DE102008029610A1 - Provider device for transferring voice data to e.g. Internet protocol compatible client device, over voice channel, has voice output unit transferring voice output to client devices upon determination of termination of voice channel - Google Patents

Provider device for transferring voice data to e.g. Internet protocol compatible client device, over voice channel, has voice output unit transferring voice output to client devices upon determination of termination of voice channel

Info

Publication number
DE102008029610A1
DE102008029610A1 DE200810029610 DE102008029610A DE102008029610A1 DE 102008029610 A1 DE102008029610 A1 DE 102008029610A1 DE 200810029610 DE200810029610 DE 200810029610 DE 102008029610 A DE102008029610 A DE 102008029610A DE 102008029610 A1 DE102008029610 A1 DE 102008029610A1
Authority
DE
Germany
Prior art keywords
client device
ip
authentication code
provider device
means
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
DE200810029610
Other languages
German (de)
Inventor
Rainer Dr. Falk
Steffen Fries
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Siemens AG
Original Assignee
Siemens AG
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Siemens AG filed Critical Siemens AG
Priority to DE200810029610 priority Critical patent/DE102008029610A1/en
Publication of DE102008029610A1 publication Critical patent/DE102008029610A1/en
Withdrawn legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communication
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0838Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
    • H04L9/0841Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these involving Diffie-Hellman or related key agreement protocols
    • H04L9/0844Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these involving Diffie-Hellman or related key agreement protocols with user authentication or key authentication, e.g. ElGamal, MTI, MQV-Menezes-Qu-Vanstone protocol or Diffie-Hellman protocols using implicitly-certified keys
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/061Network architectures or network communication protocols for network security for supporting key management in a packet data network for key exchange, e.g. in peer-to-peer networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/80Wireless
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network
    • H04L63/0861Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network using biometrical features, e.g. fingerprint, retina-scan

Abstract

The provider device for transmitting voice data at least partially via an IP-based voice channel to an IP-capable first client device and / or a non-IP-capable second client device has: a provisioning means which is set up provide an authentication code in response to a provided key; and a voice output means adapted to generate a voice output of the provided authentication code and to transmit the generated voice output to the first and / or the second client device for deciding on termination of the voice channel.

