The present invention relates to telecommunication in general and to user information handling in an exchange in particular.
Today more and more people use the possibility to connect their home computer to the employer""s intranet to be able to work from home. Often the companies provide their employee""s with user names and passwords, which make it possible to connect to the company""s intranet via the company""s private branch exchange, PBX (Private Branch Exchange). The connection is done so that the employee calls the exchange, by means of his home computer and a modem, enters his user name and password and after a check of these is permitted access or denied access to the intranet. The check is made, among other things in order to make sure that non-authorised persons do not access internal company information.
The international application PCT/SE98/00512 describes a device and a method for connecting a computer to a data network via an exchange. The exchange is equipped with a network connection device that sets up the connection between the computer and the data network. At the establishment of the connection, a network address, belonging to the network connection device, is associated with the computer, or more exactly with the telecommunication connection to which the computer is connected.
A technology that xe2x80x9cdoublesxe2x80x9d the telephone line has been developed in order for a person having a single telephone line to have his computer connected to a data network, via the telephone network, and simultaneously be able to use the service telephony. The technology is based on the technology to send speech signals, via the data connection, in packets, which follow the standard protocol TCP/IP, i. e. IP-telephony. The TCP/IP protocol is sometimes referred to as the Internet protocol and the data network, which from the beginning used this protocol, is called the Internet. It was originally developed to link computers together within the defence and the educational system in the USA, but has now grown to a global network. Since many intranets of companies and organisations are connected to the Internet, it is possible to consider the Internet as a network consisting of many linked intranets.
The service phone doubling, is as mentioned, the service that makes it possible for a subscriber to be connected, via his telephone line, to a data network and simultaneously receive or make phone calls. This service is employed by a subscriber by means of call forwarding calls to his telephone, according to prior art, to a telephone number associated with a particular telephony server. This telephony server stores information about which network address is associated with a computer of a particular user. Calls to and from the subscriber are handled by the telephony server, which has the ability to code and store speech signals in data packets according to the TCP/IP protocol and send these to the computer of the subscriber over the existing data connection. Thus, the user uses the computer in stead of the ordinary telephone. For this purpose, a telephony application must be run on the user""s computer. The telephony application handles inter alia the communication with the telephony server. The international application WO-A1-97/47 118 describes in detail how a subscriber is given the possibility to telephone during an ongoing Internet-session.
A company in which employee""s are allowed to work from home can use a Virtual Presence Server alongside the company exchange, as described in the international application WO-A1-97/18 622. The purpose of the Virtual Presence Server is to provide an employee with access to all the services, which he has access to at his office, also when he is at home.
Another solution for the company is to provide the company exchange with both a network connection device and telephony server to provide the employees with the possibility to connect to the intranet, via the exchange, and simultaneously, under an ongoing intranet session, have the possibility to receive calls to the office at home. The network connection device and the telephony server have each a data base for storing user related information. The operation and maintenance personnel of the exchange enter information about valid users in the respective data base, which then is used to allow or deny a user access to the use of the network connection device and the telephony server, respectively, with their two corresponding types of services: connection to the intranet via the exchange and doubled telephony. A user employing both types of services must at two occasions send information to the exchange, which then is stored in the data bases in the network connection device and in the telephony server. When connecting to the intranet, the user must first enter user name and password. The network connection device checks this information against the information about valid users that is stored in the data base of the network connection device. If the user name and the password are valid, information is stored, in relation to the user name in the user data base of the network connection device, about the timeslot which is used for the communication connection with the network connection device and a network address which is allocated to the user to set up the data connection to the intranet. When the telephony application is activated, the information about the user is stored in the user data base of the telephony server. The user must when activating the telephony application enter user name and password, which must be checked against the information which is stored in the user data base of the telephony server and be accepted as valid, for the activation of the service to be allowed. The telephone number, which shall be forwarded, and the network address employed for the data connection are stored in the user data base of the telephony server, in relation to the present user name, when the user name has been verified by the telephony server. Since a lot of information, which is stored in the databases of the network connection device and of the telephony server, is identical, much information is duplicated by this method.
