Method and system for providing secure credential storage to support interdomain traversal
First Claim
1. A method of providing communication services, the method comprising:
- receiving a request from a first endpoint of a first domain for establishing a communication session with a second endpoint of a second domain;
retrieving encrypted user credential information from a credentials database resident within the first domain, wherein the encrypted user credential includes a password associated with a user associated with the first endpoint; and
transmitting the encrypted user credential information to a tunneling server in response to the request, wherein the tunneling server is configured to selectively setup a tunnel to support the communication session based on the encrypted user credential information, the tunnel traversing a first firewall and a first network address translator of the first domain and a second firewall and a second network address translator of the second domain to reach the second endpoint.
5 Assignments
0 Petitions
Accused Products
Abstract
An approach provides interdomain traversal to support packetized voice transmissions. A request is received from a first endpoint of a first domain for establishing a communication session with a second endpoint of a second domain. Encrypted user credential information is retrieved from a credentials database resident within the first domain, wherein the encrypted user credential includes a password associated with a user associated with the first endpoint. Further, the encrypted user credential information is transmitted to a tunneling server in response to the request, wherein the tunneling server is configured to selectively setup a tunnel to support the communication session based on the encrypted user credential information. The tunnel traverses a first firewall and a first network address translator of the first domain and a second firewall and a second network address translator of the second domain to reach the second endpoint.
388 Citations
28 Claims
-
1. A method of providing communication services, the method comprising:
-
receiving a request from a first endpoint of a first domain for establishing a communication session with a second endpoint of a second domain;
retrieving encrypted user credential information from a credentials database resident within the first domain, wherein the encrypted user credential includes a password associated with a user associated with the first endpoint; and
transmitting the encrypted user credential information to a tunneling server in response to the request, wherein the tunneling server is configured to selectively setup a tunnel to support the communication session based on the encrypted user credential information, the tunnel traversing a first firewall and a first network address translator of the first domain and a second firewall and a second network address translator of the second domain to reach the second endpoint. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. An apparatus for providing communication services, the apparatus comprising:
-
a communication interface configured to receive a request from a first endpoint of a first domain for establishing a communication session with a second endpoint of a second domain;
a credentials database configured to store user credential information, wherein the encrypted user credential includes a password associated with a user associated with the first endpoint; and
a processor configured to retrieve the user credential information and to initiate transmission of the encrypted user credential information to a tunneling server in response to the request, wherein the tunneling server is configured to selectively setup a tunnel to support the communication session based on the encrypted user credential information, the tunnel traversing a first firewall and a first network address translator of the first domain and a second firewall and a second network address translator of the second domain to reach the second endpoint. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A method of providing communication services, the method comprising:
-
receiving a request from a proxy server communicating with a first endpoint of a first domain for establishing a communication session with a second endpoint of a second domain, wherein the proxy server is configured to store encrypted user credential information including a password associated with a user associated with the first endpoint;
receiving the encrypted user credential information; and
establishing a tunnel to support the communication session if the encrypted user credential information is valid, the tunnel traversing a first firewall and a first network address translator of the first domain and a second firewall and a second network address translator of the second domain to reach the second endpoint. - View Dependent Claims (16, 17, 18, 19, 20, 21)
-
-
22. An apparatus for providing communication services, the apparatus comprising:
-
a communications interface configured to receive a request from a proxy server communicating with a first endpoint of a first domain for establishing a communication session with a second endpoint of a second domain, wherein the proxy server is configured to store encrypted user credential information including a password associated with a user associated with the first endpoint, the communication interface receiving the encrypted user credential information; and
a processor coupled to the communications interface, the processor being configured to establish a tunnel to support the communication session if the encrypted user credential information is valid, the tunnel traversing a first firewall and a first network address translator of the first domain and a second firewall and a second network address translator of the second domain to reach the second endpoint. - View Dependent Claims (23, 24, 25, 26, 27, 28)
-
Specification