Description

  • The The invention relates to a provider device, an arrangement and a method of transmission of voice data via a voice channel using the IP protocol.
  • at the transmission of voice data over one Speech channel that is at least partially or only partially on the IP protocol based, between two clients, client devices, IP-enabled Subscriber terminals or the like is not the security as in the conventional one wired landline telephony. For this reason become cryptographic security procedures or security mechanisms used.
  • An example of this is shown in the schematic block diagram 1 , According to 1 are two client devices 10 . 20 by means of a provider device 30 coupled to form a voice channel SK. By means of a session initiation protocol, for example SIP (Session Initiation Protocol), session parameters for a transmission protocol for the transmission of audiovisual media data, in particular voice data or VOIP (Voice over IP) data, are exchanged. The transmission protocol for transmitting the audiovisual media data is, for example, the RTP (Real-Time Transport Protocol) protocol. As such, the RTP protocol is unsecured. In order to secure the RTP protocol for establishing a secure transmission protocol for the transmission of the audiovisual media data, a key establishment protocol, for example the ZRTP protocol, is used.
  • at The ZRTP protocol uses an unauthenticated Diffie-Hellmann key exchange over the RTP channel performed. alternative However, the DTLS protocol (Datagram Transport Layer Security) used an anonymous, unauthenticated Diffie-Hellman key exchange. Also could the IKE (Internet Key Exchange) protocol or the MIKEY protocol (Multimedia Internet KEYing) are used.
  • For authentication, the respective user of the client device, for example, a user of the first client device 10 to 1 in accordance with the ZRTP protocol, a portion of the hash value of the exchanged Diffie-Hellmann secret or key is shown or provided to the user of the first client device 10 this portion of the hash value to the user of the second client device 20 read aloud via the voice channel SK. The Diffie-Hellmann secret transmitted over the voice channel SK is provided by the user of the second client device 20 with a corresponding, the second client device 20 provided information compared. Corresponds to the locally displayed information of the second client device 20 that of the first client device 10 transmitted Diffie-Hellmann secret, so is the user of the first client device 10 authenticated and the voice channel SK is not terminated by the second client. The same applies to the authentication of the user of the second client device 20 to the user of the first client device 10 ,
  • In In this context, the notifying party found that the filing date the present invention, there is no solution which the authenticating users of the IP-based client device the way gives an information about the safety grade to get the voice channel between him and the provider device. Without a knowledge about the user knows the current security quality the first client device does not matter if it's security-relevant information about transmit the voice channel can.
  • at two IP-enabled Client devices which over a provider device coupled to form an IP-based end-to-end connection are, such a mutual authentication is theoretical possible.
  • Indeed deleted this possibility of mutual authentication, if only one of the two client devices IP-enabled and the other client device is connected to the line Provider device is coupled.
  • In In this context, the notifying party found that the filing date the present invention, there is no solution which the authenticating users of the IP-based client device the way gives an information about the safety grade to get the voice channel between him and the provider device. Without a knowledge about the current safety grade he knows Users of the IP-based client device do not know if the channel is actually protected and transmit security-related information over the voice channel can.
  • Therefore It is an object of the present invention to provide a security ensure two client devices coupling voice channel.
  • According to the invention this Asked task by a provider device with the features of claim 1 and / or by an arrangement with the features of claim 8 and / or by a method having the features of claim 17.
  • Accordingly, a provider device for transmitting voice data at least partially via an IP-based voice channel to an IP-enabled first client device and / or a non-IP-capable second client device, comprising:
    • a) provisioning means adapted to provide an authentication code in response to a provided key; and
    • b) a voice output means arranged to generate a voice output of the provided authentication code and to transmit the generated voice output to the first and / or the second client device for deciding on a termination of the voice channel.
  • Furthermore, an arrangement is proposed for transmitting voice data via at least one voice channel by means of the IP protocol, which comprises:
    • a) at least one client device; and
    • b) a trained as explained above provider device according to the invention.
  • Furthermore, a method for transmitting voice data via an IP-capable, first client device and a provider device coupling, IP-based voice channel is proposed, which comprises the following steps:
    • a) providing a key of the first client device and the provider device;
    • b) generating an authentication code for a non-IP-capable, second client device coupled to the provider device as a function of the provided key by the provider device;
    • c) generating a voice output of the provided authentication code by the provider device; and
    • d) transmitting the generated authentication code to the first client device and / or to the second client device for deciding on termination of the IP-based voice channel.
  • By providing the provider device with the speech output means according to the invention can be the user of IP based Client device and / or the user of the non-IP-capable client device advantageously a feedback in terms of safety IP-based voice channel. For the purposes of this application is a non-IP capable Client device such a client device, although for coupling with the provider device, but not for IP-based coupling with the provider device suitable is. examples for non-IP based client devices are wired client devices or client devices that can be coupled by means of cellular mobile radio networks.
  • The non-IP enabled, second client device may be configured as a subscriber which over a conventional one Telephone network, z. Via PSTN or a cellular mobile radio system (GSM or UMTS) is connected. Furthermore, the second client device may also act as an automated voice service be configured, for example, as an automatic announcement (Time, weather) or a voice mailbox (answering machine function).
