Method and apparatus to provide cryptographic identity assertion for the PSTN

US 20070121583A1
Filed: 11/07/2005
Published: 05/31/2007
Est. Priority Date: 11/07/2005
Status: Active Grant

First Claim

Patent Images

1. A device to authenticate an identity assertion included in a non-packet-switched communication comprising:

a processor sending a packet-switched communication and the non-packet-switched communication to a same endpoint;

wherein the packet-switched communication authenticates the identity assertion included in the non-packet switched communication.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present application provides an authentication scheme that allows a device to provide additional authentication of a Publicly Switched Telephone Network (PSTN) identity assertion made in a PSTN call by also sending an Internet Protocol (IP) communication. The device sends the IP communication generally in parallel with the PSTN call. The IP communication includes a network identity assertion, which optionally may be authenticated using a cryptographically secure technique. The network identity assertion, being more difficult to falsify, provides additional authentication of the PSTN identity assertion.

38 Citations

View as Search Results

24 Claims

1. A device to authenticate an identity assertion included in a non-packet-switched communication comprising:
- a processor sending a packet-switched communication and the non-packet-switched communication to a same endpoint;
  
  wherein the packet-switched communication authenticates the identity assertion included in the non-packet switched communication.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The device according to claim 1 wherein the packet-switched communication includes an indication that the non-packet-switched communication was sent to the endpoint.
  - 3. The device according to claim 1 wherein the packet switched communication further includes a network identity assertion that was authenticated using a cryptographically secure technique.
  - 4. The device according to claim 1 wherein the packet-switched communication includes either an indication that the device is capable of sending Dual Tone Multi-Frequency (DTMF) tones, a request for a packet-switched media exchange or an indication that the device is capable of using Secure Real-time Transport Protocol over the Publicly Switched Telephone Network (SRTP-over-PSTN.)
  - 5. The device according to claim 1 further comprising the processor communicating with an Electronic Numbering (ENUM) database to determine network contact information for the endpoint.

6. A device to receive authentication of an identity assertion included in a non-packet-switched communication comprising:
- a processor authenticating the identity assertion included in the non-packet-switched communication using a network identity assertion included in a correlated packet-switched communication.
- View Dependent Claims (7, 8, 9)
- - 7. The device of claim 6 wherein authenticating includes the processor communicating with an Electronic Numbering (ENUM) database to determine whether the identity assertion is associated with the network identity assertion.
  - 8. The network device of claim 6 further including the processor responding to an indication that an endpoint is capable of sending Dual Tone Multi-Frequency (DTMF) tones.
  - 9. The network device of claim 8 wherein the network identity assertion is included in the “
    - From”
      
      header field of a Session Information Protocol (SIP) communication.

10. A method for authenticating an identity assertion included in a non-packet-switched communication comprising:
- sending the non-packet-switched communication including the identity assertion to an endpoint; and
  
  sending a packet-switched communication to the endpoint;
  
  wherein the packet-switched communication includes a network identity assertion that is associated with the identity assertion.
- View Dependent Claims (11, 12)
- - 11. The method of claim 10 wherein the non-packet-switched communication is sent over the Publicly Switched Telephone Network (PSTN) and the packet-switched communication is not sent over the PSTN.
  - 12. The method of claim 10 wherein the packet-switched communication includes either an indication that a device is capable of sending DMTF tones, an indication that the device is capable of making PSTN communications using Secure Real-time Transport Protocol over the Publicly Switched Telephone Network (SRTP-over-PSTN) or a request to exchange media between the device and the endpoint.

13. A method for authenticating an identity assertion included in a Publicly Switched Telephone Network (PSTN) communication comprising:
- correlating the PSTN communication with an Internet Protocol (IP) communication sent from a same endpoint; and
  
  authenticating the identity assertion included in the PSTN communication using a network identity assertion included in the IP communication.
- View Dependent Claims (14, 15, 16)
- - 14. The method of claim 13 wherein the identity assertion is included in a Caller Identification (Caller ID) or Automatic Number Identification (ANI) field.
  - 15. The method of claim 13 wherein the PSTN communication includes voice data and the IP communication does not include voice data.
  - 16. The method of claim 13 including:
    - determining that a Dual Tone Multi-Frequency (DTMF) identity assertion is needed to further specify which device sent the PSTN communication; and
      
      requesting DTMF tones to further specify which device sent the PSTN communication.

17. A system for authenticating an identity assertion included in a non-packet-switched communication comprising:
- sending both a packet-switched communication and a non-packet-switched communication to a same endpoint;
  
  wherein the non-packet-switched communication includes an identity assertion and the packet-switched communication includes a network identity assertion that is associated with the identity assertion.
- View Dependent Claims (18, 19)
- - 18. The system of claim 17 wherein the non-packet-switched communication is sent over the Publicly Switched Telephone Network (PSTN) and the packet-switched communication is not sent over the PSTN.
  - 19. The system of claim 17 wherein the packet-switched communication includes either an indication that a device is capable of sending DMTF tones, an indication that the device is capable of making PSTN communications using Secure Real-time Transport Protocol over the Publicly Switched Telephone Network (SRTP-over-PSTN) or a request to exchange media between the device and the endpoint.

20. A system for authenticating an identity assertion included in a Publicly Switched Telephone Network (PSTN) communication comprising:
- means for correlating the PSTN communication with an Internet Protocol (IP) communication sent from a same endpoint; and
  
  means for authenticating the identity assertion included in the PSTN communication using a network identity assertion included in the IP communication.
- View Dependent Claims (21, 22, 23)
- - 21. The system of claim 20 wherein the identity assertion is included in a Caller Identification (Caller ID) or Automatic Number Identification (ANI) field.
  - 22. The system of claim 20 wherein the PSTN communication includes voice data and the IP communication does not include voice data.
  - 23. The system of claim 20 including:
    - means for determining that a Dual Tone Multi-Frequency (DTMF) identity assertion is needed to further specify which device sent the PSTN communication; and
      
      means for requesting DTMF tones to further specify which device sent the PSTN communication.

24. A computer storage medium containing instructions for authenticating an identity assertion included in a non-packet-switched communication, the instructions when executed comprising:
- sending a non-packet-switched communication including an identity assertion to an endpoint; and
  
  automatically sending a packet-switched communication to the endpoint, the packet-switch communication including a network identity assertion that is associated with the identity assertion;
  
  whereby the network identity assertion authenticates the identity assertion.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Cisco Technology, Inc. (Cisco Systems, Inc.)
Original Assignee
Cisco Technology, Inc. (Cisco Systems, Inc.)
Inventors
Wing, Daniel

Granted Patent

US 8,953,771 B2
Time in Patent Office

Days
Field of Search
US Class Current

370/352
CPC Class Codes

H04L 63/08   for authentication of entit...

H04L 63/18   using different networks or...

H04L 65/1101   Session protocols

H04L 65/1104   Session initiation protocol...

H04M 1/2535   adapted for voice communica...

H04M 2242/22   Automatic class or number i...

H04M 3/42042   Notifying the called party ...

H04M 3/42059   Making use of the calling p...

H04M 7/0024   Services and arrangements w...

Method and apparatus to provide cryptographic identity assertion for the PSTN

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

38 Citations

24 Claims

Specification

Use Cases

Quick Links

Others

Method and apparatus to provide cryptographic identity assertion for the PSTN

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

38 Citations

24 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others