Call security system
First Claim
1. A communications facility connected to communications resources including at least one trunk line to receive, during a current period, calls identifying users from which the calls have ostensibly been made and requesting destinations to which connection requires respective required ones of the communications resources, the communications facility comprising:
- A) means for collecting, for each of at least one user that the calls identify, reference statistics of the user'"'"'s communications traffic during a reference period;
B) means for collecting current statistics of the at least one user'"'"'s communications traffic during the current period;
C) means for determining whether a predetermined deviation exists between the current and reference statistics for the at least one user; and
D) means for responding to a given call received during the current period and identifying the at least one user by;
i) if no more than the predetermined deviation exists between those statistics, connecting the call to the required communications resource without imposing supplemental access restrictions; and
ii) if more than the predetermined deviation exists between those statistics, imposing the supplemental access restrictions.
3 Assignments
0 Petitions
Accused Products
Abstract
A method and apparatus for reducing the vulnerability of the telecommunications system to unauthorized use that is easy to implement and that can reduce the instances of unauthorized access even during periods when telecommunications personnel are not able to give attention to the traffic on the system. The telecommunications system collects statistics of each user'"'"'s pattern of telecommunications usage. Typically, these statistics will be in the form of, say, the average number of calls per day or the average number of calls per day on given days of the week. It may also include the mean busy hour for the given days of the week. Moreover, daily averages may be taken not only for all calls but also for all calls of a particular type, e.g., of all international calls. These statistics are taken for a reference period, such as the preceding thirty days, and the corresponding quantity for the current day is also computed. If the current statistics are not excessive as compared with the reference statistics, then access to a communications resource—e.g., an outgoing trunk line—is granted to the call without any supplemental access restrictions. But if a predetermined deviation is detected between the current statistics and the reference statistics, then a supplemental restriction is placed upon the call.
83 Citations
18 Claims
-
1. A communications facility connected to communications resources including at least one trunk line to receive, during a current period, calls identifying users from which the calls have ostensibly been made and requesting destinations to which connection requires respective required ones of the communications resources, the communications facility comprising:
-
A) means for collecting, for each of at least one user that the calls identify, reference statistics of the user'"'"'s communications traffic during a reference period;
B) means for collecting current statistics of the at least one user'"'"'s communications traffic during the current period;
C) means for determining whether a predetermined deviation exists between the current and reference statistics for the at least one user; and
D) means for responding to a given call received during the current period and identifying the at least one user by;
i) if no more than the predetermined deviation exists between those statistics, connecting the call to the required communications resource without imposing supplemental access restrictions; and
ii) if more than the predetermined deviation exists between those statistics, imposing the supplemental access restrictions. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. An access-control module, adapted for connection to at least one internal, access-control line of a private branch exchange, connected to communications resources including trunk lines and the at least one access-control line, for connecting incoming calls on at least one of the trunk lines to the access-control line and for responding to destination-designating transfer signals from the access-control line by connecting the call connected thereto to a communications resource required for the destination that the transfer signal designates, the access-control module comprising:
-
A) means for receiving the calls connected by the private branch exchange to the access-control line, said calls requesting destinations to which connection requires respective required ones of the communications resources;
B) means for collecting, for each of at least one user that the calls identify as ostensibly having made them, reference statistics of the user'"'"'s communications traffic during a reference period;
C) means for collecting current statistics of the user'"'"'s communications traffic during a current period;
D) means for determining whether a predetermined deviation exists between the current and reference statistics for the at least one user; and
E) means for responding to a given call received during the current period and identifying the at least one user by;
i) if no more than the predetermined deviation exists between those statistics, sending over the access-control line to the private branch exchange transfer signals that cause the private branch exchange to transfer the given received call to the required communications resource without imposing supplemental access restrictions; and
ii) if more than the predetermined deviation exists between those statistics, imposing the supplemental access restrictions on the given received call.
-
-
16. An access-control module, adapted for connection to at least one internal, access-control line of a private branch exchange connected to communications resources including trunk lines and the at least one access-control line, for connecting incoming calls on at least one of the trunk lines to the access-control line and for responding to destination-designating transfer signals from the access-control line by connecting the call connected thereto to a communications resource required for the destination that the transfer signal designates, the access-control module comprising:
-
A) means for receiving the calls connected by the private branch exchange to the access-control line, said calls requesting destinations to which connection requires respective required ones of the communications resources; and
B) means for responding to a given call by determining, in accordance with predetermined criteria, whether to grant access to the resource required by the given call, and, if the criteria are met, sending over the access-control line to the private branch exchange transfer signals that cause the private branch exchange to transfer the given received call to the required communications resource.
-
-
17. An access-control module, adapted for connection to at least one internal, access-control line of a private branch exchange connected to communications resources including trunk lines and the at least one access-control line, for connecting incoming calls on at least one of the trunk lines to the access-control line and for responding to destination-designating transfer signals from the access-control line by connecting the call connected thereto to a communications resource required for the destination that the transfer signals designates, the access-control module comprising:
-
A) means for receiving the calls connected by the private branch exchange to the access-control line, said calls requesting destinations to which connection requires respective required ones of the communications resources;
B) means for responding to at least some received calls by sending over the access-control line to the private branch exchange transfer signals that cause the private branch exchange to transfer the given received call to the required communications resource;
C) means for collecting, for each of at least one user that the calls identify as ostensibly having made them, reference statistics of the user'"'"'s communications traffic during a reference period;
D) means for collecting current statistics of the user'"'"'s communications traffic during a current period;
E) means for determining whether a predetermined deviation between the current and reference statistics for the user that the call identifies; and
F) and means for generating, if more than the predetermined deviation exists between those statistics, an output indicating that the predetermined deviation has been exceeded.
-
-
18. For controlling connection to a communications resource required by a call received during a current period at a communications facility by way a trunk line connected to the facility, the call identifying a user from which the call has ostensibly been made, a method comprising the steps of:
-
A) collecting reference statistics of the user'"'"'s communications traffic during a reference period;
B) collecting current statistics of the user'"'"'s communications traffic during the current period;
C) receiving the call;
D) determining whether there is more than a predetermined deviation between the current and reference statistics for the user that the call identifies;
E) if no more than the predetermined deviation exists between those statistics, connecting the call to the communications resource without imposing supplemental access restrictions; and
F) if more than the predetermined deviation exists between those statistics, imposing the supplemental access restrictions.
-
Specification