Method and system for authorizing access to user information in a network

US 7,627,894 B2
Filed: 12/19/2003
Issued: 12/01/2009
Est. Priority Date: 02/04/2003
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

receiving a request at a network entity from a source for information of a user;

verifying, by the network entity, that the source is authorized to receive the information; and

generating, by the network entity, a response authorizing the request if the source is authorized to receive the information,wherein the verifying further comprises comparing the source of the request against non-barred public user identities of the user and comparing the source of the request against network entities identified in a path header contained in a previous request.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present invention is directed to a method and system for authorizing access to information of a user. The system includes a first network entity and a second network entity. The first network entity sends a request for information of a user to the second network entity. The second network entity receives the request for information of the user, verifies that the first network entity is authorized to receive the requested information, and generates a response authorizing the request if the first network entity is authorized to receive the information. The verifying may include comparing the first network entity against all non-barred public user identities of the user, comparing the first network entity against all network entities identified in a previous request, and comparing the first network entity against all application servers not belonging to third-party providers outside a network to which the user is connected.

12 Citations

View as Search Results

34 Claims

1. A method comprising:
- receiving a request at a network entity from a source for information of a user;
  
  verifying, by the network entity, that the source is authorized to receive the information; and
  
  generating, by the network entity, a response authorizing the request if the source is authorized to receive the information,wherein the verifying further comprises comparing the source of the request against non-barred public user identities of the user and comparing the source of the request against network entities identified in a path header contained in a previous request.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
- - 2. The method according to claim 1, wherein the information is registration information of the user.
  - 3. The method according to claim 1, further comprising verifying that the network entity is authorized to receive the information based on stored dynamic information at the network entity and information in the request.
  - 4. The method according to claim 1, wherein the request comprises a request for subscription to a registration state event package.
  - 5. The method according to claim 1, wherein the path header field includes proxy call session control function (P-CSCF) devices to which the user is attached.
  - 6. The method according to claim 1, the verifying further comprising comparing the source of the request against application servers not belonging to third-party providers outside a network to which the user is connected.
  - 7. The method according to claim 6, the verifying further comprising comparing the source of the request against application servers that match a user profile'"'"'s filter criteria for a register event associated with the request.
  - 8. The method according to claim 1, wherein the response further comprises user registration expiration information.
  - 9. The method according to claim 8, the user registration expiration information comprising a same value or a decreased value of second user registration expiration information contained in the request.
  - 10. The method according to claim 9, the response further comprising an expires header containing the user registration expiration information and the request comprising a second expires header containing the second user registration expiration information.
  - 11. The method according to claim 1, the response further comprising a contact header generated by the network entity, the contact header comprising an identifier that helps correlate refreshes for the request.
  - 12. The method according to claim 1, further comprising performing registration state notification procedures by the network entity after the generating of the response.
  - 13. The method according to claim 1, wherein the network entity is a serving call session control function (S-CSCF).

14. An apparatus comprising:
- a receiver configured to receive a request from a source for information of a user;
  
  a verifier configured to verify that the source is authorized to receive the information, wherein the verifier is further configured tocompare the source of the request against non-barred public user identities of the user,compare the source of the request against network entities identified in a path header contained in a previous request; and
  
  a generator configured to generate a response authorizing the request if the source is authorized to receive the information.
- View Dependent Claims (15, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27)
- - 15. The apparatus according to claim 14, wherein the apparatus comprises a serving call session control function (S-CSCF).
  - 18. The apparatus according to claim 14, wherein the information is registration information of the user.
  - 19. The apparatus according to claim 14, wherein the request comprises a request for subscription to a registration state event package.
  - 20. The apparatus according to claim 14, wherein the path header field includes proxy call session control function (P-CSCF) devices to which the user is attached.
  - 21. The apparatus according to claim 14, wherein the response further comprises user registration expiration information.
  - 22. The apparatus according to claim 21, wherein the user registration expiration information comprises a same value or a decreased value of second user registration expiration information contained in the request.
  - 23. The apparatus according to claim 22, wherein the response further comprises an expires header containing the user registration expiration information and the request comprises a second expires header containing the second user registration expiration information.
  - 24. The apparatus according to claim 14, wherein the response further comprises a contact header generated by the network entity, the contact header comprising an identifier that helps correlate refreshes for the request.
  - 25. The apparatus according to claim 14, wherein the apparatus is further configured to perform registration state notification procedures after the generating of the response.
  - 26. The apparatus according to claim 14, wherein the verifier is further configured to compare the source of the request against application servers not belonging to third-party providers outside a network to which the user is connected.
  - 27. The apparatus according to claim 14, wherein the verifier is further configured to compare the source of the request against application servers that match a filter criteria of a user profile for a register event associated with the request.

