Abstract: A flexible, efficient and easy-to-use computer security management system effectively evaluates and responds to informational risks on a wide variety of computing platforms and in a rapidly changing network environment. An individual computer system dynamically monitors its end user, without regard to network connectivity, in order to calculate a risk score and to ensure that the end user's behavior does not put corporate information or other assets at risk. Data regarding such risks and responses are analyzed and stored in real-time.

Abstract: Caller Control of Internet Call Waiting (ICW) Services are provided to disconnect a data connection and to prevent establishment of a subsequent data connection. An incoming communication to a called number is received and includes an interrupt code to disconnect a data connection associated with the called number. If the interrupt code is valid, the data connection is disconnected, and a subsequent data connection is prevented until an authorization code is received that permits enablement of the subsequent data connection.

Abstract: Data traffic between a mobile radio network and an IMS network is secured by first authenticating a mobile subscriber in the mobile radio network and in the IMS network. Next, an examination is carried out to check whether the identity of the mobile subscriber authenticated in the IMS network corresponds to the identity of the subscriber authenticated in the mobile radio network. If so, a confirmation message is sent from the IMS network to the mobile subscriber in the even of corresponding identities and a data exchange is carried out between the mobile subscriber and the IMS network by a security protocol protected by a common key derived from the confirmation message.

Abstract: Systems and methods for unified messaging are described herein. In an embodiment, a repository server includes a message store. According to one method implemented by the repository server, a voice message is sent as part of an email message. In an embodiment, preprocessing is performed before sending the email, including but not limited to inserting information, data, links, voice mail audio files, and voice mail transcriptions in the email. A copy of the preprocessed email is stored in the message store with an authentication key. The authentication key is used, for example by a recipient of the email, to access voice mail audio files that may not be accessible on the recipient's device.

Abstract: A telephony system that accepts inputs, such as account codes, from a variety of devices and interfaces. The system includes a server with a telephony management software (TMS) unit, a telephony application programming interface (TAPI) unit, and an application unit. The application unit includes a control module, a call status module, an endpoint interface module, a storage interface module, a call transfer module, a TAPI interface module, a configuration module, and an extension library module. A server is capable of prompting several devices for an input and then accepting an input from any of the devices. Thus, a server enables a user to initiate a phone call on one device and then input information using a different device.

Abstract: To evaluate the use of services accessible from a user terminal via a telecommunication network, an authentication sever authenticates the user of the terminal and transmits identifiers of the services to a control device to authorize the user terminal to access the services. In response to the service identifiers triggering an opening of control sessions for accessible services from the user terminal, an evaluation module evaluates the data traffics exchanged between the user terminal and service servers dispensing the services accessible in traffic accounts, and transmits to a management server, service control messages each including a service identifier and a traffic account relating to an accessible service after the closure of control sessions relating to the services.

Abstract: A system and method of telephony resource management and security for monitoring and/or controlling and logging access between an enterprise's end-user stations and their respective circuits into the public switched telephone network (PSTN). One or more rules are defined which specify actions to be taken based upon at least one attribute of a call. Calls are detected and sensed to determine attributes associated with each call. Actions are then performed on selected calls based upon their attributes in accordance with the defined rules.

Abstract: A shared multi-user IP telephone device for receiving, based on SIP, calls transmitted over VoIP network, a system using such a device and method thereof. The shared multi-user IP telephone device includes a storage device for storing user profiles, an ID extraction portion for receiving from the VoIP network a SIP packet including at least the callee's ID, and extracting the ID contained in the SIP packet, and a personalized feature presentation portion for searching in the storage device for the user profile corresponding to the ID according to the extracted ID for presenting the corresponding personalized feature according to the search result. Thus it is possible for everyone using such a phone to receive directly the call for him/herself without anyone else or other device forwarding the call.

Abstract: A method and apparatus for real-time insertion of services into an IP telephony call session are disclosed. A client initiates a service request message to a second server. The service request message includes the client identity and a requested service available from a second server. The first server determines if the client is authorized to use the requested service. If the client is authorized to use the requested service, the second server delivers the requested service to the client.

