Method and system for providing secure access to a telephone service
First Claim
1. A method of providing secure access to a service facility with a connection established through a telephone network, comprising steps of:
- receiving a call from a calling party at an authentication site;
determining at the authentication site if the calling party is authorized to access the service facility;
disconnecting the calling party from the authentication site and re-connecting the calling party to the service facility using a call set-up signaling message containing an encoded string in a field not generally used for call control purposes, if the calling party is authorized;
sending a security message containing a correlate of the encoded string to the service facility through a parallel network, if the calling party is authorized; and
correlating the security message with the call using the encoded string and the correlate of the encoded string prior to permitting access to the service at the service facility.
5 Assignments
0 Petitions
Accused Products
Abstract
A method and apparatus for authenticating calling parties prior to call connection at a service facility uses the correlation of the call with a security message received over a data network. The correlation is made possible with an encoded string inserted into a field (such as the user-to-user information (UUI) field) of a call set-up signaling message used to initiate the call, and a correlate of the encoded string inserted into the security message. The authentication is provided at an authentication site that is logically separate from the service facility. The call is first connected to the authentication site, an authentication procedure is preferably selected and customized, and then performed. A security message is generated that includes information related to the client and the encoded string. The call is then disconnected from the authentication site, and reconnected to the service facility.
17 Citations
30 Claims
-
1. A method of providing secure access to a service facility with a connection established through a telephone network, comprising steps of:
-
receiving a call from a calling party at an authentication site;
determining at the authentication site if the calling party is authorized to access the service facility;
disconnecting the calling party from the authentication site and re-connecting the calling party to the service facility using a call set-up signaling message containing an encoded string in a field not generally used for call control purposes, if the calling party is authorized;
sending a security message containing a correlate of the encoded string to the service facility through a parallel network, if the calling party is authorized; and
correlating the security message with the call using the encoded string and the correlate of the encoded string prior to permitting access to the service at the service facility. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 28, 29, 30)
-
-
16. An authentication site for controlling telephone access to a service facility, comprising:
- a first interface with a telephone network adapted to receive a call; and
a processor adapted to;
perform an authentication procedure with a calling party over a call connection path through the first interface in order to determine a security status of a calling party;
effect the re-connection of the call by sending a call set-up signaling message, containing an encoded string (ES), to the service facility, if the calling party is authorized to access the service facility; and
initiate delivery of a security message containing a correlate of the encoded string to the service facility;
wherein the access to the service facility is granted only to calls containing an encoded string corresponding with the encoded string supplied in a respective security message. - View Dependent Claims (17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27)
- a first interface with a telephone network adapted to receive a call; and
Specification