Pre-authenticated calling for voice applications

US 8,695,074 B2
Filed: 04/26/2007
Issued: 04/08/2014
Est. Priority Date: 04/26/2007
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented authentication system, comprising:

an IP-based capable phone for enabling communications between a user and a party at a destination;

a pre-authentication module for utilizing pre-authenticated credentials available from a communications server, to replace information that would otherwise be gathered from the user via a dialog, to enable automatic authentications with subsequent components instead of requiring user interaction for authentication;

a trust component of the pre-authentication module for receiving the pre-authenticated credentials from the communications server to enable the user to authenticate and obtain access to the phone without a log-in process, the pre-authenticated credentials are received via a media session protocol, which is a session initiation protocol (SIP), the pre-authenticated credentials have been authenticated to provide a basis for communicating trust and include at least one of a device identity data or user identity data;

an application component comprising at least one application of at least one system for providing an application service of the phone that is exposed based on the pre-authenticated credentials, the application service facilitates communications between the user and the destination; and

a microprocessor that executes computer-executable instructions in a memory associated with at least one of the phone, the pre-authentication module, the trust component, or the application component.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Architecture for providing pre-authenticated information from an endpoint for subsequently authenticating a device and/or user associated with the previously-authenticated information. A pre-authentication module of the architecture can be a trust component as part of an application that facilitates the utilization of user information and/or endpoint information in a media session protocol message to replace information that would otherwise be gathered via a dialog. In the context of IP-based voice communications, a call can be made from a client that is pre-authenticable, and no longer requires that an IP-based telephone interact with the phone user to facilitate sign-on.

214 Citations

20 Claims

1. A computer-implemented authentication system, comprising:
- an IP-based capable phone for enabling communications between a user and a party at a destination;
  
  a pre-authentication module for utilizing pre-authenticated credentials available from a communications server, to replace information that would otherwise be gathered from the user via a dialog, to enable automatic authentications with subsequent components instead of requiring user interaction for authentication;
  
  a trust component of the pre-authentication module for receiving the pre-authenticated credentials from the communications server to enable the user to authenticate and obtain access to the phone without a log-in process, the pre-authenticated credentials are received via a media session protocol, which is a session initiation protocol (SIP), the pre-authenticated credentials have been authenticated to provide a basis for communicating trust and include at least one of a device identity data or user identity data;
  
  an application component comprising at least one application of at least one system for providing an application service of the phone that is exposed based on the pre-authenticated credentials, the application service facilitates communications between the user and the destination; and
  
  a microprocessor that executes computer-executable instructions in a memory associated with at least one of the phone, the pre-authentication module, the trust component, or the application component.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 19, 20)
- - 2. The system of claim 1, wherein the application service facilitates voice communications between a mobile device and the communications server.
  - 3. The system of claim 1, wherein the pre-authenticated credentials include a level of permission related to a type of the application service that is provided by the application component.
  - 4. The system of claim 1, wherein the trusted entity receives thepre-authenticated credentials from another trusted entity.
  - 5. The system of claim 1, further comprising a permissionscomponent for selecting the application service from one or more applications based on a permission associated with the pre-authenticated credentials.
  - 6. The system of claim 1, wherein the trust component and theapplication component are of a client that receives the pre-authenticated credentials for connecting an IP-based phone call via the client to a remote destination.
  - 7. The system of claim 1, further comprising a machine learning and reasoning component that employs a probabilistic and/or statistical-based analysis to prognose or infer an action that is desired to be automatically performed.
  - 8. The system of claim 1, wherein the pre-authenticated credentials include user profile information that defines a quality-of-service for communicating with a destination device.
  - 19. The system of claim 1, wherein the client and an associated trusted entity are parts of respective voice-over-IP communications devices.
  - 20. The system of claim 1, wherein the authenticated credentials include personality information that changes how the client, which is an automated attendant, interacts with a user.

