Method and system for multi-level secure personal profile management and access control to the enterprise multi-modal communication environment in heterogeneous convergent communication networks

US 8,406,421 B2
Filed: 05/31/2006
Issued: 03/26/2013
Est. Priority Date: 10/13/2005
Status: Active Grant

First Claim

Patent Images

1. A method of securely accessing a voice-enabled communication terminal, having certain functions associated therewith, using an Internet Protocol (IP) comprising:

receiving user authentication data, from users using secure personal authentication reader (SPAR device), from a plurality of Secure Profile Management Point (SPM) points, each of the SPM points including an IP phone and a SPAR device, the IP phone and the SPAR device of each of the plurality of the SPM points being coupled, through a voice local area network (VLAN) and a gateway, to a plurality of servers and a Multi-modal Application Platform Application (MAP) engine;

receiving a request from one of the SPAR devices;

based on the received request, the MAP engine, identifying the source of the request among the SPAR devices;

identifying the type of user authentication data received;

using an authentication server, receiving a response from the authentication server that includes one or more attributes uniquely identifying the user;

performing authentication of a user;

upon positive authentication of the user, retrieving the user profile for storage and building a telephony configuration according to the stored user profile;

transmitting to the user a list of available communication and business services according to a user'"'"'s profile and permission;

based on the authenticated user'"'"'s profile and location of the originating SPAR device and association of the SPAR device with an IP phone, publishing user-related presence information to a presence server; and

based on the authenticated user profile and user-related presence information, initiating an automated multi-modal session between the user and available and permissible business services.

View all claims

11 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and apparatus, in accordance with an embodiment of the present invention, is presented for securely accessing a voice-enabled communication terminal using Internet Protocol by performing physical authentication, performing biometric authentication, performing logical authentication, performing confirmation of a user and upon successful confirmation of the user, allowing access to the communication terminal.

Citations

16 Claims

1. A method of securely accessing a voice-enabled communication terminal, having certain functions associated therewith, using an Internet Protocol (IP) comprising:
- receiving user authentication data, from users using secure personal authentication reader (SPAR device), from a plurality of Secure Profile Management Point (SPM) points, each of the SPM points including an IP phone and a SPAR device, the IP phone and the SPAR device of each of the plurality of the SPM points being coupled, through a voice local area network (VLAN) and a gateway, to a plurality of servers and a Multi-modal Application Platform Application (MAP) engine;
  
  receiving a request from one of the SPAR devices;
  
  based on the received request, the MAP engine, identifying the source of the request among the SPAR devices;
  
  identifying the type of user authentication data received;
  
  using an authentication server, receiving a response from the authentication server that includes one or more attributes uniquely identifying the user;
  
  performing authentication of a user;
  
  upon positive authentication of the user, retrieving the user profile for storage and building a telephony configuration according to the stored user profile;
  
  transmitting to the user a list of available communication and business services according to a user'"'"'s profile and permission;
  
  based on the authenticated user'"'"'s profile and location of the originating SPAR device and association of the SPAR device with an IP phone, publishing user-related presence information to a presence server; and
  
  based on the authenticated user profile and user-related presence information, initiating an automated multi-modal session between the user and available and permissible business services.
- View Dependent Claims (2, 3, 4, 15)
- - 2. A method of securely accessing a voice-enabled communication terminal, as recited in claim 1, wherein the authentication step includes performing biometric verification of the user.
  - 3. A method of securely accessing a voice-enabled communication terminal, as recited in claim 1, further including the step of—
    - using the user profile to build functions for the IP telephone.
  - 4. A method of securely accessing a voice-enabled communication terminal, as recited in claim 1 further including encrypting authentication data for authentication of the user.
  - 15. A method of securely accessing a voice-enabled communication terminal, as recited in claim 1, wherein each user is distinctly authenticated and the MAP engine determining the authentication of an IP phone and transmitting information to the IP phone accordingly.

