Method and system for communication access restriction

US 5,901,284 A
Filed: 06/19/1996
Issued: 05/04/1999
Est. Priority Date: 06/19/1996
Status: Expired due to Fees

First Claim

Patent Images

1. A network-based telecommunications system for restricting the dial-in access to a resource of a subscriber to only a communication from an authorized user of said resource, comprising:

a. a plurality of network switches;

b. a network authentication unit functionally connected to each of said plurality of network switches;

c. said each of said plurality of network switches being operativeto receive a communication directed to said resource of said subscriber,to pause in the network processing of said communication prior to connecting said communication to the terminating equipment associated with said resource of said subscriber to issue a silent prompt,to receive a calling party passcode in response to said silent prompt, andto make a request of said network authentication unit for processing information with respect to said communication;

d. said network authentication unit being responsive to said request from a network switch of said plurality of network switchesto generate a selected unit passcode, said selected unit passcode being one of a plurality of passcodes that are periodically generated by said network authentication unit,to make a determination as to whether said calling party passcode was generated in synchronicity with said selected unit passcode, and based on said determinationto provide said processing information with respect to said communication to said network switch; and

e. said network switch being further operative in response to receipt of said processing information to continue said network processing of said communication.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A network-based telecommunications system and method that restricts the dial-in access to a resource of a subscriber to only a communication from an authorized user of the resource. A switch receives a communication directed to a subscriber from a calling party. Prior to connecting the communication to the terminating equipment associated with the subscriber, the switch requests processing information. An authentication unit determines whether the calling party is an authorized user by checking whether a passcode provided by the calling party corresponds to a passcode being held by the authentication unit. If the passcode corresponds, then the authentication unit identifies the calling party as an authorized user, and the communication then may be connected to the terminating equipment of the subscriber. If the passcode fails to correspond, then the authentication unit fails to identify the calling party as an authorized user. The communication is not connected to the terminating equipment of the subscriber.

134 Citations

25 Claims

1. A network-based telecommunications system for restricting the dial-in access to a resource of a subscriber to only a communication from an authorized user of said resource, comprising:
- a. a plurality of network switches;
  
  b. a network authentication unit functionally connected to each of said plurality of network switches;
  
  c. said each of said plurality of network switches being operativeto receive a communication directed to said resource of said subscriber,to pause in the network processing of said communication prior to connecting said communication to the terminating equipment associated with said resource of said subscriber to issue a silent prompt,to receive a calling party passcode in response to said silent prompt, andto make a request of said network authentication unit for processing information with respect to said communication;
  
  d. said network authentication unit being responsive to said request from a network switch of said plurality of network switchesto generate a selected unit passcode, said selected unit passcode being one of a plurality of passcodes that are periodically generated by said network authentication unit,to make a determination as to whether said calling party passcode was generated in synchronicity with said selected unit passcode, and based on said determinationto provide said processing information with respect to said communication to said network switch; and
  
  e. said network switch being further operative in response to receipt of said processing information to continue said network processing of said communication.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
- - 2. The system of claim 1, wherein said determination is that said calling party passcode was generated in synchronicity with said selected unit passcode;
    - wherein said processing information comprises connection instructions to process said communication to terminating equipment associated said resource of said subscriber; and
      
      wherein said network switch is further operative in response to receipt of said connection instructions to continue said network processing of said communication by processing said communication to said terminating equipment associated with said resource of said subscriber.
  - 3. The system of claim 1, wherein said determination is that said calling party passcode was not generated in synchronicity with said selected unit passcode;
    - wherein said processing information comprises announcement instructions; and
      
      wherein said network switch is further operative in response to receipt of said announcement instructions to provide said communication with an announcement.
  - 4. The system of claim 1, wherein said determination is that said calling party passcode was not generated in synchronicity with said selected unit passcode;
    - wherein said processing information comprises instructions not to connect said communication to said terminating equipment associated with said resource of said subscriber; and
      
