Secure placement of centralized media controller application in mobile access terminal

US 8,989,705 B1
Filed: 11/11/2011
Issued: 03/24/2015
Est. Priority Date: 06/18/2009
Status: Active Grant

First Claim

Patent Images

1. A mobile access terminal for use in an internet protocol multimedia system, comprising:

a first region of memory;

a device application stored in the first region of memory;

a second region of memory that implements a trusted security sector; and

,a centralized media controller application stored in the trusted security sector that is mated and paired with an incident internet protocol multimedia system network, authenticates the device application by proxy rather than performing authentication over the incident internet protocol multimedia system network, and provides the device application with communications connectivity with the incident internet protocol multimedia system network, wherein the centralized media controller application stored in the trusted security sector of the mobile access terminal is an extracted call session control function server application that provides a sub-set of the functionality provided by a full call session control function server application executing in the incident internet protocol multimedia system network.

View all claims

6 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A mobile access terminal (MAT) for use in an internet protocol multimedia system (IMS). The mobile access terminal comprises a first region of memory, a device application stored in the first region of memory, a second region of memory that implements a trusted security sector, and a centralized media controller application stored in the trusted security sector. The centralized media controller application is mated and paired with an incident internet protocol multimedia system network and wherein the centralized media controller application authenticates the device application and provides the device application with communications connectivity with the incident internet protocol multimedia system network.

283 Citations

20 Claims

1. A mobile access terminal for use in an internet protocol multimedia system, comprising:
- a first region of memory;
  
  a device application stored in the first region of memory;
  
  a second region of memory that implements a trusted security sector; and
  
  ,a centralized media controller application stored in the trusted security sector that is mated and paired with an incident internet protocol multimedia system network, authenticates the device application by proxy rather than performing authentication over the incident internet protocol multimedia system network, and provides the device application with communications connectivity with the incident internet protocol multimedia system network, wherein the centralized media controller application stored in the trusted security sector of the mobile access terminal is an extracted call session control function server application that provides a sub-set of the functionality provided by a full call session control function server application executing in the incident internet protocol multimedia system network.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The mobile access terminal of claim 1, wherein the first region of memory is provided in a first memory chip and the second region of memory is provided in a second memory chip.
  - 3. The mobile access terminal of claim 1, wherein the device application is a voice calling application, and wherein the centralized media controller application encapsulates a call session control function server application that provides device-to-device voice call set-up in response to a voice call origination request from the voice calling application.
  - 4. The mobile access terminal of claim 1, wherein the centralized media controller application encapsulates a proxy call session control function server application.
  - 5. The mobile access terminal of claim 4, wherein the proxy call session control function server application is an extract of a proxy call session control function server application executed by a call session control function server in the incident internet protocol multimedia system network.
  - 6. The mobile access terminal of claim 5, wherein the proxy call session control function server application encapsulated by the centralized media control application executes reduced functionality remote authentication dial in user service functions.

7. A mobile access terminal for use in an internet protocol multimedia system, comprising:
- a first memory chip;
  
  a first device application stored in the first memory chip;
  
  a second memory chip that implements a trusted security sector;
  
