Methods and systems for multi-factor authentication in secure media-based conferencing

US 9,118,809 B2
Filed: 09/08/2014
Issued: 08/25/2015
Est. Priority Date: 10/11/2013
Status: Active Grant

First Claim

Patent Images

1. A computerized method for authenticating an end point device participating in a media-based conference call, the method comprising:

receiving, by a call processing module of a server computing device, a request to join a conference call between a plurality of end point devices, the request including credentials and attributes associated with a user of a first end point device, attributes associated with the first end point device, and a media stream associated with the first end point device;

determining, at the call processing module, an identity of the user of the first end point device based upon the credentials and the attributes associated with the user;

determining, at the call processing module, a level of conference call access based upon the attributes associated with the first end point device;

retrieving, by the call processing module, a user profile based upon the identity of the user, the user profile including a set of permissions associated with authorization to participate in the conference call;

generating, by the call processing module, a fingerprint associated with the request, the fingerprint comprising attributes derived from the user profile, the attributes associated with the end point device, and the requested conference call;

analyzing, by the call processing module, the media stream using a matrix of authentication factors, wherein the authentication factors include at least two of;

user-specific facial recognition attributes, user-specific audio recognition attributes, acoustic environment attributes, visual environment attributes, user gesture attributes, technical attributes of the end point device, and technical attributes of the media stream;

determining, by the call processing module, an authentication score for the first end point device based upon the media stream analysis; and

determining, by the call processing module, whether to connect the first end point device to the conference call, another media resource, or another user of a network or communication system based upon the authentication score and the fingerprint.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Methods and apparatuses, including computer program products, are described for multi-factor authentication of media-based (e.g., video and/or audio) conferencing between a plurality of end point devices. The methods and apparatuses provide for analysis of an end point media stream using a matrix of authentication factors, where the authentication factors include at least two of: user-specific facial recognition attributes, user-specific audio recognition attributes, acoustic environment attributes, visual environment attributes, user gesture attributes, technical attributes of the end point device, and technical attributes of the media stream, to determine an authentication score for the first end point device.

77 Citations

View as Search Results

28 Claims

1. A computerized method for authenticating an end point device participating in a media-based conference call, the method comprising:
- receiving, by a call processing module of a server computing device, a request to join a conference call between a plurality of end point devices, the request including credentials and attributes associated with a user of a first end point device, attributes associated with the first end point device, and a media stream associated with the first end point device;
  
  determining, at the call processing module, an identity of the user of the first end point device based upon the credentials and the attributes associated with the user;
  
  determining, at the call processing module, a level of conference call access based upon the attributes associated with the first end point device;
  
  retrieving, by the call processing module, a user profile based upon the identity of the user, the user profile including a set of permissions associated with authorization to participate in the conference call;
  
  generating, by the call processing module, a fingerprint associated with the request, the fingerprint comprising attributes derived from the user profile, the attributes associated with the end point device, and the requested conference call;
  
  analyzing, by the call processing module, the media stream using a matrix of authentication factors, wherein the authentication factors include at least two of;
  
  user-specific facial recognition attributes, user-specific audio recognition attributes, acoustic environment attributes, visual environment attributes, user gesture attributes, technical attributes of the end point device, and technical attributes of the media stream;
  
  determining, by the call processing module, an authentication score for the first end point device based upon the media stream analysis; and
  
  determining, by the call processing module, whether to connect the first end point device to the conference call, another media resource, or another user of a network or communication system based upon the authentication score and the fingerprint.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
- - 2. The method of claim 1, wherein the acoustic environment attributes include (i) one or more pre-recorded audio files from a user and (ii) acoustic attributes of a room in which the first end point device is located.
  - 3. The method of claim 1, wherein the visual environment attributes include (i) user-provided or system-captured still images and multiple video frames and (ii) lighting attributes of a room in which the first end point device is located.
  - 4. The method of claim 1, wherein the technical attributes of the first end point device include an image resolution of a camera coupled to the first end point device, a device identifier, a location, and an originating address.
  - 5. The method of claim 1, wherein the technical attributes of the media stream include a media format and a media quality.
  - 6. The method of claim 1, further comprising:
    - transmitting, by the call processing module, the media stream associated with the first end point device to one or more other end point devices connected to the conference call;
      
