This invention relates to arrangements for accessing the contents of computer files from locations remote from where the files are stored, and more particularly to retrieval of information over an audio channel.
Communications are becoming increasingly important to modern business, entertainment, and military users. In many contexts, the communications involve the accessing of the information in files which are stored on computer memories or databases which are at locations remote from the person desiring to access the information.
A remote access service is currently provided by General Magic, Inc. of Sunnyvale, Calif. This remote access service allows a user to call into a server located in Sunnyvale, and, using voice commands, to cause the Sunnyvale server to communicate with another server, remote from Sunnyvale, at which the user""s information, such as e-mail, or other information which he may be authorized to receive, is stored. This other server may be a server associated with a business or enterprise. In order to prevent unauthorized persons from accessing information on the second server, such as e-mail of another, the authorized user of the service must enter an appropriate user identification. A company known as wirelessknowledge has proposed a modification to the system of General Magic, in which a third server, located in San Diego, is cascaded with the Sunnyvale server, to allow the San Diego server to provide the voice-command capability to additional users.
Improved remote access systems and methods are desired.
A method for accessing information stored on a remote computer includes the step of uttering a command into a first end of an audio channel which includes a publicly accessible portion, so that an electronic equivalent of the speech appears at a second end of the audio channel, remote from the first end. The electronic equivalent of the speech is coupled from the second end of the audio channel to a private network which is not accessible to the public. Within the private network, the spoken command is converted into an executable or digital-form command, and, in response to the executable command, information identified by the command is retrieved from computer memory, to thereby generate retrieved information. The retrieved information is applied to a firewall evaluation arrangement within the private network, for determining if the retrieved information is of a type which may be allowed to be transmitted over the audio channel. If the retrieved information is of a type which may not be allowed to be transmitted over the audio channel, the retrieved information is blocked by the firewall evaluation arrangement to prevent its leaving the private network, and if the retrieved information is of a type which may be allowed to be transmitted over the audio channel, the retrieved information is converted, within the private network, into speech representing the retrieved data. The speech representing the retrieved data is applied to the second end of the audio channel, for transmission to the first end of the audio channel.
In a particular mode of the method, a further step is performed, between the steps of coupling the electronic equivalent of the speech and converting the speech into an executable command. This additional step includes, within the private network, authenticating the source of the speech signal, to thereby provide access to the private network. This authentication may be performed in as simple a manner as comparison of a keyed-in PIN with a stored value, or it may involve recognition of the user by evaluation of the characteristics of his voice, or alternatively the user may read a pseudorandom number generated by a generator which the user carries with him, which is compared with the number stored on an identical pseudorandom number generator within the private network. The retrieved information may be e-mail.
An apparatus according to an aspect of the invention, for remotely accessing, by way of an audio channel, information stored in a computer memory within a private network, includes a memory within the private network, on which information to be remotely accessed is stored in files. An audio communication channel includes a first end available to any user and a second end to which user voice commands can be sent over the channel. A speech recognition engine within the private network, when commanded by a voice, converts voice commands identifying a designated file into an executable command to find the designated file. A file search arrangement within the private network, in response to the executable command, controllably accesses the designated file in the memory. An information content authenticating arrangement within the private network is coupled to the memory, for evaluating the information of the designated file, and for passing (or approving the passage of) the designated file only when the designated file contains unrestricted information. A text-to-speech engine within the private network is coupled to the information content authenticating arrangement and to the second end of the audio communication channel, for converting the contents of the designated file into speech, and for transmitting the speech by way of the audio communication channel to the user.
A particular embodiment of the apparatus includes a user authentication arrangement within the private network. The authenticating arrangement is coupled to the second end of the audio communication channel and to the speech recognition engine, for generating a path by which the user voice command can reach the speech recognition engine only when the user is authenticated.
One version of the user authentication arrangement includes a clocked pseudorandom generator for generating a time-variant code number, and a comparator coupled to the pseudorandom generator, and also coupled to the second end of the audio channel, for comparing an identification number transmitted from the user to the comparator over the audio channel with the time-variant code number; this version also includes a second clocked pseudorandom generator available to the user. The second pseudorandom generator is sufficiently similar to the first pseudorandom generator to produce the same time-variant code number as the first pseudorandom generator, as a result of which, or whereby, the comparator authenticates the user by comparing the time-variant code number from the first and second pseudorandom generators.
Another version of the authentication arrangement includes a voice authenticator, which processes the voice of the user to establish the authenticity of the user.
Yet another user authentication arrangement comprises a PIN authenticating arrangement coupled to a speech passing gate, for passing speech when the PIN is authenticated.