Method and apparatus for providing communications security using a remote server

US 20030018901A1
Filed: 07/23/2001
Published: 01/23/2003
Est. Priority Date: 07/23/2001
Status: Active Grant

First Claim

Patent Images

1. A method for providing communications system security, comprising:

establishing communications between a first communications device and a communications server;

generating a token in said communications server;

providing said token to said first communications device;

entering identifying information in said first communications device;

establishing communications between said first communications device and a security server;

providing said identifying information and said token to said security server;

encrypting said token in said security server;

providing said encrypted token to said first communications device;

providing said encrypted token to said communications server;

receiving said encrypted token at said communications server; and

granting said first communications device access to said communications system.

View all claims

28 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A communications system featuring a remote security server is provided. The system allows the validation of requests for access to a communications network to be performed in a centralized security server. The use of a security server allows security features to be implemented, without the need to distribute a security algorithm to individual client devices. In addition, changes to the security algorithm can easily be made, because such changes need only be made in the security server itself, and in the communications server to which access is desired. The present invention is particularly useful in connection with communication services provided as part of a private branch exchange.

13 Citations

View as Search Results

21 Claims

1. A method for providing communications system security, comprising:
- establishing communications between a first communications device and a communications server;
  
  generating a token in said communications server;
  
  providing said token to said first communications device;
  
  entering identifying information in said first communications device;
  
  establishing communications between said first communications device and a security server;
  
  providing said identifying information and said token to said security server;
  
  encrypting said token in said security server;
  
  providing said encrypted token to said first communications device;
  
  providing said encrypted token to said communications server;
  
  receiving said encrypted token at said communications server; and
  
  granting said first communications device access to said communications system.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 14, 15, 16, 17, 18, 20, 21)
- - 2. The method of claim 1, wherein said security server utilizes said identifying information as an encryption key.
  - 3. The method of claim 1, wherein said identifying information comprises at least one of a user identifier and a user password.
  - 4. The method of claim 1, wherein said step of establishing communications comprises requesting that a communications extension assigned to a second communications device be transferred to said first communications device.
  - 5. The method of claim 4, wherein said step of granting said first communications device access to said communications system comprises granting said request to transfer said communications extension to said first communications device, wherein at least a first plurality of communications features available to a user through said second communications device when said second communications device is assigned to said extension are available to a user through said first communications device when said first communications device is assigned to said extension.
  - 6. The method of claim 1, wherein said communications system comprises a private branch exchange telephony system.
  - 7. The method of claim 1, further comprising:
    - altering an encryption algorithm in said security server;
      
      altering a decryption algorithm in said communications server to correspond to said altered encryption algorithm in said security server, wherein a token passed to said security server by said first communications device and encrypted by said security server using said altered encryption algorithm and said identifying information can be decrypted by said communications server using said altered decryption algorithm.
  - 8. The method of claim 1, wherein said first communications device comprises a personal digital assistant.
  - 9. The method of claim 1, wherein said first communications device establishes communications with said communications server over a communications network comprising at least one of a wireless network, a wired network, and a switched voice data network.
  - 10. The method of claim 1, wherein said step of providing said encrypted token to said communication server is performed after said encrypted token is received at said first communications device.
  - 11. The method of claim 1, wherein said step of granting said first communications device access to said communication system comprises:
    - applying said encrypted token received at said communication server; and
      
      verifying that said decrypted token matches said encrypted token generated in said communications server.
  - 12. The method of claim 1, wherein an encryption algorithm used in connection with determining whether to grant access to said communications system is not stored in said first communications device.
  - 14. The communications system of claim 13, wherein said communications network comprises at least one of a wireless computer network, a wired computer network, an d a switched voice data network.
  - 15. The communications system of claim 13, wherein said first communications device comprises at least one of a soft telephone and a hard telephone.
  - 16. The communications system of claim 13, wherein said first communications device comprises a personal digital assistant.
  - 17. The communications system of claim 13, wherein said first communications device is capable of providing a first set of functions provided by a second communications device comprising a hard telephone when said first communications device is granted access to said system server.
  - 18. The communications system of claim 13, wherein an encryption algorithm for use in connection with said communications system is not stored on said communications device.
  - 20. The communications system of claim 19, further comprising:
    - means for interconnecting said at least a second communications device to said means for providing communications services, wherein said at least a second communications device is operable to perform said at least a first set of communications functions, and wherein an extension assigned to said at least a second communications device is reassigned to said at least a first communications device.
  - 21. The communication system of claim 19, wherein said means for interconnecting said at least a first communications device to said means for encrypting information and to said means for providing communications services comprises a wireless communications channel.

13. A communications system providing remote security, comprising:
- a) a communications network;
  
  b) a system server, comprising;
  
  i) communication system software;
  
  ii) decryption software; and
  
  iii) a network interface interconnected to said communications network;
  
  c) a first communications device, comprising;
  
  i) communications device software;
  
  ii) a network interface interconnected to said communications network;
  
  d) a security server, comprising;
  
  i) encryption software; and
  
  ii) a network interface interconnected to said communications network,
  
  wherein said first communications device is in communication with said security server and with said system server, and wherein said first communications device is granted access to said system server in response to receipt by said system server of a token encrypted by said security server.

19. A communications system with security features remote from a communication device, comprising:
- at least a first communications device;
  
  means for encrypting information received from said at least a first communications device, wherein said means for encrypting are located remotely from said at least a first communications device;
  
  means for providing communications services to a plurality of communications devices, including said at least a first communications device and at least a second communications device; and
  
  means for interconnecting said at least a first communications device to said means for encrypting information and to said means for providing communications services, wherein said at least a first communications device is operable to perform at least a first set of communications functions.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Avaya Incorporated
Original Assignee
Avaya Incorporated
Inventors
Stevens, Matthew J., Burritt, David R.

Granted Patent

US 6,961,851 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/185
CPC Class Codes

H04L 63/04   for providing a confidentia...

H04L 63/08   for authentication of entit...

H04L 63/083   using passwords cryptograph...

Method and apparatus for providing communications security using a remote server

First Claim

28 Assignments

0 Petitions

Accused Products

Abstract

13 Citations

21 Claims

Specification

Use Cases

Quick Links

Others

Method and apparatus for providing communications security using a remote server

First Claim

28 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

13 Citations

21 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others