16. A system comprising:
- a first network entity, the first network entity configured to send a request for information of a user; and
  
  a second network entity, the second network entity configured to receive the request for information of the user, to verify that the first network entity is authorized to receive the requested information by comparing the source of the request against non-barred public user identities of the user and by comparing the source of the request against network entities identified in a path header contained in a previous request, and to generate a response authorizing the request if the first network entity is authorized to receive the information.
- View Dependent Claims (28, 29)
- - 28. The system according claim 16, wherein the second network entity is configured to verify that the first network entity is authorized to receive the requested information by comparing the source of the request against application servers not belonging to third-party providers outside a network to which the user is connected.
  - 29. The system according claim 16, wherein the second network entity is configured to verify that the first network entity is authorized to receive the requested information by comparing the source of the request against application servers that match a filter criteria of a user profile for a register event associated with the request.

17. An apparatus comprising:
- receiving means for receiving a request at a network entity from a source for information of a user;
  
  verifying means for verifying that the source is authorized to receive the information; and
  
  generating means for generating a response authorizing the request if the source is authorized to receive the information,wherein the verifying means further comprises comparing means for comparing the source of the request against non-barred public user identities of the user and for comparing the source of the request against network entities identified in a path header contained in a previous request.
- View Dependent Claims (30, 31)
- - 30. The apparatus according to claim 17, wherein the verifying means further comprises comparing means for comparing the source of the request against application servers not belonging to third-party providers outside a network to which the user is connected.
  - 31. The apparatus according to claim 17, wherein the verifying means further comprises comparing means for comparing the source of the request against application servers that match a filter criteria of a user profile for a register event associated with the request.

32. A computer program, stored on a computer readable medium, the computer program configured to control a processor to perform a method comprising:
- receiving a request at a network entity from a source for information of a user;
  
  verifying that the source is authorized to receive the information; and
  
  generating a response authorizing the request if the source is authorized to receive the information,wherein the verifying further comprises comparing the source of the request against non-barred public user identities of the user and comparing the source of the request against network entities identified in a path header contained in a previous request.
- View Dependent Claims (33, 34)
- - 33. The computer program according to claim 32, wherein the verifying further comprises comparing the source of the request against application servers not belonging to third-party providers outside a network to which the user is connected.
  - 34. The computer program according to claim 32, wherein the verifying further comprises comparing the source of the request against application servers that match a filter criteria of a user profile for a register event associated with the request.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Nokia Technologies Oy (Nokia Corporation)
Original Assignee
Nokia Corporation
Inventors
Tuohino, Markku, Westman, Ilkka, Kiss, Krisztian
Primary Examiner(s)
Barron, Jr.; Gilberto
Assistant Examiner(s)
D.; M.

Application Number

US10/739,138
Publication Number

US 20050071679A1
Time in Patent Office

2,174 Days
Field of Search

None
US Class Current

726/5
CPC Class Codes

H04L 63/10   for controlling access to d...

H04L 65/1016   IP multimedia subsystem [IMS]

H04L 65/1104   Session initiation protocol...

H04L 67/535   Tracking the activity of th...

H04L 67/54   Presence management, e.g. m...

H04L 69/329   in the application layer [O...

Method and system for authorizing access to user information in a network

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

12 Citations

34 Claims

Specification

Use Cases

Quick Links

Others

Method and system for authorizing access to user information in a network

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

12 Citations

34 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others