5. A secure service point (SSP) system comprising:
- a plurality of secure personal authentication reader (SPAR) devices, each coupled to a corresponding communication terminal, which is in communication with a network switch for performing physical authentication of a user, for performing logical authentication of the user, for performing verification of the user and upon successful confirmation of the user, allowing access to the functions of the communication terminal, using a Multi-modal Application Platform Application (MAP) engine, the MAP engine being coupled, through a voice local area network (VLAN) to a plurality of Secure Profile Management Point (SPM) points included in the SSP system, each of the SPM points including an IP phone and a SPAR device, prior to authentication of the user, receiving user authentication data, from users of the SPAR devices, the MAP engine operative to identify the source of the request among the SPAR devices and identify the type of user authentication data received, using an authentication server, a response is received that includes one or more attributes uniquely identifying the user and the user is presented with a list of available communication and business services according to a user'"'"'s profile and permission, and based on the authenticated user'"'"'s profile and location of the originating SPAR device and association of the SPAR device with an IP phone, a user-related presence information is published to a presence server, and based on the authenticated user profile and user-related presence information, an automated multi-modal session is initiated between the user and available and permissible business services.
- View Dependent Claims (6, 7, 8, 9, 10, 11, 12, 13, 14, 16)
- - 6. A SSP system, as recited in claim 5, wherein the communication terminal is an Internet Protocol (IP) telephone.
  - 7. A SSP system, as recited in claim 6, wherein the user profile includes functions for the IP telephone.
  - 8. A SSP system, as recited in claim 6, wherein the SPAR device includes any combination of a smart card reader, a biometric reader, a magnetic card or RFID.
  - 9. A SSP system, as recited in claim 6, wherein at least one IP telephone and an associated SPAR device are employed in a multi-modal service-point convergent communication system.
  - 10. A SSP system, as recited in claim 9, wherein said at least one IP telephone and an associated SPAR device are configured to dynamically determine the type of requested service from the user, and ability to execute automated multi-modal interaction session with the user.
  - 11. A SSP system, as recited in claim 9, wherein said multi-modal service-point convergent communication system includes a Customer Relationship Management (CRM) software environment for requesting and delivering relevant business services to an authenticated user through the IP telephone.
  - 12. A SSP system, as recited in claim 6, wherein at least one of the IP phones is configured according to the user profile taking into account the geographical location of the IP phone.
  - 13. A SSP system, as recited in claim 12, wherein control is exercised over call functions, media functions and data functions of those IP phones that are configured according to the user profile wherein a match of the IP phone and the user profile is made such that certain communication services are made available to the user and certain policy-based permissions are made based on the match.
  - 14. A SSP system, as recited in claim 6, wherein at least one of the IP phones is configured receive a combination of voice, data and video streams.
  - 16. A SSP system, as recited in claim 5, wherein each user is distinctly authenticated and the MAP engine determines the authentication of an IP phone and transmitting information to the IP phone accordingly.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Emc IP Holding Company LLC (Dell Technologies Inc.)
Original Assignee
Passban, Inc.
Inventors
Kamen, Vladimir, Naimi, Farzad, Alikhani, Kayvan
Primary Examiner(s)
Nawaz, Asad M
Assistant Examiner(s)
HARLEY, JASON A

Application Number

US11/444,566
Publication Number

US 20070115940A1
Time in Patent Office

2,491 Days
Field of Search

370/352
US Class Current

380/28
CPC Class Codes

H04L 2463/082   applying multi-factor authe...

H04L 63/0853   using an additional device,...

H04L 63/0861   using biometrical features,...

H04L 65/103   in the network

H04L 65/1053   IP private branch exchange ...

H04L 67/14   Session management for real...

H04L 67/142   Managing session states for...

H04L 67/146   Markers for unambiguous ide...

H04L 67/306   User profiles

H04M 1/2535   adapted for voice communica...

H04M 1/66   with means for preventing u...

H04M 7/0078   Security; Fraud detection; ...

Method and system for multi-level secure personal profile management and access control to the enterprise multi-modal communication environment in heterogeneous convergent communication networks

First Claim

11 Assignments

0 Petitions

Accused Products

Abstract

Citations

16 Claims

Specification

Solutions

Use Cases

Quick Links

Method and system for multi-level secure personal profile management and access control to the enterprise multi-modal communication environment in heterogeneous convergent communication networks

First Claim

11 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

16 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links