This invention enables end user enterprises to achieve specific objectives in the management and enforcement of policies related to the use of telecommunications services. It involves active measurement of the properties of traffic on a communications channel, and the use of such knowledge in strategic management of access to telecommunications services. It was conceived for use in connection with traditional telephone networks that carry voice, facsimile or voice-band-data (VBD) traffic, though it is not necessarily limited to such networks.
The term end user represents enterprises that make use of telecommunications services. Enterprises that act as an intermediary for access to telecommunications services are also considered to be end users.
Herein, the terms xe2x80x9cfacsimilexe2x80x9d or xe2x80x9cfaxxe2x80x9d represent Group 3 facsimile, which is a ubiquitous international standard for communicating facsimiles of documents over telephone networks. The term xe2x80x9cvoice-band-dataxe2x80x9d represents machine-generated information transported over a standard telecommunications voice channel. While facsimile is a form of voice-band-data, it is mentioned separately in this document to highlight the fact that it may be separately classified in the invention.
Voice-Band-Data traffic is usually generated by devices called modems. Correspondingly, the terms xe2x80x9cvoice-band-data trafficxe2x80x9d and xe2x80x9cmodem trafficxe2x80x9d are used interchangeably, and statements such as xe2x80x9cthe threat of modemsxe2x80x9d should be interpreted as the xe2x80x9cthreat of devices that facilitate the generation and communication of voice-band-dataxe2x80x9d.
xe2x80x9cAudible network signalingxe2x80x9d signals are carried on traditional telephone networks that carry voice, facsimile or VBD. Such signals are intended to inform listeners about network status or to convey information to network terminal equipment. Dial tone and busy signal are examples of audible network signaling.
xe2x80x9cNetwork Signalingxe2x80x9d is a general term for the collection of protocols and procedures used for communication of control signals within a telecommunications network. There are two main classes of network signaling: channel associated signaling (CAS) and common channel signaling (CCS). CAS encompasses protocols and procedures where the signaling is passed over the same channel as is used to carry the service user""s traffic. CCS encompasses protocols and procedures where the signaling and the service user""s traffic do not share the same communications channel.
Dual-Tone Multi-Frequency (DTMF) signals represent the xe2x80x9cdialed digitsxe2x80x9d of a phone number. DTMF signals are also used in some network signaling protocols to convey the calling number and called number to network terminal equipment. A typical example of the type of digital signal processing techniques that can be used for DTMF detection and classification can be found in U.S. Pat. No. 5,353,346.
End user enterprises have a need for placing restrictions on specific types of telecommunications service usage. For example, restrictions on the use of modems are needed to minimize the threat that unauthorized modems represent to computer security. Anyone using modems to dial in to a computer can gain relatively unfettered access to computer networks if the computer is connected to the network. The problem is that conventional data security measures, such as Internet firewalls, are bypassed by modems. A xe2x80x9chackerxe2x80x9d, i.e., any person seeking covert access to the computer network, will immediately resort to searching for modems once an Internet firewall is encountered.
Hackers are also aware that certain modems can be made to generate a xe2x80x9cflash-hookxe2x80x9d to the organization""s private branch exchange (PBX). PBXs are essentially telephone network switches located at the customer""s premises. Since about 1980 they have become commonplace in enterprises of more than about 50 people. This opens the door for the hacker to then dial another call (e.g. an overseas call), which originates from the enterprise, and as such is billed to the enterprise. A second example of the need for restricting telephone service usage is long-distance calling over fax machines. Without restrictions, employees can pick up the handset on the fax machine to originate unauthorized long distance calls. Finally, in some circumstances there is a need to restrict the number of lines occupied by VBD calls at a given time. This is useful for organizations such as universities, who face the risk of having their telecommunications facilities entirely consumed by VBD calls. People on campus can be stranded without the ability to call out even if there is an emergency.
Enterprises have a need for selecting from among a number of telecommunications service offerings based on the nature of the intended service usage. The telecommunications service offerings available to an enterprise may differ in terms of reliability, transmission delay, usage cost or other factors. The suitability of each such service offering depends on the nature of the intended usage. For example, interactive voice communication is noticeably degraded by transmission delays of as little as a few hundred milliseconds, whereas similar delays have no noticeable effect on facsimile or VBD. It is thus advantageous to use knowledge of the properties of the communications traffic in selection of the most suitable telecommunications service offering.
A device called the Faxcom device was described by Randall A. Law, Terrence W. Holm and Neil B. Cox in an article entitled xe2x80x9cReal-Time Multi-Channel Monitoring of Communications on a T1 Spanxe2x80x9d; published in the Proceedings of the 1991 IEEE Pacific Rim Conference on Communications, Computers and Signal Processing at pages 306 to 309, and is incorporated herein by reference. This FaxCom device was deployed by telecommunications service providers across Canada in 1990 to support a reduced-rate facsimile-and-VBD-only service called FaxCom. The FaxCom device imposes a voice message and terminates the call when voice is detected. The FaxCom device has been demonstrated and sold to various international telecommunications service providers since 1990, and it has been offered as a vehicle for implementing class-based billing, where customers are billed differently based on whether their calls are voice, facsimile or voice-band-data. The present invention differs in that it terminates the call or otherwise blocks communication when xe2x80x9cillegalxe2x80x9d traffic is detected, where xe2x80x9cillegalxe2x80x9d may be Voice, Facsimile, VBD or any combination thereof. The Faxcom device is ineffective for modem blocking. Moreover, the Faxcom device is used by telecommunications service providers whereas the present invention is intended for telecommunications service users.