A private branch exchange which is used to provide a user with the possibility to log in by his home computer; to the company""s intranet via the private branch exchange and to provide the users with the service doubled telephony, stores much information twice. The user information must be administered, which implies that a duplication of the user information in the exchange often leads to a duplication also of the administration of this information.
The network connection device is responsible for connecting users via the exchange to the intranet and a telephony server in the exchange is responsible for providing the service doubled telephony. Both the network connection device and the telephony server have user data bases comprising information about which users are allowed to use the respective service, which the network connection device and the telephony server provide, respectively. The operation and maintenance personnel of the exchange enter the information about valid users of the respective service. If a user has access to both of said services, the information about the user must be stored in both the data base of the network connection device and in the database of the telephony server, which implies that operation and maintenance personnel must enter the information about the user twice, one time in each of the two data bases.
A subscriber who wants to employ the two mentioned services; connection of his home computer to the intranet via the exchange and the service of doubled telephony is forced to go through access controls at two occasions. One occurs at the intranet connection and the other occurs at the activation of the service doubled telephony. At both controls, the user identity of the subscriber is checked. A valid user is permitted access to the intranet and the service, whereas a non-valid user is denied the same. After that the user is approved, the information about the user is stored in one of said user data bases. At the connection to the intranet, the information is stored in the user data base associated with the network connection device. At activation of the service doubled telephony, it is the user data base of the telephony server that stores information about the user. The information that is stored in the two user data bases is to a great extent the same.
Thus, a problem that exists with the technology and the method as described above, is that much of the information is duplicated in the exchange.
Another problem is that the administration of the user information becomes extensive. The operation and maintenance personnel must several times enter identical information twice and the subscriber is forced to go through two at least partly identical access controls when using the services connection to the intranet via the exchange and duplicated telephony. At the access controls, information entered by the user is checked against the information entered by the operation and maintenance personnel. It would be desirable with only one control.
The present invention solves the above mentioned problem by entering the user information, which the network connection device and the telephony server use, in a common data base, where it then is accessible to both units.
The operation and maintenance personnel enter information about the users of the services of the exchange in the common data base.
This information can comprise restrictions on a user""s rights to use any or both of the services doubled telephony and connection to the intranet over the exchange. From the data base, the telephony server is provided the user information that has become known in connection with the access control at the connection to the intranet. Since the identity of the user already has been verified in the access control to the intranet, a second access control and information collection during activation of the service doubled telephony is not necessary. The information already known about the identity of the user can be used for permitting or denying access to the service doubled telephony. The user information, which the telephony server uses, is obtained from the user information earlier stored in connection with the intranet connection.
According to a preferred embodiment of the invention, the network connection device and the telephony server are integrated. Then, they form a single unit having an associated user data base, into which user information is entered, which shall be compared to two user data bases required today. According to another embodiment of the invention, the data bases of the network connection device and of the telephony server are integrated with the user data base of the exchange. Thus, the invention reduces the amount of duplicated user information in the exchange.
The invention has the advantage that it makes the operation and maintenance more simple for the personnel, who do not have to enter the information several times and for the user who does not have to go through two access controls with entering of user identities and other requested information.
Yet another advantage is that the equipment of the exchange can be made simpler, having considerably reduced administration of the user information, in particular for the telephony server. The telephony server can be integrated with the network connection device.
Yet another advantage is that the duplicated information in the exchange is decreased. Depending on how the information is stored, the invention can imply a saving in memory and in execution time during storing of information.
The object of the invention is to simplify the methods for connection to a company""s intranet and the use of the service doubled telephony via a private branch exchange. The methods are simplified, from the user""s point of view as well as from the point of view of operation and maintenance personnel.
The object is further to simplify the equipment, which is required in an exchange for providing the services connection to a data network via the exchange and doubled telephony. The simplification in the exchange is particularly based on that the amount of duplicated information is decreased.