The present invention relates to a company intranet and in particular to a method for dealing with visitors.
Prior art office-based communications systems usually operate conventional fixed-line telephone units linked via an internal switchboard or PBX (private branch exchange.) Such fixed-line systems are able to provide relatively high voice quality. However, user mobility is severely impaired. It is also known to connect a base unit for a cordless system such as DECT to the internal PBX. This allows users to use cordless handsets in the office, but the server handsets (unless they are equipped with a dual-mode capability) can not be used outside the local cordless coverage area.
The improvement of digital cellular telephone technologies means that cellular telephone systems can now provide equivalent, if not higher, voice quality than fixed-line systems. Mobile systems also allow greater freedom of movement for the user within the office than do fixed-line systems. However, there can often be difficulties in receiving cellular telephone signals in an office.
RCP (Rich Call Platform) is a proprietary communications system developed by the applicants which introduces the concept of utilising mobile telephone units, such as conventional GSM mobile stations, in an office environment. The system preferably makes use of a known concept called Internet Telephony or Voice-over-IP (Internet Protocol).
Voice-over-IP is a technology which allows sound information to be transmitted over existing IP-based Local or Wide Area Networks or the Internet. In a similar way, data and video information can be encoded so as to be capable of transmission over the same networks. The technology thus provides for convergence and integration of three different media types over the same network.
Prior to the advent of Voice-over-IP, offices often operated three separate networks for the transmission of these media types. As indicated above, fixed-line telephone systems coupled to an in-house PBX provided for voice communication, an office-based LAN or Intranet (i.e. a packet-switched internal network), normally comprising computer terminals linked via network cards and under the control of a server station, provided for the transmission of xe2x80x9cconventionalxe2x80x9d computer data, and video cameras linked to monitors via fixed line or remote transmission link provided for video communication.
Voice-over-IP effectively combines these three media types such that they can be transmitted simultaneously on the same packet-switched intranet network or IP-routed throughout the office environment and, using an external network such as the internet, beyond the confines of the office.
In order to provide for such media convergence, Voice-over-IP often uses a specific ITU (International Telecommunication Union) standard protocol to control the media flow over the Intranet. One common standard protocol used in Voice-over-IP systems, and the one used in the RCP system, is termed H.323.
H.323 is an ITU standard for multimedia communications (voice, video and data) and allows multimedia streaming over conventional packet-switched networks. The protocol provides for call control, multimedia management and bandwidth management for both point-to-point (2 end-users) and multipoint (3 or more end-users) conferences. H.323 also supports standard video and audio codecs (compression/decompression methods such as MPEG) and supports data sharing via the T.120 standard.
Furthermore, H.323 is network, platform and application independent allowing any H.323 compliant terminal to operate in conjunction with any other terminal. The H.323 standard defines the use of three further command and control protocols:
a) H.245 for call control;
b) Q.931 for call signalling; and
c) The RAS (Registrations, Admissions and Status) signalling function.
The H.245 control channel is responsible for control messages governing the operation of the H.323 terminal including capability exchanges, commands and indications. Q.931 is used to set up a connection between two terminals. RAS governs registration, admission and bandwidth functions between endpoints and Mobile Telephone Server (defined later).
For an H.323 based communication system, the standard defines four major components:
1. Terminal
2. Gateway
3. Mobile Telephone Server
4. Multipoint Control Unit (MCU)
Terminals are the user end-points on the network, e.g. a telephone or fax unit or a computer terminal. All H.323 compliant terminals must support voice communications, but video and data support is optional.
Gateways connect H.323 networks to other networks or protocols. For an entirely internal communications network i.e. with no external call facility, gateways are not required.
Mobile Telephone Servers are the control centre of the Voice-over-IP network. It is under the control of a Mobile Telephone Server that most transactions (communication between two terminals) are established. Primary functions of the Mobile Telephone Server are address translation, bandwidth management and call control to limit the number of simultaneous H.323 connections and the total bandwidth used by those connections. An H.323 xe2x80x9czonexe2x80x9d is defined as the collection of all terminals, gateways and multipoint-control units (MCUxe2x80x94defined below) which are managed by a single Mobile Telephone Server.
Multipoint Control Units (MCU) support communications between three or more terminals. The MCU comprises a multipoint controller (MC) which performs H.245 negotiations between all terminals to determine common audio and video processing capabilities, and a multipoint processor (MP) which routes audio, video and data streams between terminals.