  a trust exchange service stored in the trusted security sector; and
  
  a centralized media controller application stored in the trusted security sector that is mated and paired with an incident internet protocol multimedia system network, receives internet protocol multimedia system access client requests from the first device application via the trust exchange service, authenticates the first device application by proxy rather than performing authentication over the incident internet protocol multimedia system network, and provides the first device application with communications connectivity with the incident internet protocol multimedia system network, wherein the centralized media controller application stored in the trusted security sector of the mobile access terminal is an extracted call session control function server application that provides a sub-set of the functionality provided by a full call session control function server application executing in the incident internet protocol multimedia system network.
- View Dependent Claims (8, 9, 10, 11, 12, 13, 14)
- - 8. The mobile access terminal of claim 7, wherein the trust exchange service encapsulates a session initiation protocol back-to-back user agent, wherein a first interface of the session initiation protocol back-to-back user agent receives a first session initiation protocol request from the first device application, the session initiation protocol back-to-back user agent reformulates the first session initiation protocol request as a second session initiation protocol request, and a second interface of the session initiation protocol back-to-back user agent transmits the second session initiation protocol request to the call session control function server application, whereby the session initiation protocol back-to-back user agent protects the call session control function server application from the first device application.
  - 9. The mobile access terminal of claim 8, whereby the session initiation protocol back-to-back user agent provides trusted session initiation protocol interactions between the first device application and the call session control function server application.
  - 10. The mobile access terminal of claim 7, wherein the centralized media controller application provides reduced functionality remote authentication dial in user service (RADIUS) functions for charging, rating, and mediation internet protocol multimedia system network operations.
  - 11. The mobile access terminal of claim 7, further comprising a near field communication transceiver, wherein the centralized media controller application receives a trigger event from the near field communication transceiver and responds to receiving a session initiation protocol invite from an incident internet protocol multimedia system network based on the trigger event.
  - 12. The mobile access terminal of claim 11, wherein the centralized media controller application responds to receiving the session invitation protocol invite by connecting a first media stream from the incident internet protocol multimedia system network to a second device application stored in the first memory chip.
  - 13. The mobile access terminal of claim 11, wherein the centralized media controller application responds to receiving the session invitation protocol invite by connecting a second media stream from a third device application stored in the first memory to another mobile access terminal via the incident internet protocol multimedia system network.
  - 14. The mobile access terminal of claim 7, wherein the trust exchange service pauses a plurality of execution threads of the mobile access terminal while handling one of the internet protocol multimedia system access client requests.

15. A method of establishing a device to device wireless voice call, comprising:
- receiving a voice call origination request by a centralized media controller application executing in a trusted security sector of a first mobile access terminal, where the called party designated by the voice call origination request is a second mobile access terminal, wherein the first mobile access terminal is coupled to a micro network;
  
  determining, by the centralized media controller application using the session initiation protocol (SIP) presence function, that the second mobile access terminal is accessible in the micro network; and
  
  establishing, by the centralized media controller application, a voice communication channel between the first mobile access terminal and the second mobile access terminal using wireless links provided by the micro network, wherein the wireless links do not involve a base transceiver station.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The method of claim 15, wherein the voice communication channel comprises a first wireless link from the first mobile access terminal to a femtocell and a second wireless link from the femtocell to the second mobile access terminal.
  - 17. The method of claim 16, wherein a voice traffic between the first mobile access terminal and the second mobile access terminal are not transmitted on a wired network.
  - 18. The method of claim 15, wherein the centralized media controller application encapsulates a call session control function server application, wherein a dialer device application executing on the first mobile access terminal outside of the trusted security sector of the first mobile access terminal sends a session initiation protocol invite message to the call session control function server application, wherein the invite message designates the second mobile access terminal, wherein the receiving the voice call origination request comprises receiving the invite message by the call session control function server application.
  - 19. The method of claim 18, wherein a session initiation protocol back-to-back user agent mediates between the dialer device application and the call session control function server application on the first mobile access terminal.
  - 20. The method of claim 15, wherein the wireless links conform with the long-term evolution (LTE) wireless communication protocol.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
T-Mobile Innovations LLC (Deutsche Telekom AG)
Original Assignee
Sprint Communications Company LP (Deutsche Telekom AG)
Inventors
Katzer, Robin D., Paczkowski, Lyle W.
Primary Examiner(s)
WYCHE, MYRON

Application Number

US13/294,177
Time in Patent Office

1,229 Days
Field of Search

370/328, 455/404.1, 455/411, 725/62
US Class Current

455/411
CPC Class Codes

H04L 63/105   Multiple levels of security

H04L 65/1016   IP multimedia subsystem [IMS]

H04M 7/006   Networks other than PSTN/IS...

H04W 12/088   using filters or firewalls

Secure placement of centralized media controller application in mobile access terminal

First Claim

6 Assignments

0 Petitions

Accused Products

Abstract

283 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Secure placement of centralized media controller application in mobile access terminal

First Claim

6 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

283 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links