US 20050185638 A1
Establishing a network connection. In one aspect, establishing a network connection includes: establishing a connection across a first communication network that carries audio signals; encoding a computer network address for a specified network different from the first network into an encoded network address and sending the encoded network address across the first network; and using said network address to establish a network connection on said second network. In one implementation, network connectivity functionality of a computer can be automatically accessed using telephone connectivity. Out-of-band signaling provides a spontaneous network collaboration capability by sending an Internet protocol (“IP”) address across a public switched telephone network (“PSTN”) connection.
25. A crossbar switch, comprising:
a switch including at least one analog input port, at least one digital input port, at least one analog output port, at least one digital output port, and a processor which generates digital signals based upon analog signals received at said at least one analog input port;
at least one analog input channel which receives an audio signal, where each analog input channel is coupled to a corresponding analog input port of the switch;
at least one digital input channel, where each digital input channel is coupled to a corresponding digital input port of the switch;
at least one analog output channel, where each analog output channel is coupled to a corresponding analog output port of the switch;
at least one digital output channel, where each digital output channel is coupled to a corresponding digital output port of the switch; and
a control element coupled to the switch,
where the control element is adapted to control which of the analog input ports, digital input ports, analog output ports, and digital output ports are active,
where an active input port sends a signal received at the input port from a coupled channel into the switch, and an active output port sends a signal from within the switch to a coupled channel, allowing a signal received at any input port of the switch to be sent to one or more channels coupled to corresponding output ports of the switch.
26. An audio crossbar switch, comprising a plurality of input ports, where one input port is coupled to an audio source;
a plurality of output ports, where one output port is coupled to a telephone network, and one output port is coupled to a computer network; and
a control element which physically connects at least one input port to at least one output port and can dynamically change which input port is coupled to which output port.
27. The audio crossbar switch of
28. The audio crossbar switch of
29. An audio crossbar switch, comprising:
an audio input port for receiving an audio signal;
a plurality of output ports, where one output port is coupled to a telephone network, one output port is coupled to a computer network, and one output port is coupled to a computer; and
a control element, where the control element is adapted to control and switch in real-time which one or more of the output ports the audio signal transmits the audio signal.
The present disclosure relates to simultaneous use of two separate networks, and the leveraging of connectivity on one network to create a logical connection on the second network.
An Internet protocol (“IP”) address is used alone, or in conjunction with software endpoints called ports, by applications and communication stacks to establish an Internet connection between two intelligent devices such as computers. The IP address for a computer can be static or assigned dynamically when the computer connects to an intranet or the Internet. A dynamic IP address can change each time the computer connects to an intranet or the Internet.
An IP connection is established after one of the computers discovers the other computer's IP and port addresses before establishing the IP connection. A computer can publish its IP and port addresses in a known location with a known IP address so that another computer can access the first computer's IP and port addresses. These known locations are sometimes referred to as “buddy lists”. This method of establishing an IP connection employs a pre-arranged agreement to establish the connection.
The present disclosure describes methods and apparatus for establishing a network connection. In one aspect, establishing a network connection includes: establishing a connection across a first communication network that carries audio signals; encoding a computer network address for a specified network different from the first network into an encoded network address and sending the encoded network address across the first network; and using said network address to establish a network connection on said second network. In one implementation, network connectivity functionality of a computer can be automatically accessed using telephone connectivity. Out-of-band signaling provides a spontaneous network collaboration capability by sending an Internet protocol (“IP”) address across a public switched telephone network (“PSTN”) connection.
In another aspect, Internet connectivity provides privacy across a telephone network through encryption including: establishing a connection across a voice communication network between a first party and a second party; establishing a connection across a computer network between the first party and the second party; transmitting an encryption key across the computer network so that both said first and second parties have said encryption key; encrypting an audio signal using the encryption key; and transmitting the encrypted audio signal across the voice telephone network.
In another aspect, Internet connectivity provides identity authentication of a party to a telephone connection including: establishing a connection across a voice communication network between a calling telephone and a receiving telephone; establishing a connection across a computer network between a calling computer and a receiving computer; and verifying that the calling computer is coupled to the calling telephone by sending a signal from the receiving telephone to the calling telephone across the voice communication network and sending the signal from the calling computer to the receiving computer across the computer network.