Abstract: This invention improves the intelligence of chip cards (SIM) in mobile radiotelephone terminals, so that a subscriber may, through the terminal, easily access databases (DB), attached to a server of services (SV). It facilitates the dialog between a subscriber who owns a mobile radiotelephone terminal and a server of services through the medium of an exchange of request and response messages. The card comprises a browser (NV) which interacts with the server and which can be triggered by selection in the mobile terminal or remotely by the server. The card and the server exchange short messages. Libraries of supplementary functions (BI), stored in the card, can be triggered by the server through the browser. The invention also relates to communications between the card that is equipped with the browser and the server.

Abstract: A method and system for authenticating a user for conduct of a transaction initiated by the user via a data-enabled telephone is presented. Efficient use is made of keystrokes on the data-enabled telephone. The data-enabled telephone is capable of initiating telephone calls over a telephone network and of engaging in two-way data communication with a data server in a network and the server enables conduct of the transaction. Caller identification information is received at the server. The information is associated with a telephone call request initiated by the user via the data-enabled telephone to a service number. The caller identification provides basis for authentication of the user and the caller identification information received at the service number is used to address a message to the user. Included in such a message is a logon key for use by the user in accomplishing the transaction. Thus the user can use the logon key to enter into data communication with the server for conduct of the transaction.

Abstract: A telecommunication station set such as an IP phone is configured based on proximity of a user. Proximity of the user relative to the station set can be determined using RF-ID, UWB, GPS, direct user input, contextual information or other technology. For example, the user may carry a badge equipped with an RF-ID tag. The RF-ID tag is operative in response to an RF-ID reader associated with the phone, when in close proximity, to signal user ID and password, which may be encrypted. The user ID and password are sent to a SIP server, which authenticates the user and retrieves user-specific configuration details which are returned to the IP phone. The IP phone configures itself with the user-specific parameters. If the user moves away from the phone, as determined by the RF-ID tag being out of range of the reader, the IP phone de-configures itself.

Abstract: A computer-implemented system and method for the deployment of automatically configuring network communication endpoints is disclosed. At least one logical profile is stored in a plurality of configuration files resident on a network. The logical profile includes configuration information as well as an extension from a communication distribution system which a device should serve. Upon connection to the network and input of configuration information corresponding to a pre-existing logical profile, the device automatically configures itself for use, reboots, and is operational in the desired form.

Abstract: A method of authenticating an authorized entity via the telephone network is disclosed. A telephone call is placed from a telecommunications terminal to a server that comprises a valuable resource and that only provides the resource to authorized entities. When the terminal has already demonstrated its authorization to the server, the server indicates to the terminal that the terminal need not provide its authorization credentials. In contrast, when the terminal has not yet demonstrated its authorization to the server, the server indicates to the terminal that the terminal does need to provide its authorization credentials. The server indicates to the terminal whether or not it needs to provide its authorization credentials by deliberating waiting to establish the call with the terminal, wherein in the length of the wait is indicative of whether or not the terminal needs to provide its authorization credentials.

Abstract: Access to information related to a client terminal is provided to a first web server, the information being stored by a second web server. The first web server is connected to the client terminal via a proxy server. The second web server sends a message, including a cookie, to the proxy server, wherein the cookie comprises a network address of the second web server. The cookie, related to the client terminal, is stored in the proxy server. The proxy server receives a message from the client terminal addressed to the first web server and the proxy server inserts the stored cookie into the received message. The proxy server forwards the received message to the first web server, which uses the cookie to request information from the second web server.

Abstract: A system may generate an access number, provide the access number to a user via a telephone call, and provide the access number to an authentication server. The system may regulate access by the user to a restricted resource based on the access number provided to the user and the access number provided to the authentication server.