  • Of the Users of the IP-based client device know that the security of the IP-based voice channel is ensured to the provider device when the IP-based client device the voice output of the provided authentication code of the provider device receives.
  • Receives the IP-based client device provided this voice output Authentication codes not within a predetermined time or a predetermined period of time, the user may be IP-based Client device or the IP-based client device automatically terminate the IP-based voice channel to the provider device.
  • In order to is the security of the two client devices coupling Voice channel ensured.
  • advantageous Refinements and developments of the invention will become apparent the dependent claims and the description with reference to the drawings.
  • According to one preferred development of the provider device according to the invention provides the provisioning means the authentication code in dependence one by means of a key establishment protocol provided key ready.
  • According to one Another preferred development is the means of Schlüsseletablierungsprotokolls provided keys a symmetric key.
  • The Key establishment protocol is preferably the ZRTP protocol or the TLS protocol or the DTLS protocol or the IKE protocol or the MIKEY protocol.
  • According to a further preferred development of the provider device according to the invention, the latter has a generation means which generates a key as a function of a random number provided by a random generator, wherein the provisioning means the authentication code in dependence of the generated key sels.
  • According to one Another preferred embodiment provides the provisioning means a portion of a hash value of the provided key as the Authentication code ready.
  • According to one Another preferred embodiment provides the provisioning means a predetermined portion of a hash value of one using a key establishment protocol provided symmetric key as the authentication code ready.
  • According to one preferred development of the arrangement according to the invention is the provider device designed as a gateway device, which is suitable to a IP-based voice channel to the IP-enabled first client device and a wireline voice channel to a wireline, second client device for establishing an end-to-end connection between the first client device of the second client device to set up.
  • According to one preferred embodiment of the inventive arrangement has the first client device a first providing means, which has a predetermined first part of the first client device and the provider device provided key as one for the first client device specific, first authentication code and the provider device has a second provisioning means which is a predetermined second part of the first client device and the provider device provided key as one for the second client device specific, second authentication code provides.
  • According to one Another preferred embodiment has the first client device a first test equipment on and the provider device has a second test means on. The first test equipment is set up to check whether the provider device the second authentication code within a predetermined period of time by means of the IP-based voice channel to the first client device. In contrast, is the second test equipment set up to check whether the first client device the first authentication code within the predetermined time period by means of the IP-based voice channel transmits to the provider device.
  • According to one Another preferred embodiment of the arrangement are the first Providing means and the second providing means, respectively suitable for this, the first authentication code and the second Generate authentication code.
  • According to one Another preferred embodiment of the arrangement checks the first test equipment that from the provider device over the IP-based voice channel incoming voice data to match the generated one second authentication code and generated at a detected match a first confirmation signal. In contrast, check that second test equipment that from the first client device over the IP-based voice channel incoming voice data to a match with the generated first authentication code and generated at a detected match a second confirmation signal.
  • Preferably The IP-based, first client device has a termination agent on which the IP-based voice channel in the absence of a voice output the provided authentication code by the provider device terminated.
  • Especially can the arrangement of the invention have at least one termination agent, which is the IP-based Speech channel terminates, if this the first confirmation signal and / or the second confirmation signal does not receive within a predetermined period of time.
  • Especially For example, the provider device may have a first scheduling agent and the first client device has a second scheduling means.
  • Further a computer program product is proposed which is based on a program-controlled device to carry out a as described above Method according to the invention causes.
  • One For example, computer program product such as a computer program agent as a storage medium, such as memory card, USB stick, floppy disk, CD stick, CD-ROM, DVD or even in the form of a downloadable file of one Servers are deployed or delivered on a network. This For example, in a wireless communication network the transfer a corresponding file with the computer program product or the computer program means done.
  • The Invention will be described below with reference to the schematic figures specified embodiments explained in more detail. It demonstrate:
  • 1 a schematic block diagram of an embodiment of an arrangement for the transmission of voice data;
  • 2 a schematic block diagram ei nes first embodiment of an inventive arrangement for the transmission of voice data;
  • 3 a schematic block diagram of a second embodiment of an inventive arrangement for the transmission of voice data;
  • 4 a schematic block diagram of a third embodiment of an inventive arrangement for the transmission of voice data; and
  • 5 a schematic flow diagram of an embodiment of the method according to the invention for the transmission of voice data.
  • In All figures are the same or functionally identical means and facilities - if otherwise stated - with provided the same reference numerals.
  • In 2 is a schematic block diagram of a first embodiment of an inventive arrangement 100 for transmitting voice data SD1.
  • The order 100 to 2 has a provider device 30 and an IP-based or IP-capable client device 10 on.