In another aspect, a crossbar switch provides dynamic allocation of audio input signals and output signals in a computer system and across a network or networks. The crossbar switch includes: a plurality of input ports, where one input port is coupled to an audio source; a plurality of output ports, where one output port is coupled to a telephone network, and one output port is coupled to a computer network; and a control element which physically s connects at least one input port to at least one output port and can dynamically change which input port is coupled to which output port. The switch can be implemented in hardware or software, or a combination of both.
Computers 105 and 115 are connected to a computer network 125. Computer network 125 can be an Internet protocol (“IP”) network, such as the global Internet or an intranet. In one implementation, computers 105 and 115 are connected to the Internet logically independent of the telephones' PSTN network connections, such as by a xDSL phone line, a cable modem connection, ISDN connection, Internet accessible LAN connection, or second POTS line.
Telephones 110 and 120 are connected to a communication network 130, e.g., a voice telephone network such as a public switched telephone network (“PSTN”, or plain old telephone service network, “POTS”) or a private branch exchange (“PBX”). The connections to telephone network 130 can be analog and/or digital, depending upon the nature of telephones 110 and 120 and any equipment such as PBXs which might be in the connection path.
Computers 105 and 115 can be used to augment the telephone communications by leveraging their connections to computer network 125 and telephone network 130. While users are talking across telephone network 130 using telephones 110 and 120, they can automatically (e.g., by using the computers to establish a computer network connection) and spontaneously (e.g., without pre-arrangement between the users) access functionality provided by applications running on computers 105 and 115 by utilizing computer network 125. By accessing both the telephone connection and the computer network connection, the users can work together (e.g., collaborate) across both connections.
Users can access spontaneous network collaboration during a telephone connection by sending a computer network address across the communication network 130 which is different than the computer network connection. This can be done, for example, by a touch tone Dual Tone Multi Frequency (DTMF) sequence, a modem sequence or by transmitting the data network address with the caller ID. The computer network address information is sent across a different network than the computer network and so is “out-of-band” relative to the computer network. In one implementation, the system used is automatic and done with reduced negotiation time faster than training sequences.
Training is an initial connection process a modem receiver uses to synchronize to a remote modem's transmit signal. Training may also occur during a connection usually to correct for extreme disruptions such as line outages or bursts of line noise. Training is actually the result of many interim tasks a modem performs to make a connection, such as automatic gain control adjustment, receiver timing acquisition, half-duplex equaliser convergence, echo cancellation convergence, full-duplex echo cancellation, equalizer convergence, and more. These tasks all occur during the initial handshake of the connection. During training, no data is transmitted, so from an application perspective it's lost time. A conventional fast train sequence can last about seven seconds.
The recipient uses this computer network address to establish a substantially simultaneous and related connection across computer network 125, e.g., via the Internet. This connection provides users with the ability to spontaneously access computer network connectivity and computer functionality, such as for a graphical link to access network collaboration software, simultaneously with a telephone connection. One example of collaboration software is a synchronized web browser, where one party's navigation of the web drives the navigation of the web of the other party. Another example is video conferencing, where the PSTN's ability to provide a high quality of service complements by video transmitted over the Internet. This technique provides benefits such as: lowered complexity of using a computer, software applications, and the Internet to enhance phone conversations through automatic connection, voice enabled computer collaboration without audio quality problems associated with Internet telephony, spontaneous connection without requiring a directory service to keep track of dynamic or unknown IP addresses.
Computers 105 and 115 can also be configured with crossbar switches (e.g., N×N switches) to dynamically allocate audio input ports and output ports during a telephone connection, as described below. A user can connect one or more input ports to one or more output ports and change these connections without terminating the telephone connection. The crossbar switches allow users to dynamically set up and tear down connections between input ports and output ports in real-time. This allows a single device to be used for multiple speech interactions, such as telephony over the PSTN, Internet telephony, web-to-phone communications established through a remote web site, and local or remote voice control of a computer. Application programs executing on a computer can monitor audio signals on a connected PSTN line or Internet telephonic connection. The switch can also provide a uniform audio interface for application vendors independent of devices and connection media.
Users can enhance privacy of communications across a telephone connection by using the computer to encrypt audio signals (e.g., electrical signals representing audible sounds) before transmission. Users establish a telephone connection and a computer network connection. A user at telephone 110 sends a secret key across computer network 125. The user then encrypts audio signals using computers 105 and sends the encrypted signals across telephone network 130. The recipient decrypts the signal using computer 115. This encryption provides cost-effective crypto-phone capabilities and enhanced security by utilizing, for example, computer processing power, computer security features such as random number generators, private/public key pairs, and hidden execution capabilities.
