SIP signaling without constant re-authentication
First Claim
Patent Images
1. A method of authenticating SIP signaling comprising:
- in response to a first request of a client on a communication connection to initiate a voice call over the communication connection, authenticating the client and associating the client, in a record, with a first identifier for the connection included in the first request;
in response to at least one second request of the client on the connection and subsequent to the first request, forbearing from authenticating the client, wherein forbearing from authenticating the client comprises determining, based on the record, whether a second identifier for the connection included in the second request matches the first identifier and forbearing from authenticating the client in response to determining that the second identifier matches the first identifier; and
in response to a third request of the client on the connection and subsequent to the at least one second request, authenticating the client, wherein authenticating the client comprises determining, based on the record, whether a third identifier for the connection in the third request does not match the first identifier and authenticating the client in response to determining that the third identifier does not match the first identifier.
23 Assignments
0 Petitions
Accused Products
Abstract
A proxy server causes an authentication authority to authenticate a client in response to a first Session Initiation Protocol (SIP) request of the client on a connection. It does not cause the client to be authenticated in response subsequent requests on the connection as long as the underlying connection is not broken, the subsequent requests are on behalf of the same client, the client has not been removed from the system, the client'"'"'s password has not changed, a “safety net” timer has not expired, or any other policy that the server chooses to enforce. This eliminates the overhead of constant re-authentication in response to each SIP request.
-
Citations
32 Claims
-
1. A method of authenticating SIP signaling comprising:
-
in response to a first request of a client on a communication connection to initiate a voice call over the communication connection, authenticating the client and associating the client, in a record, with a first identifier for the connection included in the first request; in response to at least one second request of the client on the connection and subsequent to the first request, forbearing from authenticating the client, wherein forbearing from authenticating the client comprises determining, based on the record, whether a second identifier for the connection included in the second request matches the first identifier and forbearing from authenticating the client in response to determining that the second identifier matches the first identifier; and in response to a third request of the client on the connection and subsequent to the at least one second request, authenticating the client, wherein authenticating the client comprises determining, based on the record, whether a third identifier for the connection in the third request does not match the first identifier and authenticating the client in response to determining that the third identifier does not match the first identifier. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 15)
-
-
14. A method comprising:
-
in response to a first SIP request of a client on a communication connection with a proxy server, authenticating the client and associating the client, in a record, with a first identifier for the connection included in the first SIP request; in response to at least a second SIP request of the client on the connection and subsequent to the first SIP request, forbearing from authenticating the client, wherein forbearing from authenticating the client comprises determining, based on the record, whether a second identifier for the connection included in the second SIP request matches the first identifier and forbearing from authenticating the client in response to determining that the second identifier matches the first identifier; and in response to at least a third SIP request of the client on the connection and subsequent to the at least one second SIP request, authenticating the client, wherein authenticating the client comprises determining, based on the record, whether a third identifier for the connection in the third SIP request does not match the first identifier and authenticating the client in response to determining that the third identifier does not match the first identifier.
-
-
16. A server comprising:
-
means responsive to a first SIP invite of a client on a communication connection to initiate a voice call over the communication connection, for authenticating the client and associating the client, in a record, with a first identifier for the connection included in the first SIP invite; means responsive to at least one second SIP invite of the client on the connection and subsequent to the first SIP invite, for forbearing from authenticating the client, wherein forbearing from authenticating the client comprises determining, based on the record, whether a second identifier for the connection included in the second SIP invite matches the first identifier and forbearing from authenticating the client in response to determining that the second identifier matches the first identifier; and means responsive to a third SIP invite of the client on the connection and subsequent to the at least one second SIP invite, for authenticating the client, wherein authenticating the client comprises determining, based on the record, whether a third identifier for the connection in the third SIP invite does not match the first identifier and authenticating the client in response to determining that the third identifier does not match the first identifier. - View Dependent Claims (17)
-
-
18. An apparatus comprising:
-
a server adapted to respond to a first SIP invite of a client on a communication connection to initiate a voice call over the communication connection by authenticating the client and associating the client, in a record, with a first identifier for the connection included in the first SIP invite, adapted to respond to at least one second SIP invite of the client on the connection and subsequent to the first SIP invite by forbearing from authenticating the client, wherein forbearing from authenticating the client comprises determining, based on the record, whether a second identifier for the connection included in the second SIP invite matches the first identifier and forbearing from authenticating the client in response to determining that the second identifier matches the first identifier, and adapted to respond to a third SIP invite of the client on the connection and subsequent to the at least one second SIP invite by authenticating the client, wherein authenticating the client comprises determining, based on the record, whether a third identifier for the connection in the third SIP invite does not match the first identifier and authenticating the client in response to determining that the third identifier does not match the first identifier; and an authentication authority adapted to cooperate with the server to authenticate the client.
-
-
19. An apparatus for authenticating SIP signaling comprising:
-
a store for storing instructions; and a processor for executing the instructions; wherein the store and the processor together form a server adapted to respond to a first request of a client on a communication connection to initiate a voice call over the communication connection by authenticating the client and associating the client, in a record, with a first identifier for the connection included in the first request, to respond to at least one second request of the client on the connection and subsequent to the first request by forbearing from authenticating the client, wherein forbearing from authenticating the client comprises determining, based on the record, whether a second identifier for the connection included in the second request matches the first identifier and forbearing from authenticating the client in response to determining that the second identifier matches the first identifier, and to respond to a third request of the client on the connection and subsequent to the at least one second request by authenticating the client, wherein authenticating the client comprises determining, based on the record, whether a third identifier for the connection in the third request does not match the first identifier and authenticating the client in response to determining that the third identifier does not match the first identifier. - View Dependent Claims (20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32)
-
Specification