1. Field of the Invention
The present invention relates to the authorization levels for telephone calls. In particular, the present invention relates to assigning an authorization level to an originating station in a primary rate interface for a virtual private network.
2. Description of the Related Art
Phone networks for large organizations and businesses are generally designed to accommodate the structure of the organization. In many phone systems provided to such business operations, multiple telephone receivers, or originating stations, connect to a PBX (Private Branch Exchange). A PBX is a telephone switching center that is owned by a private business. The PBX provides an interface over an ISDN line (Integrated Services Digital Network) to an Inter-exchange Carrier Service Switching Point (IXC SSP, or SSP). ISDN permits voice, data, text, graphics, music, video, and other source material to be transmitted over existing telephone wires. ISDN generally provides two levels of service: a Basic Rate Interface (BRI) which is an interface from the Service Switching Point (SSP) in the local exchange node or a Central Office, intended for the home and small enterprises, and a Primary Rate Interface (PRI) which is an interface from the Service Switching Point (SSP) or the local exchange node/Central Office and could also be an interface from the IXC SSP, for larger users. Both rates include a number of B-channels for carrying data, voice, and other services, and D-channels for carrying control and signaling information. The Inter-exchange Carrier Service Switching Point (IXC SSP) is the Long Distance switching node in a telephone network. The IXC SSP communicates with the Public Switched System Telephone Network (PSTN) telephone system based on copper wires carrying voice generally over a Feature Group D (FGD) connection. Feature Group D is a type of telecommunication trunk used to provide “equal access” capability from telecommunication carriers and central offices (where the switching equipment is located and customer lines are connected and terminated) to the access tandem. In addition to communicating with the PSTN, the IXC SSP sends messages to a “Service Control Point” (SCP) to query databases about subscriber service information and routing information of a subscriber telephone call.
A virtual private network (VPN) is a method devised to use a public telecommunication infrastructure, including the Internet, to provide remote offices or individual users with secure access to their organization's virtual network. A VPN works by using the carrier's shared infrastructure while maintaining privacy through various security and dialing procedures.
Large organizations often provide a hierarchical authorization structure. Some current methods enable transfer of the authorization structure to a phone connection system for the organization. Currently, authorization levels are assigned at the PBX level, which means that originating stations that share the same PBX are assigned the same level of authorization. When a call is made at an originating station hosted by a PBX, a Trunk Group Number (TGN) identifying the PBX and a Switch ID (SwID) identifying the SSP are used to determine an authorization level. For example, the TGN and SwID values can be used to query a database of authorization levels. Access tables have been used to determine the membership of a Dedicated Access Line (DAL) in a VPN customized plan. In this case, two existing values (e.g. DAL and ISDN) differentiate a ‘plain’ DAL from a Primary Rate Interface (PRI) DAL, respectively. The Access Table identifies the type of DAL being used and assigns a DAL-level private number to the call. In another table, the DAL-level private number is associated to an Authorization Level that is applied to all customer stations connected to long-distance (LD) using that DAL.
Known authorization systems have operated under the assumption that stations connected to the same PBX use the same level of authorization. Thus, authorization levels assigned to the PBX generally might not accommodate authorization levels of the business at the level of a specific employee. For example, it may be desirable that a manager's station be set for higher calling privileges than his subordinates, or that a company president be assigned a privilege level that bypasses all call restrictions while the manager's and his subordinate employees' calling capabilities remain restricted. There is therefore a need for a method and apparatus that provides authorization at the individual station level that are behind a PBX.