Patent application number | Description | Published |
20090006844 | VERIFYING CRYPTOGRAPHIC IDENTITY DURING MEDIA SESSION INITIALIZATION - An authentication agent may cryptographically identify a remote endpoint that sent a media initialization message even though intermediate devices may modify certain fields in the message after a signature is inserted. The originating endpoint's agent may create the signature over some fields of the message using an enterprise network's private key. The agent may insert the signature into the message and send the message to a recipient endpoint's authentication agent. The recipient agent may verify the signature, receive a certificate including a second public key, and challenge the identity of the originating endpoint in order to confirm that identity. This challenge may request a confirmation that the originating endpoint knows the private key corresponding to the second public key and may occur while running encrypted media at the endpoints. After the originating endpoint is authenticated, the endpoints may exchange encrypted and/or unencrypted media. | 01-01-2009 |
20090022149 | Using PSTN Reachability to Verify VoIP Call Routing Information - A system for verifying VoIP call routing information. In particular implementations, a method includes verifying one or more Voice-over-Internet-Protocol (VoIP) call agents for respective destination telephone numbers based on demonstrated knowledge of previous public switched telephone network (PSTN) calls to the respective destination telephone numbers; receiving a call initiation message identifying a destination telephone number; and conditionally initiating a call over a VoIP network to a target VoIP call agent, or over a circuit switched network, based on whether the target VoIP call agent has been verified for the destination telephone number identified in the call initiation message. | 01-22-2009 |
20090022150 | VoIP Call Routing Information Registry including Hash Access Mechanism - A VoIP call routing information registry including a hash access mechanism. In particular implementations, a method includes receiving a telephone number; computing a hash of the telephone number; accessing a registry wherein the registry comprises a plurality of entries, and wherein each entry comprises a hash of a telephone number and data associated with that telephone number, or a prefix and data associated with that prefix; searching the registry for a matching entry; and until a matching entry is found or the telephone number has been stripped down to a minimum number of digits, stripping the last digit of the telephone number, re-computing a hash of the stripped-down telephone number, and re-searching the registry for a matching entry. | 01-22-2009 |
20090022155 | Using PSTN Reachability to Verify Caller ID Information in Received VoIP Calls - A system for verifying caller ID information in received VoIP calls. In particular implementations, a method includes receiving a caller identification (ID) identifying a calling party telephone number in a call initiation message transmitted from a VoIP call agent; determining the identity of the VoIP call agent; verifying that a public switched telephone network (PSTN) call to the calling party telephone number would arrive at a VoIP call agent having the determined identity; and applying, responsive to the call initiation message, one or more rules based at least in part on the verifying step. | 01-22-2009 |
20090323677 | SEPARATION OF VALIDATION SERVICES IN VOIP ADDRESS DISCOVERY SYSTEM - In one embodiment, an apparatus may receive at least one call attribute of a public switched telephone network (PSTN) call initiated to a destination telephone number. The apparatus may verify a destination Voice-over-Internet-Protocol (VoIP) call agent for the destination telephone number based on demonstrated knowledge of the PSTN call. The apparatus may transmit an indication the destination VoIP call agent is verified for the destination telephone number. | 12-31-2009 |
20100002686 | RESTRICTION OF COMMUNICATION IN VOIP ADDRESS DISCOVERY SYSTEM - In one embodiment, a system is provided to restrict VoIP communication. The system may validate a Voice over Internet Protocol (VoIP) call initiation message based on demonstrated knowledge of a Public Switched Telephone Network (PSTN) call. | 01-07-2010 |
20100002687 | INTEGRATION OF VOIP ADDRESS DISCOVERY WITH PBXs - A system for verifying VoIP call routing information. The system may include an apparatus integrated with a private branch exchange (PBX). The apparatus may store at least one call attribute of a public switched telephone network (PSTN) call initiated to a destination telephone number. The apparatus may verify a destination Voice-over-Internet-Protocol (VoIP) call agent for the destination telephone number based on demonstrated knowledge of the PSTN call. The apparatus may route a new call either over a VoIP network to the destination VoIP call agent or over a circuit switched network based on whether the destination VoIP call agent is verified for the destination telephone number. | 01-07-2010 |
20100046507 | USING PSTN REACHABILITY IN ANONYMOUS VERIFICATION OF VOIP CALL ROUTING INFORMATION - In one embodiment, an apparatus may verify an identity of a destination Voice-over-Internet-Protocol (VoIP) call agent for a destination telephone number based on demonstrated knowledge of at least one public switched telephone network (PSTN) call initiated to the destination telephone number. The apparatus may also receive the identity of the destination VoIP call agent based on the demonstrated knowledge of the at least one PSTN call initiated to the destination telephone number. | 02-25-2010 |
