Limiting access to network functions based on personal characteristics of the user

US 7,991,895 B2
Filed: 12/09/2005
Issued: 08/02/2011
Est. Priority Date: 12/09/2005
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

causing at least in part, intercepting, by an intermediary service element, a signaling message sent by a terminal to a network entity to establish a data communications session using a session establishment protocol;

identifying, via a profile database associated with the session establishment protocol, personal characteristic associated with user of the terminal, wherein the personal characteristic describes an intrinsic attribute of the user;

obtaining, via a policy database that stores a group access policy relating to the establishment of communications sessions with the network entity, a predetermined criterion for allowing establishment of the data communications session based on the personal characteristic satisfying the group access policy;

causing, at least in part, embedding, via the intermediary service element, a token in the signaling message, the token representing at least one of the personal characteristic and the predetermined criterion;

causing, at least in part, communicating the signaling message via a network service element capable of allowing the user to establish the data communications session, wherein the network service element establishes the data communications session if the personal characteristic satisfies the predetermined criterion.

View all claims

10 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Establishing a data communications session involves determining a personal characteristic associated with a user of a terminal. A predetermined criterion for allowing establishment of the data communications session based on the personal characteristic is obtained. A token is embedded in a signaling message used to establish the data communications session. The token represents at least one of the personal characteristic and the predetermined criterion. The signaling message is communicated with a network entity capable of allowing users to establish the data communications session. The data communications session is established via the network entity if the personal characteristic satisfies the predetermined criterion.

42 Citations

View as Search Results

26 Claims

1. A method comprising:
- causing at least in part, intercepting, by an intermediary service element, a signaling message sent by a terminal to a network entity to establish a data communications session using a session establishment protocol;
  
  identifying, via a profile database associated with the session establishment protocol, personal characteristic associated with user of the terminal, wherein the personal characteristic describes an intrinsic attribute of the user;
  
  obtaining, via a policy database that stores a group access policy relating to the establishment of communications sessions with the network entity, a predetermined criterion for allowing establishment of the data communications session based on the personal characteristic satisfying the group access policy;
  
  causing, at least in part, embedding, via the intermediary service element, a token in the signaling message, the token representing at least one of the personal characteristic and the predetermined criterion;
  
  causing, at least in part, communicating the signaling message via a network service element capable of allowing the user to establish the data communications session, wherein the network service element establishes the data communications session if the personal characteristic satisfies the predetermined criterion.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1, wherein the personal characteristic comprises the user'"'"'s age.
  - 3. The method of claim 1, wherein the profile database comprises a network accessible user profile database.
  - 4. The method of claim 1, wherein the embedding of the token in the signaling message comprises embedding the token in a header of a Session Initiation Protocol (SIP) message.
  - 5. The method of claim 4, wherein the embedding of the token in the SIP message comprises embedding the token in at least one of an Accept-Contact and a Contact header of a SIP INVITE message.
  - 6. The method of claim 1, wherein the establishment of the data communications session comprises allowing membership into an instant messaging group.
  - 7. The method of claim 1, wherein the establishing the data communications session comprises allowing membership into a push-to-talk communications group.
  - 8. The method of claim 1, wherein the establishing the data communications session comprises establishing the data communications session between two or more users.

9. A method comprising:
- determining a criterion for allowing a user to join a group via a data communication session in accordance with a group access policy, wherein the criterion is related to a personal characteristic of the user, wherein the personal characteristic describes an intrinsic attribute of the user;
  
  causing, at least in part, obtaining a search result in response to a signaling message, wherein the signaling message is used to initiate a search for session endpoints and includes an embedded token representing at least one of the criterion and the personal characteristic;
  
  filtering the search result by excluding particular session endpoints referenced in the search results, wherein the particular session endpoints are associated with members of the group who do not satisfy the criterion; and
  
  causing, at least in part, returning the filtered search result to an initiator of the signaling message.
- View Dependent Claims (10, 11, 12)
- - 10. The method of claim 9, wherein the personal characteristic comprises the user'"'"'s age.
  - 11. The method of claim 9, further comprising obtaining at least one of the criterion and the personal characteristic from a network accessible user profile database associated with a session protocol of the communication session.
  - 12. The method of claim 9, wherein the embedding of the criterion in the signaling message comprises intercepting the signaling message at an intermediary server and embedding the criterion in the signaling message via the intermediary server.

