Limiting access to network functions based on personal characteristics of the user
First Claim
1. A method comprising:
- causing at least in part, intercepting, by an intermediary service element, a signaling message sent by a terminal to a network entity to establish a data communications session using a session establishment protocol;
identifying, via a profile database associated with the session establishment protocol, personal characteristic associated with user of the terminal, wherein the personal characteristic describes an intrinsic attribute of the user;
obtaining, via a policy database that stores a group access policy relating to the establishment of communications sessions with the network entity, a predetermined criterion for allowing establishment of the data communications session based on the personal characteristic satisfying the group access policy;
causing, at least in part, embedding, via the intermediary service element, a token in the signaling message, the token representing at least one of the personal characteristic and the predetermined criterion;
causing, at least in part, communicating the signaling message via a network service element capable of allowing the user to establish the data communications session, wherein the network service element establishes the data communications session if the personal characteristic satisfies the predetermined criterion.
10 Assignments
0 Petitions
Accused Products
Abstract
Establishing a data communications session involves determining a personal characteristic associated with a user of a terminal. A predetermined criterion for allowing establishment of the data communications session based on the personal characteristic is obtained. A token is embedded in a signaling message used to establish the data communications session. The token represents at least one of the personal characteristic and the predetermined criterion. The signaling message is communicated with a network entity capable of allowing users to establish the data communications session. The data communications session is established via the network entity if the personal characteristic satisfies the predetermined criterion.
42 Citations
26 Claims
-
1. A method comprising:
-
causing at least in part, intercepting, by an intermediary service element, a signaling message sent by a terminal to a network entity to establish a data communications session using a session establishment protocol; identifying, via a profile database associated with the session establishment protocol, personal characteristic associated with user of the terminal, wherein the personal characteristic describes an intrinsic attribute of the user; obtaining, via a policy database that stores a group access policy relating to the establishment of communications sessions with the network entity, a predetermined criterion for allowing establishment of the data communications session based on the personal characteristic satisfying the group access policy; causing, at least in part, embedding, via the intermediary service element, a token in the signaling message, the token representing at least one of the personal characteristic and the predetermined criterion; causing, at least in part, communicating the signaling message via a network service element capable of allowing the user to establish the data communications session, wherein the network service element establishes the data communications session if the personal characteristic satisfies the predetermined criterion. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A method comprising:
-
determining a criterion for allowing a user to join a group via a data communication session in accordance with a group access policy, wherein the criterion is related to a personal characteristic of the user, wherein the personal characteristic describes an intrinsic attribute of the user; causing, at least in part, obtaining a search result in response to a signaling message, wherein the signaling message is used to initiate a search for session endpoints and includes an embedded token representing at least one of the criterion and the personal characteristic; filtering the search result by excluding particular session endpoints referenced in the search results, wherein the particular session endpoints are associated with members of the group who do not satisfy the criterion; and causing, at least in part, returning the filtered search result to an initiator of the signaling message. - View Dependent Claims (10, 11, 12)
-
-
13. An apparatus comprising:
-
at least one memory including computer program instructions; and a processor, the at least one memory and the computer program instructions configured to, with the processor, cause the apparatus to perform at least the following; intercept a signaling message sent from a terminal to a network entity via a network to establish a data communication session between the terminal and the network entity using a session establishment protocol; retrieve from the signaling message at least one of a personal characteristic of a user of the terminal and a predetermined criterion of a group access policy related to the personal characteristic, wherein the personal characteristic is obtained via a profile database associated with the session establishment protocol and describes an intrinsic attribute of the user; and facilitate establishing the data communication session in response to the signaling message based on whether the personal characteristic satisfies the predetermined criterion in accordance with the group access policy. - View Dependent Claims (14, 15, 16, 17, 18, 19)
-
-
20. A method comprising:
-
causing, at least in part, intercepting a session establishment signaling message by an intermediary network entity, wherein the signaling message is included in a service request initiated by a client device operable on a first network, wherein the signaling message targeted for a service element of a second network to establish a data communications session with an communication endpoint of the second network using a session establishment protocol; accessing a personal characteristic of a user of the client device via a profile database of the first network associated with the session establishment protocol in response to the service request, wherein the personal characteristic describes an intrinsic attribute of the user; accessing a criterion for allowing establishment of services via the service element from a database of the second network that stores a group access policy relating to the establishment of communications sessions via the service element; and establishing the data communications session via the intermediary entity based on whether the personal characteristic satisfies the criterion.
-
-
21. A non-transitory computer readable storage medium carrying one or more instructions which, when executed by a processor, cause an apparatus to at least perform the following steps:
-
causing, at least in part, intercept a signaling message sent from a terminal to a network entity to establish a data communication session between the terminal and the network entity using a session establishment protocol; retrieve from the signaling message at least one of a personal characteristic of a user of the terminal and a predetermined criterion of a group access policy related to the personal characteristic, wherein the personal characteristic is obtained via a profile database associated with the session establishment protocol and describes an intrinsic attribute of the user; and causing, at least in part, facilitate establishing the data communication session in response to the signaling message based on whether the personal characteristic satisfies the predetermined criterion in accordance with the group access policy. - View Dependent Claims (22, 23, 24, 25, 26)
-
Specification