Abstract: An apparatus includes a communication unit which receives email through a communication line, the email having been sent by a user and including a first identifier and data. The apparatus further includes an accumulation unit which stores therein the data, a printout unit, an input unit which receives a second identifier entered by the user through direct operation thereof, and a control unit which controls the printout unit to print the data corresponding to the first identifier by reading the data from the accumulation unit if the second identifier matches the first identifier.

Abstract: An information processing unit, such as a mobile phone, equipped with a fingerprint sensor and which reconciles size reduction with operability at a high level. A V-shaped groove is provided adjacent an operation panel, the V-shaped groove containing a first slope stretching away from the operation panel and slanting downward and a second slope stretching further away from the operation panel and slanting upward. The V-shaped groove may contain a fingerprint sweep sensor which detects a fingerprint on a finger moved along the first slope and the second slope.

Abstract: A secure telephone call management system is provided for authenticating users of a telephone system in an institutional facility. Authentication of the users of the telephone call management system is accomplished by using a personal identification number, biometric means, and/or radio frequency means. The secure telephone call management system includes accounting software capable of limiting access to the system based on funds in a user's account or other related limitations. The system includes management software capable of implementing widespread or local changes to the system and is further capable of modifying or setting any number of user account parameters.

Abstract: An information processing unit, such as a mobile phone, equipped with a fingerprint sensor and which reconciles size reduction with operability at a high level. Adjacent to an operation panel is located a V-shaped groove which contains a first slope stretching away from the operation panel and slanting downward and a second slope stretching further away from the operation panel and slanting upward, where the V-shaped groove contains a fingerprint sweep sensor which detects a fingerprint on a finger moved along the first slope and the second slope.

Abstract: An information processing unit, such as a mobile phone, equipped with a fingerprint sensor and which reconciles size reduction with operability at a high level. Adjacent to an operation panel is located a V-shaped groove which contains a first slope stretching away from the operation panel and slanting downward and a second slope stretching further away from the operation panel and slanting upward, where the V-shaped groove contains a fingerprint sweep sensor which detects a fingerprint on a finger moved along the first slope and the second slope.

Abstract: An information processing unit, such as a mobile phone, equipped with a fingerprint sensor and which reconciles size reduction with operability at a high level. Adjacent to an operation panel is located a V-shaped groove which contains a first slope stretching away from the operation panel and slanting downward and a second slope stretching further away from the operation panel and slanting upward, where the V-shaped groove contains a fingerprint sweep sensor which detects a fingerprint on a finger moved along the first slope and the second slope.

Abstract: An information processing unit, such as a mobile phone, equipped with a fingerprint sensor and which reconciles size reduction with operability at a high level. Adjacent to an operation panel, a V-shaped groove is provided which contains a first slope stretching away from the operation panel and slanting downward and a second slope stretching further away from the operation panel and slanting upward, where the V-shaped groove contains a fingerprint sweep sensor which detects a fingerprint on a finger moved along the first slope and the second slope.

Abstract: An information processing unit, such as a mobile phone, equipped with a fingerprint sensor and which reconciles size reduction with operability at a high level. Adjacent to an operation panel is located a V-shaped groove which contains a first slope stretching away from the operation panel and slanting downward and a second slope stretching further away from the operation panel and slanting upward, where the V-shaped groove contains a fingerprint sweep sensor which detects a fingerprint on a finger moved along the first slope and the second slope.

Abstract: An information processing unit, such as a mobile phone, equipped with a fingerprint sensor and which reconciles size reduction with operability at a high level. Adjacent to an operation panel is located a V-shaped groove which contains a first slope stretching away from the operation panel and slanting downward and a second slope stretching further away from the operation panel and slanting upward, where the V-shaped groove contains a fingerprint sweep sensor which detects a fingerprint on a finger moved along the first slope and the second slope.