Users can also enhance telephone communications by authenticating the identity of a caller using computer network 125 and telephone network 130, in applications such as commercial transactions. Users establish a telephone connection and a computer network connection. A user at telephone 110 sends a secret key generated by 105 across telephone network 130 using a mechanism such as DTMF to a user at telephone 120. The user at telephone 120 returns the secret key across computer network 125. The computer at telephone 110 verifies that the received secret key is the same as the secret key originally sent. This verification confirms that telephone 120 is coupled to computer 115. The users can then use conventional digital certification techniques to verify the identity of computers 105 and 115. By verifying the connection between telephone 120 and computer 115, the user at telephone 110 can attribute to the user at telephone 120 the level of trust provided by the identification credentials stored on, or transmitted via computer 115. Mechanisms to ascertain the validity of the credentials can proceed using the Internet, as if the transaction were initiated on the computer using the Internet.
The configuration shown in
User A sends the encoded IP address to user B's computer 115 across the PSTN 130, through user B's phone 120, 220. User A can send the IP address in various ways. For example, the IP address can be sent using DTMF signaling over the same channel as the user information (e.g., speech) or digitally encoded and sent along with caller ID through the telephone signaling channel. User A sends the encoded IP address for a computer network connection across the telephone network connection, a separate network from the computer network, so the signaling is “out-of-band signaling.” In one implementation, a telephone can include a “SEND” button. When user A presses the SEND button, the telephone requests the IP address from the computer 105 through connection 107. The IP address can be provided in any format. The telephone then transmits the tones in a predetermined format such as hexadecimal encoding, using a mechanism such as DTMF encoding across the PSTN connection to user B's telephone.
An application program or agent executing on user B's computer detects the encoded IP address as the address. This is received at user B's telephone at 225. To facilitate this detection, the encoding can include a pre-defined flag to indicate an IP address. The agent decodes the IP address, 230. The agent establishes communications, such as by sending a network connection request, across the Internet using the decoded IP address for user A's computer to connect to user A's computer, 235.
Once the IP connection has been established, users A and B can continue to converse across the PSTN connection as well as run applications which utilize network connections. Examples of such applications include collaboration software, joint web browsing software, video, and network games.
Various alternative implementations are possible. For example, user A's telephone can send the encoded IP address for user A's computer as header information when the telephone connection is initially established, similar to information identifying user A's telephone (e.g., “caller ID”). When multiple users are connected across the PSTN, such as in a conference call, user A can cause the IP address for user A's computer to be sent to all or some of the users. These users can then select whether to establish an IP connection. User A can initiate the transmission of the IP address by executing an application which employs an IP connection, such as network collaboration software. Operations performed by the agent on user B's computer can alternatively be performed by an application program under the control of user B. Once the IP connection is established, the computers can open an Internet telephony connection and cause the PSTN connection to end.
A user at telephone 110 can route audio signals from telephone 110 through crossbar switch 310 to any one or more of its output ports: telephone network 130, computer 105, and computer network 125 through computer 105. The user can command crossbar switch 310 to change the routing dynamically, without terminating a telephone connection. Crossbar switch 310 can preserve the telephone connection by establishing a second network connection before terminating the original network connection. For example, in one implementation, when the user has established a telephone connection across telephone network 130 and commands crossbar switch 310 to switch to a telephone connection across computer network 125, after the computer network connection has been established as described above, crossbar switch 310 connects the ports corresponding to telephone 110 and computer network 130 while maintaining the connection between the ports corresponding to telephone 110 and telephone network 125. After connecting the ports for telephone 110 and computer network 125, crossbar switch 310 ends the connection between the ports for telephone 110 and telephone network 130. Crossbar switch 310 can also route information from computer 105 and telephone network 130 to telephone 110, using the configurable two-way nature of the input ports and output ports.
In one example of operation, crossbar switch 310 can be used to support encrypting a conversation being sent across telephone network 130. A user speaks into telephone 110 and crossbar switch 310 sends the audio signal to telephone network 130. The user then activates encryption so that computer 105 adjusts control element 330. When the user speaks, crossbar switch 310 routes the audio signal to computer 105. Computer 105 encrypts the audio signal and returns the encrypted signal to crossbar switch 310. Crossbar switch 310 sends the encrypted signal to telephone network 130. Alternatively, the encrypted signal can be sent across computer network 125. Encryption is also described below.
