Mechanism for authentication of caller and callee using otoacoustic emissions
First Claim
1. A method of authenticating a caller requesting a Session Initiation Protocol (SIP) service through an SIP server, the caller using an SIP client, comprising:
- at the SIP client, determining a digital otoacoustic signature of the caller;
at the SIP client, generating a client response using the digital otoacoustic signature of the caller as a seed of a random number generator;
sending the client response to the SIP server;
at the SIP server, determining an apparent caller from a request for the SIP service;
at the SIP server, generating an expected response using a stored digital otoacoustic signature stored in association with the apparent caller as the seed of the random number generator;
at the SIP server, comparing the client response with the expected response; and
if the expected response matches the client response, authenticating the caller.
9 Assignments
0 Petitions
Accused Products
Abstract
A method and apparatus are provided for authenticating a user attempting to establish a service which uses SIP. The user registers with the SIP server by providing the digital otoacoustic signature of the user. Thereafter, when the user attempts to initiate a session through the SIP server, the SIP server sends an Authorization Request message to the SIP client of the user. The SIP client reads the user'"'"'s digital otoacoustic signature, generates a response based on the digital otoacoustic signature, and embeds the response in a second Invite message sent back to the SIP server. Meanwhile, the SIP server determines an expected response, based on the digital otoacoustic signature registered by the user. If the response provided by the SIP client matches the response expected by the SIP server, the SIP server allows establishment of the server. The invention is of particular use with IP telephony services, since end user devices used with such services are ergonomically well suited for reading of otoacoustic signatures. The invention may also be used to authenticate an intended recipient of an SIP call.
16 Citations
20 Claims
-
1. A method of authenticating a caller requesting a Session Initiation Protocol (SIP) service through an SIP server, the caller using an SIP client, comprising:
-
at the SIP client, determining a digital otoacoustic signature of the caller; at the SIP client, generating a client response using the digital otoacoustic signature of the caller as a seed of a random number generator; sending the client response to the SIP server; at the SIP server, determining an apparent caller from a request for the SIP service; at the SIP server, generating an expected response using a stored digital otoacoustic signature stored in association with the apparent caller as the seed of the random number generator; at the SIP server, comparing the client response with the expected response; and if the expected response matches the client response, authenticating the caller. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 20)
-
-
10. An SIP client comprising:
-
an otoacoustic reader for reading a digital otoacoustic signature of a user; and an SIP module comprising; means for receiving the digital otoacoustic signature from the otoacoustic reader; means for generating a client response using the digital otoacoustic signature as a seed of a random number generator; and means for sending the client response to an SIP server, wherein the SIP server compares the client response with an expected response generated using a stored digital otoacoustic signature associated with an apparent caller as the seed of the random number generator and authenticates the user in the event that the client response matches the expected response. - View Dependent Claims (11, 12)
-
-
13. A method of authenticating a caller at an SIP server, comprising:
-
storing a stored digital otoacoustic signature in association with an apparent caller; generating an expected response using the stored digital otoacoustic signature as a seed of a random number generator; receiving a client response from an SIP client attempting to establish a service connection, wherein the SIP client generated the client response using a caller'"'"'s digital otoacoustic signature as the seed of the random number generator; comparing the client response with the expected response; and authenticating the caller in the event that the client response matches the expected response. - View Dependent Claims (14, 15)
-
-
16. A method of authenticating a recipient of a call through an SIP server, the recipient using an SIP client, comprising:
-
at the SIP client, determining a digital otoacoustic signature of the recipient; at the SIP client, generating a client response using the digital otoacoustic signature as a seed of a random number generator; sending the client response to the SIP server; at the SIP server, determining an intended recipient from a request for the call received from a caller; at the SIP server, generating an expected response using a stored digital otoacoustic signature stored in association with the intended recipient as the seed of the random number generator; at the SIP server, comparing the client response with the expected response; and informing the caller of the result of the comparison of the expected response and the client response. - View Dependent Claims (17, 18, 19)
-
Specification