Secure dial access to computer systems
First Claim
1. A method of obtaining secure authenticated telecommunications access via a communications network to a target computer comprising the steps of:
- in a processor means for authenticating access to the target computer, responsive to receipt of a call and called at a for said call over an access facility from said network, the call data comprising a number of a caller supplied by said network, testing whether the number is in a list of numbers of users authorized to access the target computer; and
if the number is in the list, connecting the call to the target computer;
responsive to receipt of said call, testing whether the number is in a reject list of the processor means; and
if the number is in the reject list, disconnecting the call;
receiving additional repeated calls and repeated call data for said additional calls, said repeated call data comprising a specific number, the specific number not being on the list of numbers authorized; and
responsive to receiving the additional repeated call data calls, adding the specific number to the reject list.
4 Assignments
0 Petitions
Accused Products
Abstract
This invention relates to a method and apparatus for making it difficult for unauthorized callers to access a target computer such as a data base for providing data to and accepting orders from agents. The caller is identified by an arrangement that is relatively secure from tampering. The caller'"'"'s telephone number is identified by Automatic Number Identification (ANI) and forwarded to an adjunct processor associated with the target computer. The ANI number is compared with a stored list of authorized ANI numbers and if there is a match, the caller is connected to the target computer. The arrangement also provides other facilities including automatic rejection of calls from a second list of ANI numbers, trapping of calls from a third list of ANI numbers and facilities for permitting authorized agents calling from unauthorized numbers to access the target computer. Advantageously, an arrangement, ANI, which is highly resistant to tampering is used for identifying the caller, thus making it very difficult for unauthorized callers to get access to the target computer.
264 Citations
14 Claims
-
1. A method of obtaining secure authenticated telecommunications access via a communications network to a target computer comprising the steps of:
-
in a processor means for authenticating access to the target computer, responsive to receipt of a call and called at a for said call over an access facility from said network, the call data comprising a number of a caller supplied by said network, testing whether the number is in a list of numbers of users authorized to access the target computer; and if the number is in the list, connecting the call to the target computer; responsive to receipt of said call, testing whether the number is in a reject list of the processor means; and if the number is in the reject list, disconnecting the call; receiving additional repeated calls and repeated call data for said additional calls, said repeated call data comprising a specific number, the specific number not being on the list of numbers authorized; and responsive to receiving the additional repeated call data calls, adding the specific number to the reject list.
-
-
2. A method of obtaining secure authenticated telecommunications access via a communications network to a target computer comprising the steps of:
-
in a processor means for authenticating access to the target computer, responsive to receipt of a call and call data for said call over an access facility from said network, the call data comprising a number of a caller supplied by said network, testing whether the number is in a list of numbers of users authorized to access the target computer; and if the number is in the list, connecting the call to the target computer; responsive to receipt of said call, testing whether the number is in a reject list of the processor means; and if the number is in the reject list, disconnecting the call; wherein the disconnecting step comprises disconnecting without returning an answer supervision signal for charging a call.
-
-
3. A method of obtaining secure authenticated telecommunications access via a communications network to a target computer comprising the steps of:
-
in a processor means for authenticating access to the target computer, responsive to receipt of a call and call data for said call over an access facility from said network, the call data comprising a number of a caller supplied by said network, testing whether the number is in a list of numbers of users authorized to access the target computer; if the number is in the list, connecting the call to the target computer; responsive to receipt of said call, testing whether the number is in a reject list of the processor means; if the number is in the reject list, disconnecting the call; and maintaining a count of a number of calls received from a number on the reject list. - View Dependent Claims (4)
-
-
5. A method of obtaining secure authenticated telecommunications access via a communications network to a target computer comprising the steps of:
-
in a processor means for authenticating access to the target computer, responsive to receipt of a call and call data for said call over an access facility from said network, the call data comprising a number of a caller supplied by said network, testing whether the number is in a list of numbers of users authorized to access the target computer; if the number is in the list, connecting the call to the target computer; responsive to receipt of another call comprising other call data including another number of another caller, testing whether said another number is in a trap list; and if the another number is in the trap list, connecting the call to trap processor means for recording information about said another caller. - View Dependent Claims (6, 7)
-
-
8. A method of obtaining secure authenticated telecommunications access via a communications network to a target computer comprising the steps of:
-
in a processor means for authenticating access to the target computer, responsive to receipt of a call and call data for said call over an access facility from said network, the call data comprising a number of a caller supplied by said network, testing whether the number is in a list of numbers authorized to access the target computer; and if the number is in the list, connecting the call to the target computer; if the number is not in the list, disconnecting the call; wherein the disconnecting step comprises disconnecting without returning an answer supervision signal for charging a call.