  • Details regarding the transmission of the voice data SD1 over the voice channel SK1 are in 4 and the related description.
  • The provider device 30 to 2 has a provisioning agent 31 and a voice output means 32 , The provisioning means 31 and the voice output means 32 can each be designed as a device, device or as a software-technical means.
  • The provisioning means 31 is adapted to provide an authentication code AC2 in response to a provided key K.
  • The voice output device 32 is adapted to generate a speech output S (AC2) of the provided authentication code AC2 and the generated speech output S (AC2) to the IP-enabled client device 10 to decide on a termination of the voice channel SK1. The voice output S (AC2) may be part of the voice data SD2 from the provider device 30 via the voice channel SK1 to the IP-enabled client device 10 be transmitted.
  • The provisioning means 31 preferably provides the authentication code AC2 in response to a key K provided by means of a key establishment protocol. In particular, the key K provided by means of the key establishment protocol is a symmetric key. For example, the key establishment protocol is the ZRTP protocol 1 that between the pro resist device 30 and the first client device 10 is carried out. Furthermore, the key establishment protocol can also be embodied as a TLS protocol or as a DTLS protocol or as an IKE protocol or as a MIKEY protocol. The provisioning means 31 preferably provides a portion of a hash value of the provided key K as the authentication code AC2. In doing so, the provisioning means 31 Preferably, a predetermined portion of a hash value of a symmetric key K provided by the key establishment protocol is provided as the authentication code AC2.
  • 3 shows a schematic block diagram of a second embodiment of the inventive arrangement 100 for transmission of voice data SD2. In this case, the exemplary embodiment 3 an alternative or additional option with regard to the provision of the key K. Accordingly, the provider device has 30 according to 3 a generator 37 which receives the key K as a function of a one-time random number generator 40 provided random number Z generated. The provisioning means 31 then provides the authentication code AC2 depending on the key K generated thereby. Here is the disposable random number generator 40 by means of a suitable interface device (not shown) with the provider device 30 coupled.
  • 4 shows a schematic block diagram of a third embodiment of the inventive arrangement 100 for transmitting voice data SD1-SD4 via at least one voice channel SK1, SK2.
  • The order 100 to 4 has a provider device 30 on, for example, according to 2 or according to 3 is trained.
  • The provider device 30 is by means of an IP-based voice channel SK1 with an IP-capable, first client pre direction 10 coupled. Further, the provider device is 30 via a line-connected voice channel SK2 to a line-connected, second client device 20 connected. This connection can be made for example via a PSTN network.
  • This is the provider device 30 suitable for an end-to-end connection between the first client device 10 and the second client device 20 to set up. For physical coupling with the provider device 30 are suitable interface devices 14 . 34 and 38 intended.
  • In relation to 4 the reference numeral SD1 denotes that of the first client device 10 over the first voice channel SK1 to the provider device 30 transmitted voice data. Reference character SD2 designates that of the provider device 30 voice data transmitted to the first client device via the first voice channel. In contrast, reference numeral SD3 denotes that of the provider device 30 via the second voice channel SK2 to the second client device 20 transmitted voice data. Further, reference character SD4 denotes that of the second client device 20 via the second voice channel SK2 to the provider device 30 transmitted voice data.
  • The voice output S (AC2) of the second authentication code AC2 by the voice output means 32 can as part of the voice data SD2 from the provider device 30 to the first client device 10 be transmitted over the IP-based voice channel SK1. Further, the voice output S (AC1) of the first authentication code AC1 may be transmitted by the voice output means 32 as part of the voice data SD3 from the provider device 30 to the second client device 20 be transmitted. Likewise, the voice input SE1 of the user N1 may be part of the voice data SD1 from the first client device 10 to the provider device 30 be transmitted.
  • By means of the voice data SD4, the user (not shown) can access the second client device 20 an acknowledgment of the receipt of the speech output S (AC1) to the provider device 30 and thus to the first client device 10 transfer. The acknowledgment may be in the form of a predetermined keyword, for example OK, or as the second authentication code AC2.
  • For speech recognition of the speech input SE1 of the user N1 of the first client device 10 For example, the first client device may be a speech recognition device 12 exhibit. The speech recognition device 12 is preferably adapted to detect the voice input SE1 of the provided first authentication code AC1 by the user N1 for deciding on the termination of the IP-based voice channel SK1.
  • Next has the first client device 10 preferably a terminating agent 13 , The scheduling agent 13 terminates the voice channel SK in particular in the absence of a voice input SE1 of the provided authentication code AC1 by the user N1.
  • In doing so, the speech recognition device provides 12 the scheduling agent 13 Preferably, a detection signal DS1 when it detects a voice input SE1 of the provided authentication code AC1 ready. Consequently, the terminating agent terminates 13 the voice channel SK, if this does not receive the detection signal DS1 within a certain period of time.
  • Furthermore, the presence of the first acknowledgment signal BS1 and / or the second acknowledgment signal BS2 may be given to the user of the IP-based client device 10 be displayed by means of a visual and / or audiovisual display.
  • Next, the first client device 10 also be equipped with a speaker recognition device (not shown). In this case, the speaker recognition device has memory means which are suitable for storing the biometric data of authorized persons, so that only authorized persons can authenticate themselves via the first client device. Furthermore, the security of the IT-based voice channel SK1 can be increased by the combination of the authentication with the speaker recognition.
  • Even though the present invention described above with reference to the preferred embodiments it is not limited to that, but in many ways and modifiable.