Abstract: A communication device for filtering incoming calls includes a phone number database, a rule database, a filter module, and a rule operator module. The phone number database is used for storing a plurality of phone numbers. The rule database is used for storing a plurality of rules that include a plurality of common rules for dealing with incoming calls with phone numbers stored in the phone number database, and a plurality of particular rules for dealing with indefinite incoming calls. The filter module is connected to the phone number database and the rule database, for comparing the phone numbers of the incoming calls with those in the phone number database, and for retrieving rules from the rule database based on the comparison. The rule operator module is connected to the filter module, for dealing with the incoming calls according to the retrieved rules.

Abstract: A method, system, and program for allowing callers to adjust in position within a hold queue are provided. An advancement token earned by a caller while waiting in a hold queue is detected. The advancement token is stored for redemption in a future call by the caller according to an authenticated identifier for the caller, wherein future redemption of the advancement token will cause adjustment of a waiting position. In particular, a caller in the call hold queue may earn advancement tokens by answering questions posed by other callers in the call hold queue, where the questions are answered in a manner such that the other callers do not need additional aid from a representative. In addition, a caller may redeem advancement tokens earned in a previous hold queue while waiting in current hold queue, where the redeemable advancement tokens are accessible across multiple call centers according to the caller identification.

Abstract: A method and system authenticates an authenticatee and provides an authentication to a recipient. The authenticatee may be either the called party or the calling party. A network platform or customer premise equipment may be utilized to provide information for authentication. Customer premise equipment provides the authentication to the recipient.

Abstract: A method, system, and program for time based regulation of access to callees are provided. An authenticated identity of a caller placing a call is preferably detected. Then, a communication link from the caller to a callee is only attempted if the authenticated identity of the caller is allowed access to the callee according to a schedule associated with an identity of the callee.

Abstract: Apparatus and methods to store permission data relating to security for a system and to receive a request to establish a telephony call. In response to the request, the telephony call is established, and after establishing the telephony call, an indication of a type of the telephony call is detected. Based on permission data relating to security for the system, it is determined whether the type of the telephony call is permitted.

Abstract: A system for authenticating and/or authorizing users of a service includes one communication interface with an access communication channel and another communication interface with a confirmation communication channel. Requests for a user to access a service are received over the access communication channel, and confirmation codes for the user are received over a trusted confirmation channel, such as an SMS text messaging system. Confirmation codes may be received from the user requesting access to the service or by a third party acting as a gatekeeper to the service. The system tests the validity of received confirmation codes, and enables the user to access the service if a valid confirmation code is received.

Abstract: A printing apparatus or the like which can print by a simple hardware construction while security is assured and the operability is maintained is provided. A printer receives a print job which is sent from a host computer, holds it into a memory unit, generates an E-mail with a key code corresponding to the print job including the key code of each print job, and sends it to a cell phone designated upon job reception via a mail server through an LAN. In the cell phone which received the E-mail, when the user wants to print, contents of the E-mail are not changed but reply mail corresponding thereto is returned to the printer. In the printer which received the reply mail, if the key code included in the E-mail with the key code coincides with a key code included in the reply mail, the printing of the corresponding print job is started.

Abstract: An improved telecommunication device for simultaneous and independent communication of analog signals and digital data is disclosed. Processing of analog signals enables functions including, for example, message saver, speaker phone, caller identification and fax. Processing of digital data enables functions, including, for example, DSL modem communications, digital voice communications, video communications, and voice-over-data communications. The disclosed system may operate independently or coupled to one or more computers.

Abstract: An object of this invention is to provide a communication apparatus capable of maintaining the secrecy of data received in a memory box when forwarding the data. To achieve this object, when data received in a memory box designated by a sub-address/password signal is to be forwarded, data to which a password is added by a system corresponding to a forwarding destination (an e-mail terminal or a facsimile apparatus) is forwarded.

