Secure call recording system for IP telephony

US 10,237,401 B2
Filed: 08/08/2007
Issued: 03/19/2019
Est. Priority Date: 08/08/2007
Status: Active Grant

First Claim

Patent Images

1. A communication system having a call controller for effecting call control between a plurality of endpoints coupled to a plurality of local area networks, and a call recorder for archiving voice calls between said endpoints, said communication system including a packet storage element for storing selected voice packets within voice streams for calls to be recorded, a recording decision element for identifying said selected voice packets, a connection capture element for detecting initiation and removal of voice calls between said endpoints, and a voice sensing element for extracting copies of said selected voice packets and supplying them to said packet storage element, the communication system further comprising:

means for proxying the call controller to the end points and the end points to the call controller thereby transforming respective connections between the call controller and end points into respective pairs of terminated connections, selecting and mirroring predetermined active voice streams to be recorded, and securely forwarding the mirrored voice streams to said packet storage element for archiving,wherein the means validates a registration request from the call recorder to establish a secure connection between the means and the call recorder and responds to the registration request with a message indicating a status of connected endpoints of the plurality of endpoints,wherein during a runtime, the call recorder requests or releases taps on the endpoints,wherein the means establishes a security policy with the call recorder,wherein the step of securely forwarding is based on the security policy,wherein the means receives control messages between the call controller and the endpoints and extracts and inserts internet protocol (IP) addresses and ports from and onto the control messages,wherein the means provides the endpoints with an IP address and a port on the means that serves as corresponding IP addresses and ports for the call controller,wherein the means provides the call controller with the IP address and the port for each endpoint,wherein the means stores a table that associates IP addresses and ports of the end points with IP addresses and ports of the end points supplied to the call controller, andwherein the means relays control messages to and from the call controller and the endpoints.

View all claims

14 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system for recording voice calls, comprising a plurality of endpoints, a call controller for establishing call connections between the endpoints, a storage element, and a middlebox for storing and forwarding call control packets and voice packets between the endpoints and call controller, and intercepting and forwarding predetermined voice packets to the storage element for archiving.

17 Citations

View as Search Results

37 Claims

1. A communication system having a call controller for effecting call control between a plurality of endpoints coupled to a plurality of local area networks, and a call recorder for archiving voice calls between said endpoints, said communication system including a packet storage element for storing selected voice packets within voice streams for calls to be recorded, a recording decision element for identifying said selected voice packets, a connection capture element for detecting initiation and removal of voice calls between said endpoints, and a voice sensing element for extracting copies of said selected voice packets and supplying them to said packet storage element, the communication system further comprising:
- means for proxying the call controller to the end points and the end points to the call controller thereby transforming respective connections between the call controller and end points into respective pairs of terminated connections, selecting and mirroring predetermined active voice streams to be recorded, and securely forwarding the mirrored voice streams to said packet storage element for archiving,wherein the means validates a registration request from the call recorder to establish a secure connection between the means and the call recorder and responds to the registration request with a message indicating a status of connected endpoints of the plurality of endpoints,wherein during a runtime, the call recorder requests or releases taps on the endpoints,wherein the means establishes a security policy with the call recorder,wherein the step of securely forwarding is based on the security policy,wherein the means receives control messages between the call controller and the endpoints and extracts and inserts internet protocol (IP) addresses and ports from and onto the control messages,wherein the means provides the endpoints with an IP address and a port on the means that serves as corresponding IP addresses and ports for the call controller,wherein the means provides the call controller with the IP address and the port for each endpoint,wherein the means stores a table that associates IP addresses and ports of the end points with IP addresses and ports of the end points supplied to the call controller, andwherein the means relays control messages to and from the call controller and the endpoints.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 24, 27, 30, 31, 32, 33)
- - 2. The communication system of claim 1, wherein said means is a router.
  - 3. The communication system of claim 1, wherein said means is a layer-2 switch.
  - 4. The communication system of claim 1, wherein said means is a Network Address Translator.
  - 5. The communication system of claim 1, wherein said means is a firewall.
  - 6. The communication system of claim 1, wherein said means is a dedicated server.
  - 7. The communication system of claim 1, wherein said connection capture element is incorporated within said endpoints.
  - 8. The communication system of claim 1, wherein said recording decision element is incorporated within said endpoints.
  - 9. The communication system of claim 1, wherein said voice sensing element is incorporated within said means.
  - 10. The communication system of claim 1, wherein said voice sensing element is incorporated within said call controller.
  - 11. The communication system of claim 1, wherein said voice sensing element is incorporated within said endpoints.
  - 12. The communication system of claim 1, wherein said connection capture element is incorporated within said means.
  - 13. The communication system of claim 1, wherein said connection capture element is incorporated within said call controller.
  - 14. The communication system of claim 1, wherein said packet storage element is incorporated within said means.
  - 15. The communication system of claim 1, wherein said packet storage element is incorporated within said endpoints.
  - 16. The communication system of claim 1, wherein said packet storage element is incorporated within said call controller.
  - 24. The communication system of claim 1, wherein said respective connections are secure encrypted connections.
  - 27. The communication system of claim 1, wherein said respective connections are unsecure connections.
  - 30. The communication system of claim 1, wherein the call controller is a PBX.
  - 31. The communication system of claim 1, wherein the call controller is a SIP proxy.
  - 32. The communication system of claim 1, wherein the call controller is a SIP back-to-back user agent (B2BUA).
  - 33. The communication system of claim 1, wherein the call controller is a H.323 gatekeeper.