20100082828 | NODE REPUTATION BASED ON KNOWLEDGE OF PSTN CALLS - A system may provide trust relationship information for a telephone number, where the trust relationship information may indicate whether one or more nodes consider a target node as including or as being associated with a VoIP call agent for the telephone number based on demonstrated knowledge of a PSTN call. The system may determine a target trust relationship to the target node based on the trust relationship information, where the target trust relationship indicates a level of trust a validating node has in the target node being associated with or including the VoIP call agent for the telephone number, and where validating node and the one or more nodes may be in different respective administrative domains of a network. | 04-01-2010 |
20100183151 | USING AUTHENTICATION TOKENS TO AUTHORIZE A FIREWALL TO OPEN A PINHOLE - Techniques are described for the use of a cryptographic token to authorize a firewall to open a pinhole which permits certain network traffic to traverse firewalls. An initiating endpoint requests a token from a call controller, which authorizes a pinhole though the firewall. In response, the call controller may generate a cryptographic authorization token (CAT) sent towards the destination endpoint. The call controller may generate the token based on an authorization ID associated with the call controller, a shared secret known to both the call controller and the firewall, and data specific to the media flow for which authorization is requested. | 07-22-2010 |
20100202439 | PREVENTION OF VOICE OVER IP SPAM - In one embodiment, a system is provided to prevent VoIP spam. The system may store call data that is associated with a call to a phone number made over a Public Switched Telephone Network. Subsequently, the system may accept an Internet Protocol telephony connection in response to verification of a demonstrated knowledge of the call. The demonstrated knowledge of the call may be verified based on the call data. | 08-12-2010 |
20100329453 | ROUNDING FOR SECURITY - A system may generate from a first value, based on rounding information, a first security key that matches a second security key whenever the first value and a second value from which the second security key is generated differ by less than a non-zero predetermined amount. The second security key may be generated from the second value rounded to a multiple of a rounding interval that is nearest to the second value. The rounding information may include a rounding direction indication. The rounding direction indication may indicate the direction in which the second value is rounded to the multiple of the rounding interval nearest to the second value. | 12-30-2010 |
20110113238 | CERTIFICATE ENROLLMENT WITH PURCHASE TO LIMIT SYBIL ATTACKS IN PEER-TO-PEER NETWORK - A system may protect against Sybil attacks on a peer-to-peer (P2P) network based on each one the nodes in the P2P network being identified by a corresponding certificate. In particular, a node may receive a license key, where the license key is evidence of a purchased product license. The node may transmit a message included in the license key to a certificate authority. The node may receive a certificate from the certificate authority in response to authentication of the message. The node may be identified in the P2P network with a node identifier included in the certificate. | 05-12-2011 |
20110225193 | ACTIVE TAGS - A method for retrieving data in a data source is provided. The method includes receiving a search term; identifying an active tag associated with the search term; correlating the active tag to dynamic data that is operative to adapt to a mining context in which data is stored; and retrieving the data using the dynamic data. | 09-15-2011 |
20120106401 | PREVENTION OF VOICE OVER IP SPAM - In one embodiment, a system is provided to prevent VoIP spam. The system may store call data that is associated with a call to a phone number made over a Public Switched Telephone Network. Subsequently, the system may accept an Internet Protocol telephony connection in response to verification of a demonstrated knowledge of the call. The demonstrated knowledge of the call may be verified based on the call data. | 05-03-2012 |
20120243530 | USING PSTN REACHABILITY TO VERIFY VOIP CALL ROUTING INFORMATION - A system for verifying VoIP call routing information. In particular implementations, a method includes verifying one or more Voice-over-Internet-Protocol (VoIP) call agents for respective destination telephone numbers based on demonstrated knowledge of previous public switched telephone network (PSTN) calls to the respective destination telephone numbers; receiving a call initiation message identifying a destination telephone number; and conditionally initiating a call over a VoIP network to a target VoIP call agent, or over a circuit switched network, based on whether the target VoIP call agent has been verified for the destination telephone number identified in the call initiation message. | 09-27-2012 |
20120246467 | Verifying Cryptographic Identity During Media Session Initialization - An authentication agent may cryptographically identify a remote endpoint that sent a media initialization message even though intermediate devices may modify certain fields in the message after a signature is inserted. The originating endpoint's agent may create the signature over some fields of the message using an enterprise network's private key. The agent may insert the signature into the message and send the message to a recipient endpoint's authentication agent. The recipient agent may verify the signature, receive a certificate including a second public key, and challenge the identity of the originating endpoint in order to confirm that identity. This challenge may request a confirmation that the originating endpoint knows the private key corresponding to the second public key and may occur while running encrypted media at the endpoints. After the originating endpoint is authenticated, the endpoints may exchange encrypted and/or unencrypted media. | 09-27-2012 |