Method and system for providing secure communications between proxy servers in support of interdomain traversal
First Claim
1. A method for providing packetized communication services, the method comprising:
- receiving a request specifying a directory number for establishing a communication session from a first endpoint to a second endpoint, wherein the first endpoint is behind a first network address translator of a first domain, and the second endpoint is within a second domain;
communicating with a service provider network to determine, via an Electronic Number (ENUM), a network address for communicating with the second endpoint based on the directory number, to determine, via a Simple Traversal of User Datagram Protocol (STUN), existence of a second network address translator within the second domain, and to establish, via a Traversal Using Relay Network Address Translation (TURN), if the network address can be determined, a media path between the first endpoint and the second endpoint based on the network address to support the communication session;
establishing an encrypted session with a proxy server according to a cryptographic protocol to support the media path, the proxy server residing within the second domain; and
converting signaling from another proxy server associated with establishment of the communication session to a format compatible with the proxy server.
5 Assignments
0 Petitions
Accused Products
Abstract
An approach provides interdomain traversal to support packetized voice transmissions. A request is received and specifies a directory number for establishing a communication session from a first endpoint to a second endpoint. The first endpoint is behind a first network address translator of a first domain, and the second endpoint is within a second domain. A service provider network is accessed to determine a network address for communicating with the second endpoint based on the directory number, to determine existence of a second network address translator within the second domain, and to establish, if the network address can be determined, a media path between the first endpoint and the second endpoint based on the network address to support the communication session. An encrypted session is established with a proxy server according to a cryptographic protocol to support the media path. The proxy server resides within the second domain.
-
Citations
24 Claims
-
1. A method for providing packetized communication services, the method comprising:
-
receiving a request specifying a directory number for establishing a communication session from a first endpoint to a second endpoint, wherein the first endpoint is behind a first network address translator of a first domain, and the second endpoint is within a second domain; communicating with a service provider network to determine, via an Electronic Number (ENUM), a network address for communicating with the second endpoint based on the directory number, to determine, via a Simple Traversal of User Datagram Protocol (STUN), existence of a second network address translator within the second domain, and to establish, via a Traversal Using Relay Network Address Translation (TURN), if the network address can be determined, a media path between the first endpoint and the second endpoint based on the network address to support the communication session; establishing an encrypted session with a proxy server according to a cryptographic protocol to support the media path, the proxy server residing within the second domain; and converting signaling from another proxy server associated with establishment of the communication session to a format compatible with the proxy server. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A network apparatus for providing packetized communication services, the apparatus comprising:
-
a first communication interface configured to receive a request specifying a directory number for establishing a communication session from a first endpoint to a second endpoint, wherein the first endpoint is behind a first network address translator of a first domain, and the second endpoint is within a second domain; a second communication interface configured to communicate with a service provider network to determine, via an Electronic Number (ENUM), a network address for communicating with the second endpoint based on the directory number, to determine, via a Simple Traversal of User Datagram Protocol (STUN), existence of a second network address translator within the second domain, and to establish, via a Traversal Using Relay Network Address Translation (TURN), if the network address can be determined, a media path between the first endpoint and the second endpoint based on the network address to support the communication session; and a processor configured to establish an encrypted session with a proxy server according to a cryptographic protocol to support the media path, the proxy server residing within the second domain; wherein signaling is converted from another proxy server associated with establishment of the communication session to a format compatible with the proxy server. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A system for providing packetized communication services, the system comprising:
-
an address server configured to receive a request for a network address for communicating with a destination endpoint based on a directory number, wherein the directory number is specified in a call establishment request to establish a communication session from a source endpoint behind a first network address translator of a first domain, and the destination endpoint is within a second domain; an Electronic Number (ENUM) server to determine the network address; a Simple Traversal of User Datagram Protocol (STUN) server configured to support determination of existence of a second network address translator within the second domain; a Traversal Using Relay Network Address Translation (TURN) server configured to establish, if the network address can be determined, a media path between the source endpoint and the destination endpoint based on the network address to support the communication session, wherein the media path includes an encrypted session between a first proxy server residing within the first domain and a second proxy server residing within the second domain; and a gateway configured to convert signaling from the second proxy server associated with establishment of the communication session to a format compatible with the first proxy server. - View Dependent Claims (16, 17, 18)
-
-
19. A method for providing packetized communication services, the method comprising:
-
transmitting a request to a near-end proxy server for establishing a communication session with a destination endpoint, wherein the request is transmitted through a first network address translator of a first domain, and the destination endpoint is within a second domain, wherein the near-end proxy server is configured communicate with a service provider network to determine, via an Electronic Number (ENUM), a network address for communicating with the second endpoint based on the directory number, to determine, via a Simple Traversal of User Datagram Protocol (STUN), existence of a second network address translator within the second domain, and to establish, via a Traversal Using Relay Network Address Translation (TURN), if the network address can be determined, a media path with the destination endpoint based on the network address to support the communication session; establishing an encrypted session with the near-end proxy server according to a cryptographic protocol to support the media path; and converting signaling from another proxy server associated with establishment of the communication session to a format compatible with the near-end proxy server. - View Dependent Claims (20, 21, 22, 23, 24)
-
Specification