      wherein said network switch is further operative in response to receipt of said instructions to not connect said communication to said terminating equipment associated with said resource of said subscriber.
  - 5. The system of claim 4, wherein said network authentication unit is operative in conjunction with said network switch to provide an audit trail with respect to said communication.
  - 6. The system of claim 5, wherein said audit trail further comprises a calling party number associated with said communication, the time of receipt of said communication, or the date of receipt of said communication.
  - 7. The system of claim 4, wherein said network authentication unit is operative in conjunction with said network switch to provide a report with respect to said communication to said subscriber, said report including information relating to said communication, said information comprising:
    - customer-controlled routing information;
      
      unauthorized attempt tracking information;
      
      a periodic usage report;
      
      ora non-authorized caller list.
  - 8. The system of claim 4, wherein said network authentication unit is operative in conjunction with said network switch to provide a real-time notification regarding said communication, said real-time notification providing notice of an unauthorized attempt to access said resource of said subscriber.
  - 9. The system of claim 1, wherein said network switch is further operative while pausing in said network processing of said communication to make a communication access restriction (CAR) service determination as to whether said communication is directed to a called party number that is entitled to a communication access restriction (CAR) service.
  - 10. The system of claim 9, wherein said CAR service determination is that said communication is not directed to said called party number that is entitled to said CAR service, and wherein said network switch is further operative to provide conventional network telecommunications service to said communication.
  - 11. The system of claim 1, further comprising a token that generates said calling party passcode, said calling party token being used by a user associated with said communication to provide said network switch with said calling party passcode.
  - 12. The system of claim 11, wherein said calling party passcode further comprises a personal identification number of said user;
    - wherein said network authorization unit stores a plurality of personal identification numbers; and
      
      wherein said network authorization unit is further operative to check whether said personal identification number of said user corresponds to one of said plurality of personal identification numbers.
  - 13. The system of claim 1, wherein said network authorization unit stores a plurality of authorized calling line numbers;
    - wherein said network switch is further operative to provide said network authorization unit with the calling line number associated with said communication as part of said request of said network authentication unit for said processing information; and
      
      wherein said network authorization unit is further operativeto make a comparison as to whether said calling line number corresponds to one of said plurality of authorized calling line numbers, andto provide said processing information with respect to said communication to said network switch based on said comparison.

14. In a network-based telecommunications system including a plurality of network switches with each of said plurality of network switches being functionally connected to a network authentication unit, a network method to restrict the dial-it access to a resource of a subscriber to only a communication from an authorized user of said resource, comprising the steps of:
- A. receiving a communication at a network switch of said plurality of network switches in said network-based telecommunications system for network processing of said communication from a user to terminating equipment associated with said resource of said subscriber;
  
  B. after receiving said communication, but prior to establishing a connection for said communication to said terminating equipment associated with said resource of said subscriber, causing said network switch to pause in said network processing of said communication based on a called party number associated with said communication;
  
  C. while pausing, making a determination as to whether said communication directed to said called party number is entitled to a communication access restriction (CAR) service; and
  
  D. if said determination in step C is that said communication is entitled to said CAR service, then causing said network authentication unit to provide said CAR service by;
  
  i. providing a silent prompt for a calling party passcode to said communication,ii. if said calling patty passcode is provided in response to said silent prompt, then checking whether said calling party passcode corresponds to a selected unit passcode by determining whether said calling party passcode was generated in synchronicity with said selected unit passcode, andiii. if said calling party passcode corresponds to said selected unit passcode, then continuing said network processing of said communication so as to establish said connection of said communication with said terminating equipment associated with said resource of said subscriber, whereby said authorized user is provided with said dial-in access to said resource of said subscriber.
- View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22, 23, 24)
- - 15. The method of claim 14, further comprising the step of providing conventional network telecommunications service to said communication, if said determination in step C is that said communication is not entitled to said CAR service.
  - 16. The method of claim 14, further comprising the step of providing conventional network telecommunications service to said communication, if said calling party passcode fails to be provided in response to said silent prompt provided in step D(i).
  - 17. The method of claim 14, further comprising the step of providing conventional network telecommunications service to said communication, if said calling party passcode fails to correspond to said selected unit passcode as checked in step D(ii).
  - 18. The method of claim 14, further comprising the step of generating an audit trail with respect to said communication, said audit trail comprising the calling party number associated with said communication, the time of receipt of said communication, or the date of receipt of said communication.
  - 19. The method of claim 18, further comprising the step of providing said audit trail to said subscriber.
  - 20. The method of claim 14, further comprising the step of generating a report with respect to said communication, said report including information relating to said communication, said information comprising:
    - customer-controlled routing information;
      
