The present invention relates to an access control in a system which establishes a communication session via multiple session managing servers, by using a control communication protocol among multiple entities.
When data communication is performed, for example, between two entities (for example, two devices or two processes which are implemented by executing software on the devices), a control communication protocol may be used. This control communication protocol is independent from the data communication, so as to control the data communication such as enabling the data communication, shutting down the data communication, and the like. For instance, in a service of IP telephone, a protocol called as SIP (Session Initiation Protocol) is broadly used as a control communication protocol. As to the details of the SIP, see IETF, RFC3261 “SIP: Session Initiation Protocol”, IETF, June 2002, URL: http://www.ietf.org/rfc/rfc3261.txt (hereinafter, referred to as Documents 1).
Some of the control communication protocols are developed, assuming a mechanism in which one or multiple session managing servers mediate a process for establishing a communication session between entities (hereinafter, also referred to as “clients”). By way of example, for the above SIP, a session managing server (also referred to as an “SIP server”) is brought into practice so that an Internet connection service provider (hereinafter, also referred to as “ISP”) provides an IP telephone service among customers of the ISP.
Hereinafter, an operation under the SIP will be briefly explained, in which the session managing server is utilized so that a first client establishes a communication session (hereinafter, also referred to as merely “session”) with a second client, thereby enabling the data communication therebetween.
Initially, the first client registers an IP address of its own in the session managing server, prior to the process for establishing the communication session. In other words, this client transmits to the session managing server, a registration request message (also referred to as “REGISTER message”) including an identifier (also referred to as SIP-URI) to uniquely identify the client or a user of the client in the session managing server and the IP address of the client. The session managing server records the identifier and the IP address described in the registration request message, in such a manner as being associated with each other.
It is to be noted that the association between the identifier and the IP address of the client, which is recorded in the session managing server, is designed to be deleted after a lapse of effective period given at the time of recording the association. Alternatively, this association may be deleted by sending from the client, a registration delete request message, i.e., REGISTER message that specifies to set zero to the effective period of the association.
In the present specification, a situation in which the identifier and IP address of a client (entity) are recorded, in such a manner as associated with each other in the session managing server, is referred to as “the client logs in the session managing server”. On the other hand, a situation in which there is not such recording is referred to as “the client logs out of the session managing server”.
Logging-in enables the session managing server to transmit an INVITE message (described below) that is received from a source client, to a destination client. On the other hand, this logging-in also allows the session managing server to accept an INVITE message or the like from the destination client as well.
Similarly, a second client also logs in the session managing server prior to the session establishing processing.
Next, the first client performs a processing to establish a session with the second client.
In other words, the first client transmits to the session managing server, a connection request message (hereinafter, also referred to as “INVITE message”) which requests to establish a session with the second client. In this INVITE message, there are described an identifier of the first client and an identifier of the second client. The session managing server which has received the INVITE message transmits the INVITE message to the second client. If the second client that has received the INVITE message accepts the connection request, it transmits to the session managing server a response message indicating the acceptance (also referred to as “200 OK message”). The session managing server returns the response message to the first client. Receiving the response message by the first client indicates that the communication session between the first client and the second client has been established.
In the foregoing description, there have been explained operations for enabling data communication between the first client and the second client to establish a data session therebetween, by utilizing the session managing server under the SIP.
In addition, there is also a case where multiple session managing servers cooperate with one another to control a communication session between two clients. In a situation in which a first client logs in a first session managing server whilst a second client logs in a second session managing server, if the first client tries to establish a session with the second client, the first client firstly transmits the INVITE message to the first session managing server.
The first session managing server which has received the INVITE message transfers the INVITE message to the second session managing server. The second session managing server transfers the INVITE message to the second client. In a similar manner, the second client transmits the response message to the second session managing server. The second session managing server which has received the response message transfers the response message to the first session managing server. The first session managing server transfers the response message to the first client.
For example, in the case of the IP telephone as described above, when an ISP provides its own customer with an IP phone service, each ISP operates the SIP server. Then, the SIP servers cooperate with one another to establish sessions for IP phones, between the IP phone client software programs which are running on terminals owned by the customers.
For the case where an INVITE message is transferred through multiple session managing servers and when the second session managing server has received the INVITE message from the first client as discussed above, there exists a service control method, in which the second session managing server obtains service providing conditions that define services to be provided to the first client, and the second session managing server provides the service according to the conditions. For instance, see Japanese Patent Laid-open Publication No. 2004-172782 (referred to as “Document 2”).