13. An apparatus comprising:
- at least one memory including computer program instructions; and
  
  a processor,the at least one memory and the computer program instructions configured to, with the processor, cause the apparatus to perform at least the following;
  
  intercept a signaling message sent from a terminal to a network entity via a network to establish a data communication session between the terminal and the network entity using a session establishment protocol;
  
  retrieve from the signaling message at least one of a personal characteristic of a user of the terminal and a predetermined criterion of a group access policy related to the personal characteristic, wherein the personal characteristic is obtained via a profile database associated with the session establishment protocol and describes an intrinsic attribute of the user; and
  
  facilitate establishing the data communication session in response to the signaling message based on whether the personal characteristic satisfies the predetermined criterion in accordance with the group access policy.
- View Dependent Claims (14, 15, 16, 17, 18, 19)
- - 14. The apparatus of claim 13, wherein the personal characteristic of the user comprises the age of the user.
  - 15. The apparatus of claim 13, wherein the apparatus is further caused to establish an instant messaging session between the terminal and the network entity in response to the signaling message if the personal characteristic satisfies the predetermined criterion.
  - 16. The apparatus of claim 13, wherein the apparatus is further caused to to establish a push-to-talk session between the terminal and the network entity in response to the signaling message if the personal characteristic satisfies the predetermined criterion.
  - 17. The apparatus of claim 13, wherein the apparatus is further caused to:
    - provide a search result containing descriptions of individual communication endpoints accessible via the network in response to the signaling message; and
      
      filter individual descriptions of the search result based on whether the descriptions satisfy the predetermined criterion.
  - 18. The apparatus of claim 13, wherein the signaling message includes the predetermined criterion, and wherein the apparatus is further caused to determine the personal characteristic via a user profile database associated with the session establishment protocol accessible via the network.
  - 19. The apparatus of claim 13, wherein the signaling message includes the personal characteristic, and wherein the apparatus is further caused to obtain the predetermined criterion via a database.

20. A method comprising:
- causing, at least in part, intercepting a session establishment signaling message by an intermediary network entity, wherein the signaling message is included in a service request initiated by a client device operable on a first network, wherein the signaling message targeted for a service element of a second network to establish a data communications session with an communication endpoint of the second network using a session establishment protocol;
  
  accessing a personal characteristic of a user of the client device via a profile database of the first network associated with the session establishment protocol in response to the service request, wherein the personal characteristic describes an intrinsic attribute of the user;
  
  accessing a criterion for allowing establishment of services via the service element from a database of the second network that stores a group access policy relating to the establishment of communications sessions via the service element; and
  
  establishing the data communications session via the intermediary entity based on whether the personal characteristic satisfies the criterion.

21. A non-transitory computer readable storage medium carrying one or more instructions which, when executed by a processor, cause an apparatus to at least perform the following steps:
- causing, at least in part, intercept a signaling message sent from a terminal to a network entity to establish a data communication session between the terminal and the network entity using a session establishment protocol;
  
  retrieve from the signaling message at least one of a personal characteristic of a user of the terminal and a predetermined criterion of a group access policy related to the personal characteristic, wherein the personal characteristic is obtained via a profile database associated with the session establishment protocol and describes an intrinsic attribute of the user; and
  
  causing, at least in part, facilitate establishing the data communication session in response to the signaling message based on whether the personal characteristic satisfies the predetermined criterion in accordance with the group access policy.
- View Dependent Claims (22, 23, 24, 25, 26)
- - 22. The non-transitory computer readable storage medium of claim 21, wherein the personal characteristic of the user comprises the age of the user.
  - 23. The non-transitory computer readable storage medium of claim 21, wherein the instructions further cause, at least in part, the apparatus to establish an instant messaging session between the terminal and the network entity via an instant messaging server module in response to the signaling message if the personal characteristic satisfies the predetermined criterion.
  - 24. The non-transitory computer readable storage medium of claim 21, wherein the instructions further cause, at least in part, the apparatus to establish a push-to-talk session between the terminal and the network entity via a push-to-talk server module in response to the signaling message if the personal characteristic satisfies the predetermined criterion.
  - 25. The non-transitory computer readable storage medium of claim 21, wherein the instructions further cause the apparatus to:
    - provide a search result containing descriptions of individual communication endpoints accessible via the network in response to the signaling message; and
      
      filter individual descriptions of the search result based on whether the descriptions satisfy the predetermined criterion.
  - 26. The non-transitory computer readable storage medium of claim 21, wherein the signaling message includes the predetermined criterion, and wherein the instructions cause the apparatus to determine the personal characteristic via a user profile database associated with the session establishment protocol accessible via the network.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Conversant Wireless Licensing S.à.r.l. (f/k/a Core Wireless Licensing S.a.r.l.) (MOSAID Technologies Inc. (f/k/a Conversant Intellectual Property Management))
Original Assignee
Nokia Corporation
Inventors
Leppisaari, Arto, Haruna, Adamu
Primary Examiner(s)
Swearingen; Jeffrey R

Application Number

US11/298,970
Publication Number

US 20070136475A1
Time in Patent Office

2,062 Days
Field of Search

709/228, 709/229, 709/232, 709/219, 709/203, 709/231, 709/159
US Class Current

709/227
CPC Class Codes

H04L 51/04   Real-time or near real-time...

H04L 65/1069   Session establishment or de...

H04L 67/306   User profiles

Limiting access to network functions based on personal characteristics of the user

First Claim

10 Assignments

0 Petitions

Accused Products

Abstract

42 Citations

26 Claims

Specification

Solutions

Use Cases

Quick Links

Limiting access to network functions based on personal characteristics of the user

First Claim

10 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

42 Citations

26 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links