The present invention generally relates to the field of telecommunications and related systems. More particularly, the invention is directed to a method for initiating a security feature request at the beginning or during an active telephone call.
There are many instances when a telephone subscriber wishes to place a call with the assurance that the call will be secure and free from monitoring by unauthorized persons. This need for privacy is becoming more and more important as online services continue to proliferate. For example, many banks now offer their customers online banking services which can be conducted over the telephone using the telephone touch tone keypad.
While such services usually require a Personal Identification Number (PIN) as well as other identifying information, a skilled pirate can easily obtain this information by tapping into the telephone subscriber""s phone line. Using readily available equipment, the DTMF tones which customarily are used to enter identifying information at the beginning of an online banking session can be easily decoded. Similar piracy opportunities exist when credit card information is given over an unsecured telephone line.
The prior art is devoid of any effective way to prevent unauthorized reception of private information during a subscriber telephone call. This problem is of particular significance in IP telephony in comparison to telephone calls placed over the so-called xe2x80x98twisted-pairxe2x80x99. Security usually is not a major issue when using conventional telephone lines because the communication does not go over public or private networks which are outside of the control of the telephone company. All of the switching and transmission infrastructure of a conventional twisted-pair telephone system usually is owned by the telephone company and can be maintained in a secure manner.
On the other hand, IP telephony is necessarily conducted over public and private IP networks which are not under the control of a single authority. The very nature of the Internet prevents end-to-end control of the infrastructure by the same authority. Thus, security in IP networks is a major concern.
Currently, the Internet Protocol lacks the necessary features that allow users to select the required level of security that may be required to ensure privacy. Accordingly, there exists a need in the art to provide a method for secure IP telephony services. Ideally, the security features should be available to the subscriber on an as needed basis. Whether the subscriber chooses to implement a security feature will depend on the sensitivity of the information to be protected.
It is, of course, possible to implement a high level of security on the network on a permanent basis. In other words, the telephone network would always be in its most secure state. There are trade-offs, however, with taking this approach. Implementing a level of network security sufficient to accomplish the task results in additional loading of the network. Such loading may likely result in unacceptable delays which adversely affect the quality of the telephone call. It may not be possible, even with the use of faster and more expensive network equipment to completely eliminate the delay. Of course the use of more expensive equipment increases the cost of the telephone call.
Another factor which militates against always operating the network in its most secure state is the fact many countries have regulations which limit the export of encryption technology. Thus, IP telephone calls conducted across country borders must take into account such regulations. In many cases, these regulations would prevent strong encryption algorithms from being employed during inter-country IP telephone calls.
Accordingly, it is an objective of the present invention to obviate the above-noted shortcomings and disadvantages of present unsecured telephone services.
It is a still further objective of the present invention to provide a method of implementing a security feature in telephone services.
It is a still further objective of the present invention to provide a method for implementing a security feature in telephone services which can be readily implemented using existing communication networks.
The present invention provides a method for securing IP telephony calls over networks that have a shared media architecture. Such networks include, for example, hybrid fiber coaxial cable (HFC), Microwave Multi point Distribution Systems (MMDS) and Local Multi point Distribution Systems (LMDS).
The invention enables telephone subscribers to select one of a plurality of security levels that may be required to ensure privacy during a call. Since each level of security is based on a different encryption and authentication algorithm, the levels of security can be incrementally priced. Accordingly, selecting an algorithm which is deemed to be very secure can be billed to the subscriber at a higher rate than an algorithm that is deemed to be less secure. This cost differential to the subscriber can be justified because of the direct correlation between the algorithm""s sophistication, quality and cost.
Subscribers will also have the ability to vary the level of security in real-time. Thus, if a user is on a call and decides to change the security level of the call to ensure better security, the user can enter the appropriate DTMF sequence to change to the required security level.