9. A computer-implemented method of authentication processing, comprising acts of:
- creating a pre-authentication module that facilitates the utilization of user information and/or endpoint information in media protocol messages to replace information that would otherwise be gathered from the user via a dialog, wherein creating the pre-authentication module comprises,authenticating a trusted entity of a user for communications services at a remote location; and
  
  generating pre-authenticated credentials for the communications services at the remote location for the trusted entity;
  
  associating user profile information with the credentials of the trusted entity to produce pre-authenticated credentials for enabling automatic authentications with subsequent components instead of requiring user interaction for authentication, wherein the method further comprises,employing the pre-authentication module to utilize pre-authenticated credentials to enable automatic authentications with subsequent components instead of requiring user interaction for authentication, the pre-authenticated credentials are communicated via a media session protocol, which is session initiation protocol (SIP), wherein employing the pre-authentication module comprises;
  
  receiving a request for the communications services from a client of the user;
  
  transmitting the pre-authenticated credentials and profile information to the client from the remote location based on authentication of the trusted entity;
  
  processing the pre-authenticated credentials and profile information at the client to expose trusted entity functionality for the benefit of the client; and
  
  enabling the communications services for the client based on the pre-authenticated credentials; and
  
  utilizing a microprocessor that executes instructions stored in memory to perform at least one of the acts of authentication, generating, associating, receiving, transmitting, processing, or enabling.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16, 17)
- - 10. The method of claim 9, further comprising accessing the remote location via a web interface, which remote location is a network-based middle-tier communications server that processes SIP-based communications from the trusted entity.
  - 11. The method of claim 9, wherein the trusted entity and the client are parts of respective voice-over-IP communications devices.
  - 12. The method of claim 9, further comprising including personality information in the authenticated credentials that changes how the client, which is an automated attendant, interacts with a user.
  - 13. The method of claim 9, further comprising employing more-recently-used information based on the authenticated credentials to present information to the user for selection.
  - 14. The method of claim 9, further comprisingcontrolling quality-of-service parameters for the client based on the authenticated credentials.
  - 15. The method of claim 9, further comprising automatically exposing functionality of a personal virtual assistant based on the authenticated credentials, the functionality exposed based on knowledge of a contact list or buddy list.
  - 16. The method of claim 9, further comprising selecting services from different applications of the trusted entity based on the authenticated credentials and providing the selected services for communications by the client.
  - 17. The method of claim 9, further comprising learning and reasoning about client or user interactive behavior and automating presentation of information to the user based thereon.

18. A computer-implemented authentication system, comprising:
- an IP-based capable phone for enabling communications between a user and a party at a destination;
  
  a pre-authentication module for maintaining pre-authenticated credentials, available from a trusted entity to replace information that would otherwise be gathered from the user via a dialog, to enable automatic authentications with subsequent components instead of requiring user interaction for authentication, the pre-authenticated credentials are receive via a media session protocol, which is session initiation protocol (SIP), the pre-authentication module comprising multiple sources of credential information of the user, the sources include at least one of;
  
  an authentication component at the trusted entity via which the user of a client system had previously authenticated, for creation of the pre-authenticated credentials;
  
  speaker verification for creating the pre-authenticated credentials at the trusted entity and making available the pre-authenticated credentials;
  
  orPIN-based verification for creating the pre-authenticated credentials at the trusted entity and making available the pre-authenticated credentials;
  
  a trust component for receiving and processing the credential information and outputting validation of a user identity;
  
  an application component for receiving the validation and treating a user communication session as authenticated and providing an application service; and
  
  a microprocessor that executes computer-executable instructions in a memory associated with at least one of the phone, the pre-authentication, the trust component, or the application component.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Saraf, Tal, Pall, Gurdeep Singh, Ramakrishna, Anand
Primary Examiner(s)
Lagor, Alexander

Application Number

US11/789,846
Publication Number

US 20080271126A1
Time in Patent Office

2,539 Days
Field of Search

713/155, 713/156, 726/8
US Class Current

726/8
CPC Class Codes

G06F 21/41   where a single sign-on prov...

H04L 63/08   for authentication of entit...

H04L 63/0815   providing single-sign-on or...

H04L 65/1104   Session initiation protocol...

H04W 12/062   Pre-authentication

Pre-authenticated calling for voice applications

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

214 Citations

20 Claims

Specification

Use Cases

Quick Links

Others

Pre-authenticated calling for voice applications

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

214 Citations

20 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others