Abstract: A system and method for uniquely identifying an SIP device extends the SIP communications protocol with an end point identifier, carried for example in the header of an SIP transmission. The end point identifier is useful for routing, registration, subscription, and authentication. The end point (device) of a given user epid can be uniquely identified by creating a key from an epid and a user's address-of-record (URI). This in turn enables improved connection management and security association management when the connections/IP addresses are transient, such as when HTTPS tunneling is used.

Abstract: Handling an incoming call from a caller to a user includes prompting a caller to record a message to the user and sending a special command to a user communication device indicting that the incoming call is available for screening and retrieving. In response to the user indicating a desire to screen the incoming call, the user listens to the message while the caller is leaving the message. In response to the user indicating a desire to retrieve the incoming call, the call is transferred to the user communication device. In response to the user indicating a desire to screen the call, an incoming media stream from the incoming call may be forked so that the message is being recorded while the user is listening to the message at the user communication device.

Abstract: The claimed subject matter provides a system and/or a method that facilitates enhancing connectivity associated with data communications. An interface can receive a portion of communication state data, wherein the communication state data is related to at least one of a data communication mode and a user context state. A routing component can evaluate the portion of communication state data to identify an optimized data communication mode, wherein the optimized data communication mode is dynamically linked to a virtual contact identifier. Moreover, the routing component can automatically and seamlessly employ an optimized communication session utilizing the dynamically identified optimized data communication mode based upon an activation of the virtual contact identifier.

Abstract: Stateless human detection for real-time systems allows a real-time message system to challenge incoming messages suspected of being generated by an automated application. When a suspect message is detected, a challenge is presented to a sender of the message. The challenge is designed to require human intervention to provide a correct answer to the challenge. A challenge packet is sent with the challenge and includes a challenge answer and, possibly, a server identifier, a challenge identifier and/or a time stamp that can be used to prevent attacks on the challenge. The challenge packet is encrypted so that the sender cannot access the contents thereof. When the sender provides a response to the challenge, the sender returns the challenge packet. The challenge packet is decrypted and the challenge answer is compared to a sender answer. If the answers match, the sender is allowed subsequent access to the messaging system.

Abstract: Stateless human detection for real-time systems allows a real-time message system to challenge incoming messages suspected of being generated by an automated application. When a suspect message is detected, a challenge is presented to a sender of the message. The challenge is designed to require human intervention to provide a correct answer to the challenge. A challenge packet is sent with the challenge and includes a challenge answer and, possibly, a server identifier, a challenge identifier and/or a time stamp that can be used to prevent attacks on the challenge. The challenge packet is encrypted so that the sender cannot access the contents thereof. When the sender provides a response to the challenge, the sender returns the challenge packet. The challenge packet is decrypted and the challenge answer is compared to a sender answer. If the answers match, the sender is allowed subsequent access to the messaging system.

Abstract: End-to-end authentication capability based on public-key certificates is combined with the Session Initiation Protocol (SIP) to allow a SIP node that receives a SIP request message to authenticate the sender of request. The SIP request message is sent with a digital signature generated with a private key of the sender and may include a certificate of the sender. The SIP request message my also be encrypted with a public key of the recipient. After receiving the SIP request, the receiving SIP node obtains a certificate of the sender and authenticates the sender based on the digital signature. The digital signature may be included in an Authorization header of the SIP request, or in a multipart message body constructed according to the S/MIME standard.

Abstract: Handling an incoming call from a caller to a user includes prompting a caller to record a message to the user and sending a special command to a user communication device indicting that the incoming call is available for screening and retrieving. In response to the user indicating a desire to screen the incoming call, the user listens to the message while the caller is leaving the message. In response to the user indicating a desire to retrieve the incoming call, the call is transferred to the user communication device. In response to the user indicating a desire to screen the call, an incoming media stream from the incoming call may be forked so that the message is being recorded while the user is listening to the message at the user communication device.

Abstract: Handling an incoming call from a caller to a user includes prompting a caller to record a message to the user and sending a special command to a user communication device indicting that the incoming call is available for screening and retrieving. In response to the user indicating a desire to screen the incoming call, the user listens to the message while the caller is leaving the message. In response to the user indicating a desire to retrieve the incoming call, the call is transferred to the user communication device. In response to the user indicating a desire to screen the call, an incoming media stream from the incoming call may be forked so that the message is being recorded while the user is listening to the message at the user communication device.

Abstract: Open federation security techniques with rate limits are described. An apparatus may include a network interface operative to communicate messages, and a secure open federation (SOF) module operative to manage a message rate between multiple federated networks. The SOF module may comprise a peer authentication module operative to determine whether a peer making the message is an untrusted peer. The SOF module may comprise a peer rate tracking module operative to retrieve a message rate value and a message rate limit value associated with the untrusted peer, and compare the message rate value with the message rate limit value to form a threat status indicator value. The SOF module may comprise a peer authorization module operative to authorize communication of the message based on the threat status indicator value. Other embodiments are described and claimed.

Abstract: A system and method for uniquely identifying an SIP device extends the SIP communications protocol with an end point identifier, carried for example in the header of an SIP transmission. The end point identifier is useful for routing, registration, subscription, and authentication. The end point (device) of a given user epid can be uniquely identified by creating a key from an epid and a user's address-of-record (URI). This in turn enables improved connection management and security association management when the connections/IP addresses are transient, such as when HTTPS tunneling is used.