-
-
9. A method of obtaining secure authenticated telecommunications access to a target computer comprising the steps of:
-
in a processor means for authenticating access to the target computer, storing at least one first list of numbers of users defining a computer access treatment for members of each of the at least one first list and second lists for identifying customers of a first and second class; responsive to receipt of a call in the processor means over an access facility of a communications network, testing whether a telephone number of a caller of the call supplied by said network matches a number on said at least one first list; if no match is found, and the caller provides an identity of a customer of the first class, calling the caller back at a number associated with the caller and recorded in the second list; and if no match is found and the caller provides an identity of a customer of the second class, connecting the caller to the target computer only if the caller passes a login procedure.
-
-
10. Processor means, connected to a communications network via an integrated digital signal interface, comprising:
-
a list of caller identification numbers stored in a memory of said processor means authorized to access a computer, said processor means responsive to data received over said integrated digital signal interface comprising a signaling channel not controllable by a user for receiving a caller identification number over said signaling channel of said interface to check whether said received identification number matches an identification number in said list stored in said memory; and said processor means further responsive to determining that said received identification number matches said identification number in said list, controlling connection of an incoming call associated with said received identification number to a target computer. - View Dependent Claims (11, 12)
-
-
13. A method of obtaining secure authenticated telecommunications access via a communications network to a target computer comprising the steps of:
-
identifying a caller telephone number by automatic number identification; in a processor means for authenticating access to the target computer, responsive to receipt of a call and call data for said call over an access facility from said network, the call data comprising said caller number, testing whether said caller number is in an authorized user list, stored in memory of said processor means, comprising numbers of users authorized to access the target computer; if the number is in the authorized user list connecting the call to the target computer; testing whether the caller number is in a reject list of the processor means; if the number is in the reject list, disconnecting the call without returning an answer supervision signal for charging a call; maintaining a count of calls from callers having a number not on the authorized user list; when the count for a specific caller number exceeds a predetermined threshold, adding said specific caller number to said reject list; resting whether said caller number is in a trap list of the processor means; if the number is in the trap list, connecting the call to processor means for recording information about a connected caller; entering and deleting numbers to the authorized user list, the reject list and the trap list under the control of an administrator; recording numbers for calls to the target computer; responsive to receipt of call data for another call, wherein said data for said another call does not include a number of a caller, receiving further data from a caller of said another call identifying said caller of said another call in said processor means; and if said further data identifies an authorized user, calling said caller of said another call back at a number stored in another list of users authorized to access the target computer; wherein the list of authorized users comprises a plurality of sublists each sublist corresponding to at least one of a plurality of port groups of the target computer and wherein the connecting step comprises; if the number is in a specific one of the plurality of sublists, connecting the call to one of the ports of the at lest one of the port groups corresponding to the specific one of the plurality of sublists.
-
-
14. A method of obtaining secure authenticated telecommunications access via a communications network to a target computer comprising the steps of:
-
in a processor means for authenticating access to the target computer, responsive to receipt of a call and call data for said call over an access facility from said network, the call data comprising a number of a caller supplied by said network, testing whether the number is in a list of numbers of users authorized to access the target computer; if the number is in the list, connecting the call to the target computer; responsive to receipt of another call and called at a for said another call, wherein said call data for said another call does not include a number of a caller, receiving further data from a caller of said another call, identifying said caller of said another call; if said further data identifies an authorized user, calling said caller of said another call back at a number stored in another list of users authorized to access the target computer; and if said further data does not identify an authorized user, connecting said caller to a signal for identifying a telephone number for receiving assistance in establishing a call to said target computer.
-
Specification