Abstract: Apparatus and methods that allow detection and authentication of multiple devices within a subscriber dwelling. A system is described generally comprising multiple devices, each adapted to receive a broadband signal and including a modem coupled to a telephone line. At least one of the devices is configured to receive entitlement information corresponding to the other devices via the broadband signal, and to use the entitlement information to periodically authenticate the other devices via the telephone line. Several methods are disclosed for detecting a device connected to a telephone line. A described method for authenticating a device connected to a telephone line includes receiving entitlement information corresponding to each of the devices via a broadband signal, and using the entitlement information to authenticate each of the devices via the telephone line.

Abstract: A method for verifying access authorization for voice telephony in a fixed network line or mobile telephone line, as well as a communications network having such access authorization verification are described. The access authorization is verified by analysis of a voice signal which was entered by the subscriber placing the call, before or during a call in progress. In one variant, the voice signal is entered as a password before the connection is established; in another variant, voice signals are analyzed for voice recognition and subscriber identification, the same voice signals also being transmitted to the person being called, making concealed access verification possible which does not hamper the normal flow of conversation.

Abstract: A method for issuing an electronic identity based on previously certified electronic identity. This is accomplished by providing a method to use a previously certified identity to create another representational form for the same identity. This way the holder of a certificate can extend his or her already verified identity for other uses. The previously certified identity can be for instance so called mobile identity which is associated to a person's mobile terminal such as mobile phone. The person can show to certificate be his/her own by using the digital signature feature of the mobile terminal.

Abstract: A presence of a facsimile transmission tone generated by a calling party within a call is sensed for within a public telephone network before the call has been routed to a called party. If the facsimile transmission tone is present in the call, the telephone network denies completion of the call to the telephone line of the called party. If the call is absent the facsimile transmission tone, a telephone network switch is instructed to complete the call to the telephone line of the called party.

Abstract: An integrated security and communications system combines a security system to either or both of a telephone system interface and a data interface. Users have access to voice-mail or other PBX-type telephone functions, many or all of which can be accessed not only at telephone sets, but also at keypads of the security system. Data functions such as electronic mail and possible partial or full World Wide Web access may also be provided at the keypads, as well as at connected personal computers or computer terminals. The system keypads may be enhanced to better accommodate some of the added functions. A central communications station could be used to maintain secure, shared private key encrypted communications with each premises system, using a redirector arrangement or relay to allow each premises system to communicate securely with a central monitoring station and with other systems. The secure communications system could be used without a security system to allow secure computer-to-computer communications.

Abstract: Methods and systems are disclosed for activating an electronic lock in an intelligent switched telecommunications network having a plurality of Advanced Intelligent Network (AIN) components. A call is received from a device communicating with the telecommunications network. The call is from a calling party to a called party. Processing of the call within the telecommunications network is suspended. A database is queried for a telephone number of the called party. The database stores telephone numbers of called parties subscribing to a lock service provided by a telecommunications service provider. The lock service allows a user to remotely activate an electronic lock using the telecommunications network. If the query is successful, processing of the call within the telecommunications network is resumed. The call is used to activate the electronic lock.

Abstract: A receiving apparatus comprises a receiving unit which receives a contents signal from a broadcast station in accordance with the result of authentication processing executed with the broadcast station, a registration unit which executes communication with an external communication device, and sets and registers an ID in a range of a predetermined number, and a communication unit which executes authentication processing with an external device using the ID and transmits the contents of the contents signal to the external device in accordance with the result of the authentication. A communication apparatus connected to the receiving apparatus through a network in a home is managed using a family ID thereby to protect the copyright of the contents of a fee-charging broadcast service or the like.

Abstract: In an embodiment of the invention, an apparatus for a user programmable facsimile (fax) machine to screen unwanted transmission, includes: a programmable facsimile (fax) machine configured to receive a programmable code; and a transmitting fax machine configured to send a destination phone number associated with the programmable fax machine across a network; wherein the programmable fax machine establishes communication with the transmitting fax machine if the transmitting fax machine sends the destination phone number across the network and accepts fax data from the transmitting fax machine if the transmitting fax machine sends a code that matches the programmable code.