Abstract: Techniques to protect from open enhanced federation user enumeration are described. An apparatus may include a network interface operative to establish connections. The access edge server may further include an open enhanced federation (OEF) module communicatively coupled to the network interface. The OEF module may be operative to manage connections between multiple federated networks. In one embodiment, for example, the OEF module may comprise a peer authentication module operative to determine whether a peer making the request is an untrusted peer domain. The OEF module may further comprise a peer tracking module operative to retrieve a total request number and a total limit number associated with the untrusted peer, and compare the total request number with the total limit number to form a threat status indicator value. The OEF module may also comprise a peer authorization module operative to authorize the request based on the threat status indicator value. Other embodiments are described and claimed.

Abstract: Stateless human detection for real-time systems allows a real-time message system to challenge incoming messages suspected of being generated by an automated application. When a suspect message is detected, a challenge is presented to a sender of the message. The challenge is designed to require human intervention to provide a correct answer to the challenge. A challenge packet is sent with the challenge and includes a challenge answer and, possibly, a server identifier, a challenge identifier and/or a time stamp that can be used to prevent attacks on the challenge. The challenge packet is encrypted so that the sender cannot access the contents thereof. When the sender provides a response to the challenge, the sender returns the challenge packet. The challenge packet is decrypted and the challenge answer is compared to a sender answer. If the answers match, the sender is allowed subsequent access to the messaging system.

Abstract: Stateless human detection for real-time systems allows a real-time message system to challenge incoming messages suspected of being generated by an automated application. When a suspect message is detected, a challenge is presented to a sender of the message. The challenge is designed to require human intervention to provide a correct answer to the challenge. A challenge packet is sent with the challenge and includes a challenge answer and, possibly, a server identifier, a challenge identifier and/or a time stamp that can be used to prevent attacks on the challenge. The challenge packet is encrypted so that the sender cannot access the contents thereof. When the sender provides a response to the challenge, the sender returns the challenge packet. The challenge packet is decrypted and the challenge answer is compared to a sender answer. If the answers match, the sender is allowed subsequent access to the messaging system.

Abstract: End-to-end authentication capability based on public-key certificates is combined with the Session Initiation Protocol (SIP) to allow a SIP node that receives a SIP request message to authenticate the sender of request. The SIP request message is sent with a digital signature generated with a private key of the sender and may include a certificate of the sender. The SIP request message my also be encrypted with a public key of the recipient. After receiving the SIP request, the receiving SIP node obtains a certificate of the sender and authenticates the sender based on the digital signature. The digital signature may be included in an Authorization header of the SIP request, or in a multipart message body constructed according to the S/MIME standard.

Abstract: Stateless human detection for real-time systems allows a real-time message system to challenge incoming messages suspected of being generated by an automated application. When a suspect message is detected, a challenge is presented to a sender of the message. The challenge is designed to require human intervention to provide a correct answer to the challenge. A challenge packet is sent with the challenge and includes a challenge answer and, possibly, a server identifier, a challenge identifier and/or a time stamp that can be used to prevent attacks on the challenge. The challenge packet is encrypted so that the sender cannot access the contents thereof. When the sender provides a response to the challenge, the sender returns the challenge packet. The challenge packet is decrypted and the challenge answer is compared to a sender answer. If the answers match, the sender is allowed subsequent access to the messaging system.

Abstract: A system and method for uniquely identifying an SIP device extends the SIP communications protocol with an end point identifier, carried for example in the header of an SIP transmission. The end point identifier is useful for routing, registration, subscription, and authentication. The end point (device) of a given user epid can be uniquely identified by creating a key from an epid and a user's address-of-record (URI). This in turn enables improved connection management and security association management when the connections/IP addresses are transient, such as when HTTPS tunneling is used.

Abstract: A method and system for aggregating presence information generated by multiple devices associated with a single user is presented. A server acting as a presence agent on behalf of a first user and the first user's computing device receives and responds to a subscription request generated by a computing device operated by a second user that wishes to be permitted as a watcher of the first user. If the server is not capable of acting as a presence agent, then the first user's computing device assumes the role of a presence agent.

Abstract: A system and method for uniquely identifying an SIP device extends the SIP communications protocol with an end point identifier, carried for example in the header of an SIP transmission. The end point identifier is useful for routing, registration, subscription, and authentication. The end point (device) of a given user epid can be uniquely identified by creating a key from an epid and a user's address-of-record (URI). This in turn enables improved connection management and security association management when the connections/IP addresses are transient, such as when HTTPS tunneling is used.

Abstract: A system for detecting and communicating the presence of one or more computing devices is presented. The invention also presents a method and system for aggregating presence information generated by multiple devices associated with a single user. A server acting as a presence agent on behalf of a first user receives and responds to a subscription request generated by a computing device operated by a second wishing to be permitted as a watcher of the first user. When the second user corresponds to access preferences of the first user, a notify message is sent to the second user's device that includes presence information indicative of an activity level and availability level associated with the first user. When the first user employs multiple computing devices, the server generates an aggregate presence document that is representative of the overall presence of the first user.

Abstract: A system and method for uniquely identifying an SIP device extends the SIP communications protocol with an end point identifier, carried for example in the header of an SIP transmission. The end point identifier is useful for routing, registration, subscription, and authentication. The end point (device) of a given user epid can be uniquely identified by creating a key from an epid and a user's address-of-record (URI). This in turn enables improved connection management and security association management when the connections/IP addresses are transient, such as when HTTPS tunneling is used.