For many years the public switched telephone network was the only generally available medium for telecommunications. It was originally designed solely for voice communications; but because it was widely available, it became used for other types of communications such as data communications. In recent years, other types of telecommunication media have been deployed. If a telecommunication media is capable of carrying voice signals, it may be desirable to interface it with the public switched telephone network and use it to carry telephone calls.
Two telecommunication media that have proliferated in recent years are the Internet and the networks used for cable television. Cable television networks often use coaxial cable to carry broadband radio frequency signals between a hub and a number of customer homes, and optical fibers to carry optical signals between the hub and a “head end”; these networks are sometimes referred to as broadband networks or “hybrid fiber coax” (HFC) networks. These networks have been equipped with the capability of upstream and downstream digital data communications to facilitate remote programming and control of customer cable boxes, customer selection of programming, and the like. Cable television providers have begun to adapt their networks so that their customers can access the Internet through a cable modem connected to the coaxial cable that brings cable television signals to the customers. As will be described more fully with respect to FIG. 1, prior art systems for providing Internet access through a cable television network include a cable modem (or “CM”) at the customer's premises that interfaces data processing equipment, such as a computer, to the cable television coaxial cable. A device typically located at a cable head-end sends signals to and receives signals from digital data signals with a number of cable modems and interfaces such signals to an Internet Protocol (IP) network. That device may be referred to as a “Cable Modem Termination System” or “CMTS”; if provided with router functionality, such a device may be referred to as a Cable Modem Termination System/Edge Router or “CMTS/ER”. A cable company's HFC network may include a number of CMTS/ERs, each of which serves a different group of customers.
Systems have also been developed to enable telephone handsets or other telephony devices at a customer's premises to be connected via the HFC network to the public switched telephone network so that telephone calls can be made using the HFC network instead of using the twisted-pair customer loops provided by a local telephone company. One way to accomplish this is to carry the voice over IP packets between a “Broadband Telephony Interface” or “BTI” and the CMTS/ER, then to convert the packets to a TDM bit stream that interfaces to a class 5 switch via a GR-303 interface.
As will be described more fully with respect to FIG. 1, cable telephony systems include a device at the customer's premises that interfaces voice equipment, such as a telephone handset, to the cable television coaxial cable and implements the processing and signaling functions required for telephony over the cable; this device may be referred to as a “Broadband Telephony Interface” or “BTI”. In order to connect telephony signals in the HFC network to the public switched telephone network, a device that may be referred to as an “Internet Protocol Digital Terminal” or “IPDT” may be connected to the IP network (to send signals to and receive signals from a CMTS/ER) and to a telephone company's Local Digital Switch (or “LDS”), a local Class 5 switch.
An important aspect of implementing telephony over a packet data network is Quality of Service, or QoS. Voice calls take place in real time; and when setting them up and conducting them, enough bandwidth on the network must be made available to the call to permit conversations to take place with substantially the same speech quality and immediacy that the public switched telephone network provides. Bandwidth is allocated and reserved in a network by QoS signaling; and if done on a per-call basis, it is referred to as Dynamic Quality of Service, or DQoS, and is implemented by DQoS signaling.
As will be described more fully with respect to FIG. 2, the existing systems of DQoS signaling used to set up calls in prior art cable telephony systems have several drawbacks. One drawback is the necessity for the IPDT, upon receipt of a call intended for a cable-telephony customer, to determine which CMTS/ER services that customer so that call setup signaling messages can be sent to the proper CMTS/ER. This requires providing a database that can be accessed and imposes on each call the burden of performing a database access, which is typically performed by the IPDT. This aspect of the prior art system also poses problems in keeping the database current, because the assignment of customers to particular CMTS/ERs may be changed from time to time to optimize the network. Another drawback of prior art systems is the number of signaling messages that must be transmitted among network devices for call setup; these signaling messages impose a burden on network resources and introduce additional call setup delay. In order to avoid these drawbacks, prior art signaling systems may omit DQoS signaling and simply grant service whenever it is requested, but systems that omit DQoS signaling are vulnerable to denial-of-service attacks, which fraudulently tie up extensive network resources and make them unavailable to legitimate paying customers.
It is therefore a general object of the present invention to provide a telephony system that avoids the aforementioned drawbacks of the prior art. More particularly, the present invention is intended to provide the network security of DQoS signaling while providing simplified and shorter call setup with respect to the DQoS signaling systems of prior art cable telephony systems.
BRIEF SUMMARY OF THE INVENTION
In accordance with the present invention, in a cable telephony system, during call setup an IPDT sends a signaling message to the BTI that services the telephony device involved in the call. This signaling message includes an encrypted DQoS signaling message intended for the CMTS/ER. The BTI encapsulates the encrypted DQoS signaling message in a signaling message it sends to the CMTS/ER to request network resources for the call. The CMTS/ER is provided with a decryption key and attempts to decrypt the DQoS signaling message it receives from the BTI. Further call setup is dependent upon the results of the decryption attempt. As will be explained more fully after a more detailed description of the invention, these features provide security against denial-of-service attacks by making it difficult for a hacker or a hacked device to acquire and tie up network resources, and they enable a simplified system of signaling that reduces call setup delay and the network resources required for call setup compared to existing DQoS signaling systems.
These and other objects and features of the present invention are set forth in greater detail in the following description and the drawings.