Method and apparatus to provide cryptographic identity assertion for the PSTN

US 8,953,771 B2
Filed: 11/07/2005
Issued: 02/10/2015
Est. Priority Date: 11/07/2005
Status: Active Grant

First Claim

Patent Images

1. An apparatus encoded with instructions that, if executed, result in:

receiving a first communication over a first call path that traverses a Publicly Switched Telephone Network (PSTN) and that originates from an endpoint, the first communication including a PSTN identity assertion generated by a device operating in the PSTN;

receiving a second communication over a second different call path originating from the same endpoint, wherein the second different call path extends over a packet switched network and includes a packet switched identity assertion inserted in a session initiation protocol message header by a packet switched network device, wherein the packet switched identity assertion is a session initiation protocol identity; and

authenticating the PSTN identity assertion using the packet switched identity assertion, wherein the apparatus determines if the PSTN identity assertion is false based on information from the packet switched identity assertion.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present application provides an authentication scheme that allows a device to provide additional authentication of a Publicly Switched Telephone Network (PSTN) identity assertion made in a PSTN call by also sending an Internet Protocol (IP) communication. The device sends the IP communication generally in parallel with the PSTN call. The IP communication includes a network identity assertion, which optionally may be authenticated using a cryptographically secure technique. The network identity assertion, being more difficult to falsify, provides additional authentication of the PSTN identity assertion.

30 Citations

View as Search Results

9 Claims

1. An apparatus encoded with instructions that, if executed, result in:
- receiving a first communication over a first call path that traverses a Publicly Switched Telephone Network (PSTN) and that originates from an endpoint, the first communication including a PSTN identity assertion generated by a device operating in the PSTN;
  
  receiving a second communication over a second different call path originating from the same endpoint, wherein the second different call path extends over a packet switched network and includes a packet switched identity assertion inserted in a session initiation protocol message header by a packet switched network device, wherein the packet switched identity assertion is a session initiation protocol identity; and
  
  authenticating the PSTN identity assertion using the packet switched identity assertion, wherein the apparatus determines if the PSTN identity assertion is false based on information from the packet switched identity assertion.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The apparatus of claim 1, wherein the instructions, if executed, result in:
    - sending the PSTN identity assertion from the first communication to a database that correlates phone numbers with other identities;
      
      receiving back a response from the database and extracting an identity there from; and
      
      comparing the extracted identity to the packet switched identity assertion from the second communication;
      
      wherein the PSTN identity assertion is authenticated according to a result of the comparison.
  - 3. The apparatus of claim 2, wherein the PSTN identity assertion is authenticated according to whether the comparison indicates a match.
  - 4. The apparatus of claim 2, wherein the instructions, if executed result in:
    - alerting a user of a false PSTN identity assertion in the PSTN identity assertion if the extracted identity does not match the packet switched identity assertion.
  - 5. The apparatus of claim 1, wherein the PSTN identity assertion is from a caller ID field, and wherein data taken from the caller ID field is authenticated using the packet switched identity assertion.

6. An apparatus encoded with instructions that, if executed, result in:
- receiving a first communication over a first call path that traverses a Publicly Switched Telephone Network (PSTN) and that originates from an endpoint, the first communication including a PSTN identity assertion generated by a device operating in the PSTN;
  
  receiving a second communication over a second different call path originating from the same endpoint, wherein the second different call path extends over a packet switched network and includes a packet switched identity assertion inserted into a session initiation protocol (SIP) message header by a packet switched network device, wherein the packet switched identity assertion is a SIP identity;
  
  authenticating the PSTN identity assertion using the packet switched identity assertion;
  
  sending the PSTN identity assertion from the first communication to a database that correlates phone numbers with other identities;
  
  receiving back a response from the database and extracting an identity there from;
  
  comparing the extracted identity to the packet switched identity assertion from the second communication; and
  
  initiating a Secure Real Time Protocol (SRTP)-over-PSTN communication exchange with a device associated with the packet switched identity assertion of the PSTN identity assertion is authenticated.

7. A method, comprising:
- receiving an indication that a local device has established a call originating from the local device having a first path that traverses the Publicly Switched Telephone Network (PSTN);
  
  in response to receiving the indication that the local device has established the call, generating a communication using a packet switched signaling protocol and sending the communication to a called endpoint of the call over a second different path that extends over at least one packet switched network for use by the called endpoint, wherein the second different path circumvents the PSTN;
  
  wherein the communication contains information for correlating a packet switched identity assertion included in a session initiation protocol (SIP) message header of the packet switched communication with a PSTN identity assertion included in the PSTN call, wherein the packet switched identity assertion is a SIP identity; and
  
  authenticating the PSTN identity assertion using the packet switched identity assertion, wherein an apparatus determines if the PSTN identity assertion is false based on information from the packet switched identity assertion.
- View Dependent Claims (8, 9)
- - 8. The method of claim 7, further comprising:
    - identifying a telephone number for the called endpoint and sending the identified telephone number to a remote database that associates telephone numbers with network addresses; and
      
      addressing the communication using a network address identified by the database.
  - 9. The method of claim 7, further comprising:
    - inserting the PSTN identity assertion from the call into a payload of the communication; and
      
      inserting the packet switched identity assertion in a header of the communication.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Cisco Technology, Inc. (Cisco Systems, Inc.)
Original Assignee
Cisco Technology, Inc. (Cisco Systems, Inc.)
Inventors
Wing, Daniel G.
Primary Examiner(s)
Elahee, Md S

Application Number

US11/270,017
Publication Number

US 20070121583A1
Time in Patent Office

3,382 Days
Field of Search

379/207.15, 379/142.08, 37914201-14206, 37914214-14217, 379/67.1, 379/142.07, 37922001-22102, 379/221.14, 379/272, 379/273, 370/355, 370/356, 370/392, 370/393, 370/395.32
US Class Current

379/221.01
CPC Class Codes

H04L 63/08   for authentication of entit...

H04L 63/18   using different networks or...

H04L 65/1101   Session protocols

H04L 65/1104   Session initiation protocol...

H04M 1/2535   adapted for voice communica...

H04M 2242/22   Automatic class or number i...

H04M 3/42042   Notifying the called party ...

H04M 3/42059   Making use of the calling p...

H04M 7/0024   Services and arrangements w...

Method and apparatus to provide cryptographic identity assertion for the PSTN

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

30 Citations

9 Claims

Specification

Use Cases

Quick Links

Others

Method and apparatus to provide cryptographic identity assertion for the PSTN

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

30 Citations

9 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others