The conventional Voice-over-IP system described herein above normally utilises standard fixed-line telephone systems which are subject to the disadvantages outlined above, namely the lack of mobility and the lack of user commands.
The RCP concept takes Voice-over-IP further in that it provides for the use of conventional mobile telephone units, such as GSM mobile stations, within the Voice-over-IP system. To provide for such mobile communications within an intra-office communication network, RCP combines known Voice-over-IP, as described above, with conventional GSM-based mobile systems.
GSM base stations are provided to give coverage within the office, and are connected to the company""s intranet. Intra-office calls to or from cellular telephones in the office are routed through the office intranet and extra-office calls are routed conventionally through the GSM network. Such a system provides most or all of the features supported by the mobile station and the network such as telephone directories, short messaging, multiparty services, data calls, call barring, call forwarding etc. RCP, therefore, provides for integrated voice, video and data communications by interfacing an H.323-based voice-over-IP network with a GSM mobile network.
The RCP system is a cellular network, similar to the conventional GSM network and is divided into H.323 Zones as described above. One H.323 Zone may comprise a number of cells. Two or more H.323 zones may be contained within an administrative domain. The allocation of H.323 zones to an administrative domain is an issue primarily concerning billing and is therefore not relevant to this invention.
A company RCP may be physically located in two or more separate office sites. These sites may reside in two different countries in areas managed by two or more different GSM operators. They may also reside in different regions of a country, in which two different GSM operators would be competing for customers.
It would be desirable to provide a method of allowing subscribers to use the internal site network when visiting different sites belonging to the same company and to make calls from their own site to other company sites which are routed over the company RCP system, and without being routed outside the company""s own network.
It would be desirable to have a method for controlling access to the RCP network (or another like network), that would be configurable to allow or disallow visitors to use the network for signalling and calls outside the RCP system at any particular time.
According to one aspect of the present invention, there is provided an access control system for controlling access by wireless terminals to a wireless telecommunications network, the access control system comprising: a database storing the identities of a set of wireless terminals belonging to the telecommunications network; a configurable store for storing a supplementary access value indicative of whether terminals that do not belong to the telecommunications network may access the network; and an access control unit for receiving an access request message indicating the identity of a wireless terminal and in response to that message accessing the database and/or the store to permit access to the wireless telecommunications network by the wireless terminal if:
a. the identity of the wireless terminal is present in the database; or
b. the supplementary access value indicates that terminals that do not belong to the telecommunications network may access the network.
According to a second aspect of the present invention there is provided a method for controlling access by wireless terminals to a wireless telecommunications network having a database storing the identities of a set of wireless terminals belonging to the telecommunications network and a configurable store for storing a supplementary access value indicative of whether terminals that do not belong to the telecommunications network may access the network; the method comprising: receiving an access request message indicating the identity of a wireless terminal; accessing the database to determine whether the identity of the wireless terminal is present in the database and/or accessing the supplementary access value to determine whether it indicates that terminals that do not belong to the telecommunications network may access the network; and if:
a. the identity of the wireless terminal is present in the database; or
b. the supplementary access value indicates that terminals that do not belong to the telecommunications network may access the network; transmitting a message to permit the wireless terminal access to the wireless telecommunications network.
The access control unit may suitably be configured to permit or deny access to the network by means of transmitting a permission or denial message. That message may, for example, be transmitted to the terminal itself or to another network. That other network may be a network which the terminal currently is permitted to access.
The access request message may be a location update request. The access control unit suitably replies to such a location update request by transmitting a location update response. Where access is to be denied the message may be a location update reject message, preferably (where this is provided for) with a value indicative of location access not being allowed.
If:
a. the identity of the wireless terminal is not present in the database; and
b. the supplementary access value indicates that terminals that do not belong to the telecommunications network may not access the said network; then the access control unit suitably denies access by the terminal to the network.
One or other or both of the networks may be operable according to the GSM standard or a derivative thereof. The said network is suitably a localised network, preferably one employing an intranet or other packet-based communications system for at least some traffic communications. The said network is suitably under the control of an operator of the other network. One or both of the networks may be cellular telephone systems. The said identities may be provided as any suitable identifier. In a GSM system, or in certain other systems derived from the GSM standard, the identities may be IMSIs. In other networks the equivalent level of identification is preferably used.
The wireless telecommunications network could be a data network.
The access control unit need not be the only unit that has control over access to the said network. The access control unit could itself be under the control of another unit (e.g. a unit at the other network) or could share control with such a unit.