Method and device for implementation of a firewall application for communication data

US 7,752,319 B2
Filed: 09/10/2002
Issued: 07/06/2010
Est. Priority Date: 09/25/2001
Status: Active Grant

First Claim

Patent Images

1. A method for implementing a firewall application for communication data transmitted between terminal devices, comprising:

disposing a first terminal device and a first interworking device in a first communication network;

disposing a second terminal device and a second interworking device in a second communication network;

initiating a data connection between the first terminal device and the second terminal device;

sending data for authenticating the first terminal device from a first interworking device to a second interworking device with a known address;

authenticating, by the second interworking device, that the first terminal is authorized to communicate with the second communication network; and

in response to the first terminal being authorized;

communicating, by the second interworking device, a further address to a firewall device, the further address is selected from an address of the first terminal device and the address of a first gatekeeper connected to the first terminal device; and

activating the firewall device to allow signaling data to be sent by the first terminal device via the firewall device to the second terminal device.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In one aspect a method for implementation of a firewall application is provided, whereby, in one step of the initiation of a connection from the first to the second terminal, authentication of the first terminal is transmitted and, after successful authentication a selected address is communicated to the firewall device. In another aspect, an arrangement for carrying out the method is provided.

13 Citations

19 Claims

1. A method for implementing a firewall application for communication data transmitted between terminal devices, comprising:
- disposing a first terminal device and a first interworking device in a first communication network;
  
  disposing a second terminal device and a second interworking device in a second communication network;
  
  initiating a data connection between the first terminal device and the second terminal device;
  
  sending data for authenticating the first terminal device from a first interworking device to a second interworking device with a known address;
  
  authenticating, by the second interworking device, that the first terminal is authorized to communicate with the second communication network; and
  
  in response to the first terminal being authorized;
  
  communicating, by the second interworking device, a further address to a firewall device, the further address is selected from an address of the first terminal device and the address of a first gatekeeper connected to the first terminal device; and
  
  activating the firewall device to allow signaling data to be sent by the first terminal device via the firewall device to the second terminal device.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
- - 2. The method according to claim 1, further comprising sending the further address from the second interworking device to the first interworking device.
  - 3. The method according to claim 2, wherein the further address includes an IP address and a port number.
  - 4. The method according to claim 2, further comprising sending a call setup up message from the first terminal device to the second terminal device via the first gatekeeper, the firewall device, the second interworking device and a second gatekeeper.
  - 5. The method according to claim 4, wherein the call setup is performed by sending a SETUP message or an SIP INVITE message.
  - 6. The method according to claim 4, further comprising a confirmation message to confirm the acceptance of the call setup is sent from the second terminal device to the first terminal device by including the further address in the confirmation message.
  - 7. The method according to claim 1, further comprising sending from the second network device an activation message to the firewai1 device in order to activate the firewall device for user data.
  - 8. The method according to claim 1, wherein the authentication data is transmitted using a Private/Public Key Interface (PKI) encryption.
  - 9. The method according to claim 1, wherein the communication data is transmitted via Internet telephony or Internet multimedia connections.
  - 10. The method according to claim 2, wherein the authentication is based on the sent data and criteria stored in the second interworking device.
  - 11. The method according to claim 4, wherein the first interworking device is bypassed in sending the call setup message.
  - 12. The method according to claim 6, wherein the confirmation is embodied as an ALERT message.

13. A firewall arrangement for communication data transmitted between terminal devices, comprising:
- a firewall device disposed between a first communication network and a second communication network;
  
  a first terminal device disposed in the first communication network;
  
  a second terminal device disposed in the second communication network;
  
  a first interworking device disposed in the first communication network; and
  
  a second interworking device with a known address for;
  
  performing an authentication on the basis of authentication data transmitted by the first terminal device, wherein the authentication determines if the first terminal is authorized to communicate with the second communication network, andsending, by the second interworking device, a further address of the second terminal device to the firewall device for activating the firewall device to allow signaling data to be sent from the first terminal device to the second terminal device via the firewall device, wherein the sending is in response to the first terminal being authorized to communication with the second communication network.
- View Dependent Claims (14)
- - 14. The firewall arrangement according to claim 13, wherein an activation device for activating the firewall device is used for signaling data and/or user data.

15. A method for implementing a firewall application for communication data transmitted between terminal devices, comprising:
- disposing a first terminal device and a first interworking device in a first communication network;
  
  disposing a second terminal device and a second interworking device in a second communication network;
  
  receiving data by a second interworking device with a known address, the data for determining if the first terminal device is authorized to communicate with the second communication network;
  
  activating, by the second interworking device, the firewall device to accept signaling data from the first terminal device, the activation via a firewall control interface and in response to the first terminal being authorized to communicate with the second communication network;
  
  receiving signaling data from the first terminal device by the firewall device, the signaling data in the form of a call setup up message; and
  
  accepting the signaling data by the firewall in response to the firewall being activated to accept the signaling data by the first terminal device.
- View Dependent Claims (16, 17, 18, 19)
- - 16. The method according to claim 15, further comprising forwarding the call setup up message to the second terminal in response to the signaling data being accepted by the firewall.
  - 17. The method according to claim 16, wherein a confirmation message is sent from the second terminal device to the first terminal device.
  - 18. The method according to claim 17, further comprising activating the firewall device to accept user data from the first terminal device, the activation via the firewall control interface.
  - 19. The method according to claim 18, further comprising:
    - receiving user data from the first terminal device by the firewall device; and
      
      accepting the user data by the firewall in response to the firewall being activated to accept the user data by the first terminal device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Siemens AG
Original Assignee
Siemens AG
Inventors
Klaghofer, Karl, Muller, Harald, Totzke, Jurgen, Volkmann, Gerald
Primary Examiner(s)
Flynn, Nathan
Assistant Examiner(s)
Wasel, Mohamed

Application Number

US10/490,574
Publication Number

US 20040255035A1
Time in Patent Office

2,856 Days
Field of Search

709/227, 709/229
US Class Current

709/229
CPC Class Codes

H04L 63/029   Firewall traversal, e.g. tu...

H04L 63/0442   wherein the sending and rec...

H04L 63/08   for authentication of entit...

H04L 65/1069   Session establishment or de...

H04L 65/1101   Session protocols

H04L 65/1104   Session initiation protocol...

H04L 65/1106   Call signalling protocols; ...

Method and device for implementation of a firewall application for communication data

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

13 Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

Method and device for implementation of a firewall application for communication data

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

13 Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links