17. A system for recording voice calls, comprising:
- a plurality of endpoints coupled to a plurality of local area networks;
  
  a call controller for establishing call connections for exchanging voice streams between said endpoints;
  
  a storage element; and
  
  a middlebox for proxying the call controller to the end points and the end points to the call controller thereby transforming respective connections between the call controller and end points into respective pairs of terminated connections, selecting and mirroring predetermined active ones of said voice streams to be recorded, and securely forwarding the mirrored voice streams to said storage element for archiving,wherein the middlebox validates a registration request from the storage element to establish a secure connection between the middlebox and the storage element and responds to the registration request with a message indicating a status of connected endpoints of the plurality of endpoints,wherein during a runtime, the storage element requests or releases taps on the endpoints,wherein the middlebox establishes a security policy with the storage element,wherein the step of securely forwarding is based on the security policy,wherein the middlebox receives control messages between the call controller and the endpoints and extracts and inserts internet protocol (IP) addresses and ports from and onto the control messages,wherein the middlebox provides the endpoints with an IP address and a port on the middlebox that serves as corresponding IP addresses and ports for the call controller,wherein the middlebox provides the call controller with the IP address and the port for each endpoint,wherein the middlebox stores a table that associates IP addresses and ports of the end points with IP addresses and ports of the end points supplied to the call controller, andwherein the middlebox relays control messages to and from the call controller and the endpoints.
- View Dependent Claims (25, 28, 34, 35, 36, 37)
- - 25. The system of claim 17, wherein said respective connections are secure encrypted connections.
  - 28. The system of claim 17, wherein said respective connections are unsecure connections.
  - 34. The system of claim 17, wherein the call controller is a PBX.
  - 35. The system of claim 17, wherein the call controller is a SIP proxy.
  - 36. The system of claim 17, wherein the call controller is a SIP back-to-back user agent (B2BUA).
  - 37. The system of claim 17, wherein the call controller is a H.323 gatekeeper.

18. A method of operating a middlebox for recording calls in a communication system having a call controller for effecting call control between a plurality of endpoints coupled to a plurality of local area networks, the method comprising:
- proxying the call controller to the end points and the end points to the call controller for transforming respective connections between the call controller and end points into respective pairs of terminated connections;
  
  selecting and mirroring predetermined active voice streams to be recorded;
  
  intercepting packets from each of the endpoints;
  
  decrypting the packets;
  
  re-encrypting the packets according to a security policy established between the middlebox and a call recorder,securely forwarding the mirrored voice streams comprising the packets to a call recording peripheral for archiving;
  
  validating a registration request from the call recorder to establish a secure connection between the middlebox and the call recorder; and
  
  responding, using the middlebox, to the registration request with a message indicating a status of connected endpoints of the plurality of endpoints,wherein during a runtime, the call recorder requests or releases taps on the endpoints,wherein the middlebox receives control messages between the call controller and the endpoints and extracts and inserts internet protocol (IP) addresses and ports from and onto the control messages,wherein the middlebox provides the endpoints with an IP address and a port on the middlebox that serves as corresponding IP addresses and ports for the call controller,wherein the middlebox provides the call controller with the IP address and the port for each endpoint,wherein the middlebox stores a table that associates IP addresses and ports of the end points with IP addresses and ports of the end points supplied to the call controller, andwherein the middlebox relays control messages to and from the call controller and the endpoints.
- View Dependent Claims (19, 20, 21, 22, 23, 26, 29)
- - 19. The method of claim 18, further comprising encrypting said mirrored voice streams prior to forwarding to said call recording peripheral.
  - 20. The method of claim 18, wherein said proxying further includes registering said call recording peripheral with a middlebox via a secure connection.
  - 21. The method of claim 20, wherein said registering includes generating a certificate request within said call recording peripheral, processing said request within said call controller and in response issuing a security certificate to said call recording peripheral, transmitting said certificate from said call recording peripheral to said middlebox, and validating said certificate within said middlebox.
  - 22. The method of claim 18, further wherein said call recording peripheral identifies said predetermined voice streams to said middlebox by issuing tap request and release commands for predetermined ones of said end points identified by respective Directory Numbers.
  - 23. The method of claim 20, wherein said middlebox notifies the call recorder when call connections are created or removed by said call controller, and notifies said call recording peripheral when voice packets start and/or stop for respective ones of said voice streams.
  - 26. The method of claim 18, wherein said respective connections are secure encrypted connections.
  - 29. The method of claim 18, wherein said respective connections are unsecure connections.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Mitel Networks Corporation
Original Assignee
Mitel Networks Corporation
Inventors
Dilkie, Ramon Jonathan Lee, Quan, Tom
Primary Examiner(s)
Najjar, Saleh
Assistant Examiner(s)
Almeida, Devin E

Application Number

US11/890,887
Publication Number

US 20090041207A1
Time in Patent Office

4,241 Days
Field of Search
US Class Current
CPC Class Codes

H04L 65/1083   In-session procedures

H04M 3/42221   Conversation recording syst...

H04M 3/5175   Call or contact centers sup...

H04M 7/006   Networks other than PSTN/IS...

Secure call recording system for IP telephony

First Claim

14 Assignments

0 Petitions

Accused Products

Abstract

17 Citations

37 Claims

Specification

Solutions

Use Cases

Quick Links

Secure call recording system for IP telephony

First Claim

14 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

17 Citations

37 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links