      receiving, by the call processing module, a validation signal from the one or more other end point devices to confirm an identity of a user of the first end point device; and
      
      adding, by the call processing module, the received validation signal to the matrix of authentication factors.
  - 7. The method of claim 1, wherein the media stream analysis includes comparing the matrix of authentication factors for the media stream to a matrix of authentication factors for prior media streams associated with the first end point device.
  - 8. The method of claim 7, wherein the media stream analysis includes analyzing the matrix of authentication factors for the media stream based upon user- and/or system-specified preferences.
  - 9. The method of claim 1, further comprising storing, by the call processing module, the media stream analysis and authentication score for the media stream in a database.
  - 10. The method of claim 1, wherein the media stream analysis and authentication score determination occur periodically during the conference call.
  - 11. The method of claim 1, wherein the authentication score is below a predetermined threshold, the method further comprising transmitting, by the call processing module, a request for user credentials to the first end point device.
  - 12. The method of claim 1, further comprising transmitting, by the call processing module, the authentication score for the first end point device for display on one or more other end point devices connected to the conference call.
  - 13. The method of claim 1, further comprising:
    - denying, by the call processing module, the request to join the conference call when the authentication score is below a predetermined threshold; and
      
      disconnecting, by the call processing module, the first end point device.
  - 14. The method of claim 1, further comprising:
    - allowing, by the call processing module, the request to join the conference call when the authentication score is at or above a predetermined threshold; and
      
      connecting, by the call processing module, the first end point device to the conference call.

15. A system for authenticating an end point device participating in a media-based conference call, the system comprising a server computing device having a call processing module configured to:
- receive a request to join a conference call between a plurality of end point devices, the request including credentials and attributes associated with a user of a first end point device, attributes associated with the first end point device, and a media stream associated with the first end point device;
  
  determine an identity of the user of the first end point device based upon the credentials and the attributes associated with the user;
  
  determine a level of conference call access based upon the attributes associated with the first end point device;
  
  retrieve a user profile based upon the identity of the user, the user profile including a set of permissions associated with authorization to participate in the conference call;
  
  generate a fingerprint associated with the request, the fingerprint comprising attributes derived from the user profile, the attributes associated with the end point device, and the requested conference call;
  
  analyze the media stream using a matrix of authentication factors, wherein the authentication factors include at least two of;
  
  user-specific facial recognition attributes, user-specific audio recognition attributes, acoustic environment attributes, visual environment attributes, user gesture attributes, technical attributes of the end point device, and technical attributes of the media stream;
  
  determine an authentication score for the first end point device based upon the media stream analysis; and
  
  determine whether to connect the first end point device to the conference call, another media resource, or another user of a network or communication system based upon the authentication score and the fingerprint.
- View Dependent Claims (16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27)
- - 16. The system of claim 15, wherein the acoustic environment attributes include (i) one or more pre-recorded audio files from a user and (ii) acoustic attributes of a room in which the first end point device is located.
  - 17. The system of claim 15, wherein the visual environment attributes include (i) user-provided or system-captured still images and multiple video frames and (ii) lighting attributes of a room in which the first end point device is located.
  - 18. The system of claim 15, wherein the technical attributes of the first end point device include an image resolution of a camera coupled to the first end point device, a device identifier, a location, and an originating address.
  - 19. The system of claim 15, wherein the technical attributes of the media stream include a media format and a media quality.
  - 20. The system of claim 15, wherein the call processing module is further configured to:
    - transmit the media stream associated with the first end point device to one or more other end point devices connected to the conference call;
      
