Mechanism for authentication of caller and callee using otoacoustic emissions

US 20080172728A1
Filed: 01/17/2007
Published: 07/17/2008
Est. Priority Date: 01/17/2007
Status: Active Grant

First Claim

Patent Images

1. A method of authenticating a caller requesting an SIP service through an SIP server, the caller using an SIP client, comprising:

at the SIP client, determining a digital otoacoustic signature of the caller;

at the SIP client, generating a client response using the digital otoacoustic signature of the caller;

sending the client response to the SIP server;

at the SIP server, determining an apparent caller from a request for the SIP service;

at the SIP server, generating an expected response using a stored digital otoacoustic signature stored in association with the apparent caller;

at the SIP server, comparing the client response with the expected response; and

if the expected response matches the client response, authenticating the caller.

View all claims

9 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and apparatus are provided for authenticating a user attempting to establish a service which uses SIP. The user registers with the SIP server by providing the digital otoacoustic signature of the user. Thereafter, when the user attempts to initiate a session through the SIP server, the SIP server sends an Authorization Request message to the SIP client of the user. The SIP client reads the user'"'"'s digital otoacoustic signature, generates a response based on the digital otoacoustic signature, and embeds the response in a second Invite message sent back to the SIP server. Meanwhile, the SIP server determines an expected response, based on the digital otoacoustic signature registered by the user. If the response provided by the SIP client matches the response expected by the SIP server, the SIP server allows establishment of the server. The invention is of particular use with IP telephony services, since end user devices used with such services are ergonomically well suited for reading of otoacoustic signatures. The invention may also be used to authenticate an intended recipient of an SIP call.

25 Citations

View as Search Results

20 Claims

1. A method of authenticating a caller requesting an SIP service through an SIP server, the caller using an SIP client, comprising:
- at the SIP client, determining a digital otoacoustic signature of the caller;
  
  at the SIP client, generating a client response using the digital otoacoustic signature of the caller;
  
  sending the client response to the SIP server;
  
  at the SIP server, determining an apparent caller from a request for the SIP service;
  
  at the SIP server, generating an expected response using a stored digital otoacoustic signature stored in association with the apparent caller;
  
  at the SIP server, comparing the client response with the expected response; and
  
  if the expected response matches the client response, authenticating the caller.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method of claim 1 wherein generating a client response comprises applying a hash function using a nonce and the digital otoacoustic signature of the caller as inputs, and wherein generating an expected response comprises applying the hash function using the nonce and the stored digital otoacoustic signature as inputs.
  - 3. The method of claim 2 further comprising sending from the SIP server to the SIP client a message requesting authentication, the message including the nonce.
  - 4. The method of claim 2 wherein generating a client response further comprises using a message body as an input to the hash function, and wherein generating an expected response further comprises using the message body as an input to the hash function.
  - 5. The method of claim 1 wherein generating a client response comprises using the digital otoacoustic signature of the caller as a seed of a random number generator, and wherein generating an expected response comprises using the stored digital otoacoustic signature as the seed of the random number generator.
  - 6. The method of claim 1 wherein determining a digital otoacoustic signature of the caller comprises transmitting a trigger signal through a speaker of an end user device, receiving a received signal through a microphone of the end user device, and generating the digital otoacoustic signature from the received signal.
  - 7. The method of claim 6 wherein the received signal is produced by echo of the trigger signal within an ear canal of the caller.
  - 8. The method of claim 1 further comprising transmitting the stored digital otoacoustic signature to the SIP server before sending the client response to the SIP server.
  - 9. The method of claim 8 further comprising generating the stored digital otoacoustic signature at the SIP client, and wherein transmitting the stored digital otoacoustic signature to the SIP server occurs when the user subscribes to an authentication service with the SIP server.
  - 10. The method of claim 9 wherein generating the stored digital otoacoustic signature at the SIP client comprises transmitting a trigger signal through a speaker of an end user device, receiving a received signal through a microphone of the end user device, and generating the stored digital otoacoustic signature from the received signal.

11. An SIP client comprising:
- an otoacoustic reader for reading a digital otoacoustic signature of a user; and
  
  an SIP module comprising;
  
  means for receiving the digital otoacoustic signature from the otoacoustic reader;
  
  means for generating a client response using the digital otoacoustic signature; and
  
  means for sending the client response to an SIP server.
- View Dependent Claims (12, 13)
- - 12. The SIP client of claim 11 further comprising means for receiving a nonce from the SIP server, and wherein the means for generating a client response comprise means for applying a hash function using the nonce and the digital otoacoustic signature as inputs.
  - 13. The SIP client of claim 12 wherein the means for generating a client response further comprise means for using a message body as an input to the hash function.

14. A method of authenticating a caller at an SIP server, comprising:
- storing a stored digital otoacoustic signature in association with an apparent caller;
  
  generating an expected response using the stored digital otoacoustic signature;
  
  receiving a client response from an SIP client attempting to establish a service connection;
  
  comparing the client response with the expected response; and
  
  authenticating the caller in the event that the client response matches the expected response.
- View Dependent Claims (15, 16)
- - 15. The method of claim 14 further comprises sending a nonce to the SIP client, and wherein generating an expected response comprises applying a hash function using the stored digital otoacoustic signature and the nonce as inputs.
  - 16. The method of claim 15 wherein generating an expected response further comprises using a message body as an input to the hash function.

17. A method of authenticating a recipient of a call through an SIP server, the recipient using an SIP client, comprising:
- at the SIP client, determining a digital otoacoustic signature of the recipient;
  
  at the SIP client, generating a client response using the digital otoacoustic signature;
  
  sending the client response to the SIP server;
  
  at the SIP server, determining an intended recipient from a request for the call received from a caller;
  
  at the SIP server, generating an expected response using a stored digital otoacoustic signature stored in association with the intended recipient;
  
  at the SIP server, comparing the client response with the expected response; and
  
  informing the caller of the result of the comparison of the expected response and the client response.
- View Dependent Claims (18, 19, 20)
- - 18. The method of claim 17 wherein generating a client response comprises applying a hash function using a nonce and the digital otoacoustic signature as inputs, and wherein generating an expected response comprises applying the hash function using the nonce and the stored digital otoacoustic signature as inputs.
  - 19. The method of claim 18 further comprising generating the nonce at the SIP server, and sending the nonce from the SIP server to the SIP client.
  - 20. The method of claim 17 wherein determining a digital otoacoustic signature of the recipient comprises transmitting a trigger signal through a speaker of an end user device, receiving a received signal through a microphone of the end user device, and generating the digital otoacoustic signature from the received signal.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
WSOU Investments, LLC (WSOU Holdings, LLC)
Original Assignee
Alcatel-Lucent SA (Nokia Corporation)
Inventors
Choyi, Vinod Kumar, Marquet, Bertrand

Granted Patent

US 8,102,838 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/7
CPC Class Codes

G06F 21/32   using biometric data, e.g. ...

G07C 9/37   using biometric data, e.g. ...

H04L 63/0861   using biometrical features,...

H04L 65/1069   Session establishment or de...

H04L 65/1104   Session initiation protocol...

Mechanism for authentication of caller and callee using otoacoustic emissions

First Claim

9 Assignments

0 Petitions

Accused Products

Abstract

25 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Mechanism for authentication of caller and callee using otoacoustic emissions

First Claim

9 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

25 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links