Co-pending U.S. patent application Ser. No. 08/848431, filed May 8, 1997 by a common inventor is herein incorporated by reference. This Patent Application describes embodiments for use by telecommunications service providers for control of certain types of telecommunications signaling fraud, and for policing of specialized service offerings. The present invention differs in that it empowers users of telecommunications services to detect and mitigate patterns of service utilization that are deemed to be undesirable. Components for classifying telephone signals are disclosed in other patents such as U.S. Pat. Nos. 5,539,804, 4,809,272, 4,815,137, 4,815,136 and 4,720,862. However, none disclose comparable combination of signal property measurement and service use control.
Therefore, there is a need for a system and method to actively measure the properties of telecommunications traffic for the purpose of managing policies on the selection and usage of telecommunications services within an enterprise. Specifically, there is a need for separate service access policies for Voice, Facsimile and Modems, and for actively performing the necessary monitoring and policing to ensure compliance with these policies. xe2x80x9cNot-Modemxe2x80x9d lines are needed to block usage of unauthorized modems, thereby mitigating the associated threat to computer security. xe2x80x9cModem-onlyxe2x80x9d lines are needed to reduce the threat of long distance fraud through generation of a xe2x80x9cflash-hookxe2x80x9d from a modem: the call can be terminated as soon as the conversation starts. xe2x80x9cFax-onlyxe2x80x9d lines prevent Fax machines from being used for unauthorized long distance calls. Finally, the categorization of traffic as voice, facsimile and modem allows for strategic selection of telecommunications services to best match the intended usage.
The present invention allows end user enterprises to achieve specific objectives in the management and enforcement of policies related to the use of telecommunications services in a telecommunications network. It was conceived for use in connection with traditional telephone networks that carry voice, facsimile or voice-band-data (VBD) traffic, though it is not necessarily limited to such networks. It involves active measurement of the properties of traffic on a communications channel, and the use of such knowledge in the conditional performance of prescribed actions based on the traffic properties. The measured traffic properties include classification of the type of traffic, where the set of possible classes include zero or more classes selected from a group of general categories comprising Voice, Facsimile, Voice-Band-Data, DTMF, Audible Network Signaling, Facsimile Handshaking, Voice-Band-Data Handshaking, Silence and Unknown. The prescribed actions may also be conditional on one or more items selected from the group of items comprising the apparent on-hook and off-hook state of each side of said communications channel, the calling number, the called number, the side of the channel that originated the call, the side of the channel that is the dominant source of traffic for the call, the elapsed time since a call starts, and the time of day. The prescribed actions have the effect of blocking usage of telecommunications service by traffic with specified properties under specified conditions. The prescribed actions can be disabled to make it operative for collection of data on the degree of compliance with service usage policies. The prescribed actions can also involve selecting or configuring a downstream telecommunications service for carriage of traffic with the observed traffic properties.
According to the invention there is a Traffic Property Extractor and a Policy Management Enactor which combine to conditionally manage and enforce policies on telecommunications service usage based on the observed properties of traffic on a communications channel. Preferred embodiments also include a Signaling Monitor to extract information from network signaling so as to increase the set of possible conditions that can be defined in the service usage policies. The acquisition of network signaling information and the enactment of the prescribed actions may involve an external device, depending on the structure of the telecommunications device and the needs of the application.
There is provided a phone service control platform for establishing separate policies for Voice, Facsimile and Modem traffic over an enterprise""s telecommunications services, and for actively performing the necessary monitoring, policing and record generation to ensure compliance with these policies. The prescribed actions on detection of illegal activity may include imposition of a recorded voice message, blockage of traffic on the communications channel, forced call termination through intervention with network signaling, direct notification of security personnel or other actions.
The invention provides a superior means of minimizing the threat of unauthorized modems to computer security by blocking modem use on specified phone lines. The threat of long distance fraud through generation of a xe2x80x9cflash-hookxe2x80x9d from a modem can be mitigated by declaring all lines that are attached to authorized modems to be xe2x80x9cmodem-onlyxe2x80x9d lines: Illegal voice calls can then be terminated as soon as the conversation starts. Declaration of all lines connected to fax machines to be xe2x80x9cfax-onlyxe2x80x9d lines serves to block the threat of unauthorized long distance calls through facsimile machines. Finally, the categorization of traffic as voice, facsimile and VBD allows for strategic selection of telecommunications services to best match the intended usage.