In another example, crossbar switch 310 provides a transparent real-time shift from a telephone network connection to a computer network connection. A user at telephone 110 establishes a connection across telephone network 130. Crossbar switch 310 routes audio signals from telephone 110 to telephone network 130. The user also establishes a computer network connection, such as by the process described above for spontaneous IP connections. When the user activates an IP telephony application program on computer 105, computer 105 causes crossbar switch 310 to route the audio signals from telephone 110 to computer 105, without interrupting the telephone conversation. This operation can occur simultaneously with a switching of the voice stream on the other side of the network.
User A then sends a secret key to user B across the IP connection, 420. The secret key is a cryptographic key for encrypting and decrypting information, such as a key for use with the data encryption standard (“DES”) cryptography method. In one implementation, the secret key is generated by security hardware built into user A's computer. User A can send the secret key to user B using a digital envelope constructed with a public key cryptography method, such as the Rivest-Shamir-Adleman (“RSA”) method. Thus, user A encrypts the secret key with user B's public key. User B decrypts the secret key using user B's private key. The cross bar switch is configured such that audio signals from the telephone is routed from the telephone to the computer.
Computer A encrypts the audio signal to be sent to user B using the secret key, 425. The encryption is transparent to user A. User A activates a security application program or agent and that agent encrypts audio signals received from user A's telephone. Computer A sends the encrypted signal to user B across the PSTN, 430. Computer B decrypts the encrypted signal using the secret key, 435. This decryption is also transparent to user B. User B activates a security application program or agent and that agent decrypts encrypted signals received at user B's telephone. An identical process can encrypt audio signals from User B to User A. Thus, once the secret key has been transferred across the IP connection, the users can converse across the PSTN connection while the computers encrypt and decrypt the users' audio signals.
To authenticate user B, user A verifies that the telephone that user B is using at the remote end of the telephone connection is coupled to the computer at the remote end of the IP connection, 520. User A verifies this telephone-computer connection by sending a secret key signal across the PSTN and receiving the same signal back from user B across the IP connection. One example of this verification is described below with respect to
User A compares the random number received over the Internet with the original random number sent over the PSTN, 620. If the Internet random number matches the original random number sent to user B, user A has verified that the telephone and computer of user B are coupled. This verification provides an additional level of security in transactions occurring across the PSTN. User A can verify that the caller has access to user B's computer using conventional digital certification. Using the technique described above, user A can also verify that the caller is using the telephone coupled to user B's computer. Authentication techniques continue to advance in fields such as biometrics. The ability to authenticate using a telephone connection provides a corresponding improvement in security.
The technique of the present disclosure may be implemented in hardware or software, or a combination of both. Portions of the technique can be implemented by means of a computer program executing on one or more programmable systems each comprising at least one processor, a data storage system (including volatile and non-volatile memory and/or storage elements), at least one input device, and at least one output device. Program code is applied to input data to perform the functions described herein and generate output information. The output information is applied to one or more output devices, in known fashion. The processor may comprise, for example, a general purpose processor or a digital signal processor (DSP).
Each program can be implemented in a high level procedural or object oriented programming language to communicate with a computer system although the invention is not limited in this respect. However, the programs can be implemented in assembly or machine language, if desired. In any case, the language may be a compiled or interpreted language.
Each such computer program can be stored on a storage media or device (e.g., ROM or magnetic diskette) readable by a general or special purpose programmable computer, for configuring and operating the computer when the storage media or device is read by the computer to perform the procedures described herein. The inventive system may also be considered to be implemented as a computer-readable storage medium, configured with a computer program, where the storage medium so configured causes a computer to operate in a specific and predefined manner to perform the functions described herein.
Various implementations have been described. However, these implementations are examples and are not limiting. For example, the order of operations of the processes described is illustrative and alternative orders are possible. Both computers need not be connected to the computer network when the telephone connection is initially established. The “user” on one side of the connection can be automated, such as when a user calls a computer-controlled interactive voice response system, allowing a user to enhance interaction with a remote computer with graphical content. The encoding of an IP address can be performed within the telephone. Numerous security, cryptography, and authentication techniques, implemented in hardware and software, are well known and can be used. The voice network can be any voice system, including cellular or the like. This technique also applies to protocols other than IP. Addresses transmitted may or may not include associated application identifiers such as ports. The addresses transmitted might not be for the computer engaged in the transaction, but for a proxy on the network associated with the computer. The random number used for verifying the connection between a computer and a telephone can be encrypted. The technique can be used to verify a connection between devices other than computers and telephones.