifies a visited network in which the user equipment is roaming;

retrieve authorization information corresponding to the identification information from the authorization server;

in response to the authorization information indicating the first session attribute is not permitted, determine a second session attribute different from the first session attribute based at least in part on the first session attribute;

determine a second service message including information of the second session attribute; and

transmit the second service message to one or more parties of the telecommunication session via a communications interface of the anchoring network device.

View all claims

5 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In some implementations, a telecommunications network can include an anchoring network device. The anchoring network device can receive, from a first party of a communication session, a service message including information of a first session attribute and associated with identification information of a party of the communication session. The anchoring network device can retrieve, from an authorization registry, authorization information corresponding to the identification information. In response to the authorization information indicating the first capability is not permitted, the anchoring network device can determine a status message based at least in part on the service message and transmit the status message via a communications interface. The status message can include a service-failure message or a second service message including information of a second, different session attribute.

66 Citations

View as Search Results

14 Claims

1. A telecommunications network, comprising:
- a home subscriber server (HSS);
  
  an authorization server that is different from the HSS; and
  
  an anchoring network device communicatively connectable with user equipment, wherein the anchoring network device is configured to;
  
  receive from the user equipment a first service message associated with a communication session, the first service message including information of a first session attribute;
  
  determine identification information of the user equipment, wherein the user equipment is associated with a first party of one or more parties of the communication session and the identification information identifies a visited network in which the user equipment is roaming;
  
  retrieve authorization information corresponding to the identification information from the authorization server;
  
  in response to the authorization information indicating the first session attribute is not permitted, determine a second session attribute different from the first session attribute based at least in part on the first session attribute;
  
  determine a second service message including information of the second session attribute; and
  
  transmit the second service message to one or more parties of the telecommunication session via a communications interface of the anchoring network device.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
- - 2. The telecommunications network of claim 1, wherein the first session attribute and the second session attribute comprise respective capabilities.
  - 3. The telecommunications network of claim 2, wherein the first session attribute is a video capability and the second session attribute is an audio capability.
  - 4. The telecommunications network of claim 1, wherein the first session attribute comprises a first set of one or more parties, and the second session attribute comprises a second set of one or more parties including fewer than all of the parties in the first set of one or more parties.
  - 5. The telecommunications network of claim 1, wherein the first session attribute and the second session attribute comprise respective protocols.
  - 6. The telecommunications network of claim 1, wherein the user equipment is associated with the first party of the telecommunication session and the one or more parties includes a second party different from the first party.
  - 7. The telecommunications network of claim 1, wherein the anchoring network device comprises a Rich Communication Suite (RCS) anchoring network device.
  - 8. The telecommunications network of claim 5, wherein the first session attribute comprises a Rich Communication Suite (RCS) protocol and the second session attribute comprises at least one of a Short Message Service (SMS) protocol or a Multimedia Message Service (MIMS) protocol.
  - 9. The telecommunications network of claim 1, wherein the anchoring network device is further configured to extract or derive the identification information from a P-Visited-Network-ID header of a Session Initiation Protocol (SIP) request.
  - 10. The telecommunications network according to claim 9, wherein the anchoring network device is further configured to receive the identification information via Lightweight Directory Access Protocol (LDAP) or Simple Object Access Protocol (SOAP) over Hypertext Transfer Protocol (HTTP).
  - 11. The telecommunications network according to claim 1, wherein the anchoring network device is further configured to, before retrieving the authorization information:
    - receive, from the HSS, service-access information associated with the first party; and
      
      determine that the first service attribute is permitted in the communication session.
  - 12. The telecommunications network according to claim 1, wherein the identification information further identifies a mobile virtual network operator (MVNO) associated with the user equipment.
  - 13. The telecommunications network according to claim 1, wherein the authorization server comprises a computer-readable memory and is configured to:
    - receive a modification instruction via a communications interface of the authorization server; and
      
      in response, modify a mapping between identification information and authorization information stored in the computer-readable memory.

14. A method comprising, by a processor of an anchoring network device of a telecommunications network:
- receiving, from user equipment of a telecommunications network, a first service message associated with a communication session, the first service message including information of a first session attribute;
  
  determining identification information of the user equipment, wherein the user equipment is associated with a first party of one or more parties of the communication session and the identification information identifies a visited network in which the user equipment is roaming;
  
  retrieving authorization information corresponding to the identification information from the authorization server;
  
  in response to the authorization information indicating the first session attribute is not permitted, determining a second session attribute different from the first session attribute based at least in part on the first session attribute;
  
  determining a second service message including information of the second session attribute; and
  
  transmitting the second service message to one or more parties of the telecommunication session via a communications interface of the anchoring network device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
T-Mobile USA, Inc. (Deutsche Telekom AG)
Original Assignee
T-Mobile USA, Inc. (Deutsche Telekom AG)
Inventors
Zaifuddin, Sabuhi Kiran, Mufti, Shujaur
Primary Examiner(s)
Taylor, Barry W

Application Number

US15/000,269
Publication Number

US 20170208462A1
Time in Patent Office

896 Days
Field of Search
US Class Current
CPC Class Codes

H04L 41/0668   by dynamic selection of rec...

H04L 65/1016   IP multimedia subsystem [IMS]

H04L 65/1069   Session establishment or de...

H04L 65/1083   In-session procedures

H04L 65/1094   Inter-user-equipment sessio...

H04L 65/1096   Supplementary features, e.g...

H04L 65/1104   Session initiation protocol...

H04L 65/403   Arrangements for multi-part...

H04W 12/033   of the user plane, e.g. use...

H04W 12/08   Access security

H04W 12/122   Counter-measures against at...

H04W 76/12   Setup of transport tunnels

Network service access control

First Claim

5 Assignments

0 Petitions

Accused Products

Abstract

66 Citations

14 Claims

Specification

Use Cases

Quick Links

Others

Network service access control

First Claim

5 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

66 Citations

14 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others