      unauthorized attempt tracking information;
      
      a periodic usage report;
      
      ora non-authorized caller list.
  - 21. The method of claim 14, further comprising the step of providing a real-time notification regarding said communication, said real-time notification providing notice of an unauthorized attempt to access said resource of said subscriber.
  - 22. The method of claim 14, further comprising the step ofproviding a token that generates said calling party passcode, said token being used by a user associated with said communication to provide said calling party passcode.
  - 23. The method of claim 14, wherein said calling party passcode comprises a personal identification number;
    - wherein said step of providing said CAR service further comprises the step of checking whether said personal identification number corresponds to one of said plurality of personal identification numbers; and
      
      wherein said step D(iii) of continuing said network processing if said calling party passcode corresponds to said selected unit passcode further comprises;
      
      if said personal identification number corresponds to said one of said plurality of personal identification numbers, then continuing said network processing of said communication so as to establish said connection of said communication with said terminating equipment associated with said resource of said subscriber.
  - 24. The method of claim 14, wherein said step of providing said CAR service further comprises the step of checking whether the calling line number associated with said communication corresponds to one of a plurality of authorized calling line numbers;
    - andwherein said step D(iii) of continuing said network processing if said calling party passcode corresponds to said selected unit passcode further comprises;
      
      if said calling line number associated with said communication corresponds to said one of said plurality of authorized calling line numbers, then continuing said network processing of said communication so as to establish said connection of said communication with said terminating equipment associated with said resource of said subscriber.

25. A network-based telecommunications system for restricting the dial-in access to a resource of a subscriber to only a communication from an authorized user of said resource, comprising:
- a. a token that generates a calling party passcode, said token being used by a user in association with a communication to provide said calling party passcode;
  
  b. a plurality of network switches, each network switch of said plurality of network switches being operativeto receive a communication directed to said resource of said subscriber,to pause in the network processing of said communication prior to connecting said communication to the terminating equipment associated with said resource of said subscriber to issue a silent prompt,to receive said calling party passcode from said user in connection with said communication, andto make a request for processing information with respect to said communication; and
  
  c. a network authentication unit, said network authentication unit functioning as part of said telecommunications system and functionally connected to said each network switch of said plurality of network switches, said network authentication unit including a plurality of unit passcodes, said network authentication unit being responsive to a request from said network switchto make a determination that said user is said authorized user if said calling party passcode corresponds to a selected one of said unit passcodes by checking whether said calling party passcode was generated in synchronicity with said selected unit passcode, and based on said determination,to provide said processing information with respect to said communication to said network switch, said processing information including connection instructions to connect said communication to said terminating equipment of said subscriber, whereby said authorized user is provided with said dial-in access to said resource of said subscriber.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
BellSouth Telecommunications Incorporated (AT&T, Inc.)
Original Assignee
BellSouth Corporation (AT&T, Inc.)
Inventors
Hamdy-Swink, Kathryn Anne
Primary Examiner(s)
LE, DIEU MINH T

Application Number

US08/665,823
Time in Patent Office

1,049 Days
Field of Search

395/186, 395/187.01, 395/188.01, 395/606, 395/726, 395/732, 364/286.4, 364/286.5, 340/825.31, 340/825.32, 380/4, 380/23, 380/25
US Class Current

726/5
CPC Class Codes

H04L 63/0853   using an additional device,...

H04L 9/40   Network security protocols

H04M 2203/2005   Temporarily overriding a se...

H04M 3/382   using authorisation codes o...

H04M 3/436   Arrangements for screening ...

H04Q 2213/13515   authentication, authorisati...

H04Q 2213/13526   resource management

H04Q 2213/13547   subscriber, e.g. profile, d...

H04Q 3/0029   Provisions for intelligent ...

Method and system for communication access restriction

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

134 Citations

25 Claims

Specification

Solutions

Use Cases

Quick Links

Method and system for communication access restriction

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

134 Citations

25 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links