      receive a validation signal from the one or more other end point devices to confirm an identity of a user of the first end point device; and
      
      add the received validation signal to the matrix of authentication factors.
  - 21. The system of claim 15, wherein the media stream analysis includes comparing the matrix of authentication factors for the media stream to a matrix of authentication factors for prior media streams associated with the first end point device.
  - 22. The method of claim 21, wherein the media stream analysis includes analyzing the matrix of authentication factors for the media stream based upon user- and/or system-specified preferences.
  - 23. The system of claim 15, wherein the call processing module is further configured to store the media stream analysis and authentication score for the media stream in a database.
  - 24. The system of claim 15, wherein the media stream analysis and authentication score determination occur periodically during the conference call.
  - 25. The system of claim 15, wherein the authentication score is below a predetermined threshold, the call processing module further configured to transmit a request for user credentials to the first end point device.
  - 26. The system of claim 15, wherein the call processing module is further configured to:
    - deny the request to join the conference call when the authentication score is below a predetermined threshold; and
      
      disconnect the first end point device.
  - 27. The system of claim 15, wherein the call processing module is further configured to:
    - allow the request to join the conference call when the authentication score is at or above a predetermined threshold; and
      
      connect the first end point device to the conference call.

28. A computer program product, tangibly embodied in a non-transitory computer readable storage device, for authenticating an end point device participating in a media-based conference call, the computer program product including instructions operable to cause a call processing module of a server computing device to:
- receive a request to join a conference call between a plurality of end point devices, the request including credentials and attributes associated with a user of a first end point device, attributes associated with the first end point device, and a media stream associated with the first end point device;
  
  determine an identity of the user of the first end point device based upon the credentials and the attributes associated with the user;
  
  determine a level of conference call access based upon the attributes associated with the first end point device;
  
  retrieve a user profile based upon the identity of the user, the user profile including a set of permissions associated with authorization to participate in the conference call;
  
  generate a fingerprint associated with the request, the fingerprint comprising attributes derived from the user profile, the attributes associated with the end point device, and the requested conference call;
  
  analyze the media stream using a matrix of authentication factors, wherein the authentication factors include at least two of;
  
  user-specific facial recognition attributes, user-specific audio recognition attributes, acoustic environment attributes, visual environment attributes, user gesture attributes, technical attributes of the end point device, and technical attributes of the media stream;
  
  determine an authentication score for the first end point device based upon the media stream analysis; and
  
  determine whether to connect the first end point device to the conference call, another media resource, or another user of a network or communication system based upon the authentication score and the fingerprint.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Edifire LLC
Original Assignee
Edifire LLC
Inventors
Anderson, Eric, Goepp, Daniel P.
Primary Examiner(s)
WOO, STELLA L

Application Number

US14/480,091
Publication Number

US 20150103136A1
Time in Patent Office

351 Days
Field of Search

348 1401- 1416, 370260-261, 715/756
US Class Current

1/1
CPC Class Codes

H04L 12/18   for broadcast or conference...

H04L 12/1818   Conference organisation arr...

H04L 65/1069   Session establishment or de...

H04L 65/1076   Screening of IP real time c...

H04L 65/1093   by adding participants; by ...

H04L 65/4038   with floor control

H04L 65/70   Media network packetisation

H04M 2203/6009   Personal information, e.g. ...

H04M 2203/6054   Biometric subscriber identi...

H04M 3/38   Graded-service arrangements...

H04M 3/56   Arrangements for connecting...

H04M 3/567   Multimedia conference systems

H04N 7/152   Multipoint control units th...

H04N 7/155   involving storage of or acc...

Methods and systems for multi-factor authentication in secure media-based conferencing

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

77 Citations

28 Claims

Specification

Solutions

Use Cases

Quick Links

Methods and systems for multi-factor authentication in secure media-based conferencing

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

77 Citations

28 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links