Abstract: A telecommunication device connect between the incoming phone line and the telephone set which permits or denies the rights of the receiver to receive the incoming phone call by the caller to dial the extension numbers if match the previous save numbers sets or not.

Abstract: A system and methods for discouraging unwanted electronic communications requires a communication sender who is not recognized by the intended recipient, or who is not approved by the intended recipient, to a post a bond to accompany the communication. Adaptable to eliminating spam, unwanted faxes, unwanted telephone calls, etc., the system and method forces the money associated with the bond to be forfeited if the communication is rejected or deemed undesirable by the recipient. To prevent financially motivated abuse on the part of recipients, the preferred embodiment forfeits the bond money in favor of a third party such as a charity or governmental entity, to which the recipient has no legal obligation. A further safeguard against recipient abuse gives senders a predetermined number of unsolicited communications to send to system subscribers, after which bonds are required to send unapproved communications.

Abstract: A method for real-time authentication or authorization of a user (1) of a secured system (3) is based on using two authentication channels and an authentication device (4) from which the secured system can request authentication or authorization (6) over a secured information network connection (6, 9). One of the authentication channels is a telephone network (8), to which the authentication device (4) is connected. A user logging into the secured system (3) over the other channel (6) of the authentication channels must make a call to the authentication device over the telephone network by his or her telephone (2). The authentication device verifies that a call has been received from a telephone number of the user's telephone, and issues a positive verification response to the secured system. Upon receiving a positive response, the secured system provides a requested service through the other channel.

Abstract: An apparatus comprising a telecommunications access device and a remote control is disclosed. The remote control can cause the telecommunications access device to prevent access to a main telecommunications line. The remote control may include a first button which can be pressed to cause the telecommunications access device to prevent access to the main telecommunications line. The remote control may include a second button which can be pressed to cause the telecommuncations access device to permit access to the main telecommunications line.

Abstract: A multi-stage data logging system comprising a telecommunications stage for receiving, processing, and compressing data from one or more input channels, a recorder stage for storing said data to a memory device, a distribution stage for retrieving said stored data and distributing said data to one or more output channels, and a plurality of interface paths linking said three stages to one another. Different stages of the system can be located wide distances apart and the interface paths linking the three stages can be automatically switched to achieve fault tolerance of the system.

Abstract: A method for automatic input and transmission of a pass word when using a telephone set permits a simple pass word input by using only one pass word button when different pass words are used for various service fields or operations mode. The method for input and transmission of pass words can include performing a set-up-mode by using the single pass word button and storing different telephone numbers and pass words for the telephone numbers, dialing one of the telephone numbers, and pressing the single pass word button if a message requiring pass word input is received (e.g., output by the dialed telephone number upon connection). Preferably, automatic transmission of the pass word for the dialed telephone number is performed responsive to the pass word button in off-hook operations, and entry of telephone numbers, which require pass words, and each corresponding pass word is performed responsive to the pass word button in on-hook operations.

Abstract: Method and system for defining access rights in a telephone switching system comprising functions for controlling the operating system of the telephone switching system on the basis of commands entered. In the method, the right of access to the operating system is determined on the basis of a user identifier and a password associated with it. Moreover, a user profile is formed, said profile comprising one or more user identifiers and having a predetermined validity period. According to the method, a validity parameter associated with the user data is decreased on the basis of elapsed time and/or the number of log-on times and/or the weighting values of the commands entered.

Abstract: An telecommunications access device is disclosed which allows an administrator to set an amount of time per day that a user can access the Internet or use a telephone. The telecommunications access device may be permanently electrically connected to first and second telecommunications lines each of which may include a telephone cord and a plug. The first telecommunications line may be electrically connected to a port of a computer processor. The second telecommunications line may be electrically connected to a port of a telephone jack. The telecommunications access device may include a keypad, which allows the user to enter a user code, which permits the user to access, the Internet or use a telephone, if the amount of time has not expired. The telecommunications access device may include a display, which dynamically displays the amount of time that the user has remaining to access the Internet for a particular day.