The present invention is directed to a method and apparatus for limiting access to network elements. More particularly, the present invention is directed to a method and apparatus for limiting access to network elements having disparate operating systems to only those users being authorized to access the respective elements.
Various communication network configurations are known in the art. Typically such communication network configurations include a plurality of different network elements. The network elements can be supplied by various vendors and therefore implement different types of interfaces. Similarly, the different types of network elements, which may be intelligent devices that include some processing capabilities, operate with different operating systems, for example different versions of Unix or DOS or Windows.
One example of an arrangement of network elements is illustrated in FIG. 1. In this particular arrangement a user may have access to various network elements via personal computer (PC) 101. The PC may be coupled to a router 102 via a wide area network (WAN) or local area network (LAN) connection. It would be possible to use TCP/IP transport protocols for initiating communications from the PC. The router can be coupled to different network elements such as a signal control point (SCP) 103, a signal transfer point (STP) 104 and a terminal server 105 which constitutes an additional intelligent device that interfaces to yet additional network elements. Examples of such additional network elements include a voice mail server (VMS) 107, a switch 108 which could be a Lucent Technologies 5ESS switch, and a Signal Access Cross Connect System (DACS) 109. It should be understood that this is merely an example of an arrangement of network elements and is not the sole representation of a configuration in which problems arise that can be addressed by the present invention.
In such network configurations employing a plurality of different network elements, it is difficult to provide a unified solution for limiting access by the user to each and every one of a plurality of the network elements. The problem arises because the different network elements operate with different operating systems and, as indicated before may be supplied by different vendors with different communication specifications. Therefore, typically each individual network element would have to operate some sort of authentication process to determine whether an individual user has access to that particular element. This requires different implementations of authentication processes depending upon the design of the respective network elements.
Another network where this problem arises is in a wireless cellular network where access is needed to a variety of network elements. Again, since the various network elements may have different operating systems with different degrees of authentication capability, it can be difficult to implement a universal solution that will force authentications.
It would be beneficial to have an arrangement by which access could be limited to the disparate network elements using a unified solution that is independent of the operating systems of the respective elements.