Claims (18)

  1. Provider device ( 30 ) for transmitting voice data (SD1) at least partially via an IP-based voice channel (SK1) to an IP-capable, first client device ( 10 ) and / or a non-IP capable, second client device ( 20 ) with: a) a delivery means ( 31 ) arranged to provide an authentication code (AC2) in response to a provided key (K); and b) a voice output means ( 32 ) which is adapted to generate a speech output (S (AC2)) of the provided authentication code (AC2) and the generated speech output (S (AC2)) to the first client device ( 10 ) and / or to the second client device ( 20 ) to decide on a termination of the voice channel (SK1).
  2. Provider device according to claim 1, characterized in that the provisioning means ( 31 ) provides the authentication code (AC2) in response to a key (K) provided by means of a key establishment protocol.
  3. Provider device according to claim 2, characterized in that that by means of the key establishment protocol provided keys (K) a symmetric key is.
  4. Provider device according to claim 3, characterized in that that the key establishment protocol the ZRTP protocol or the TLS protocol or the DTLS protocol or the IKE protocol or the MIKEY protocol.
  5. Provider device according to Claim 1 or one of Claims 2-4, characterized in that a generation means ( 37 ) is provided, which a key (K) in dependence of one of a random number generator ( 40 generated random number (Z), wherein the provisioning means ( 31 ) provides the authentication code (AC2) in response to the generated key (K).
  6. Provider device according to Claim 1 or one of Claims 2-5, characterized in that the provisioning means ( 31 ) provides a portion of a hash value of the provided key (K) as the authentication code (AC2).
  7. Provider device according to Claim 1 or one of Claims 2-6, characterized in that the provisioning means ( 31 ) provides a predetermined portion of a hash value of a symmetric key (K) provided by a key establishment protocol as the authentication code (AC2).
  8. Arrangement ( 100 ) for transmitting voice data (SD1, SD2) via at least one voice channel (SK1, SK2), comprising: a) at least one client device ( 10 . 20 ); b) a provider apparatus according to claim 1 or one of claims 2 to 7 ( 30 ).
  9. Arrangement according to claim 8, characterized in that the provider device ( 30 ) is designed as a gateway device which is suitable for transferring an IP-based voice channel (SK1) to the IP-capable, first client device ( 10 ) and a line-connected voice channel (SK2) to a line-connected, second client device ( 20 ) for establishing an end-to-end connection ( 60 ) between the first client device ( 10 ) and the second client device ( 20 ).
  10. Arrangement according to claim 11, characterized in that the first client device ( 10 ) a first providing means ( 11 ) having a predetermined first part of the first client device ( 10 ) and the provider device ( 30 provided key (K) as one for the first client device ( 10 ) provides specific, first authentication code (AC1); and that the provider device ( 30 ) a second provision means ( 31 ) having a predetermined second part of the first client device ( 10 ) and the provider device ( 30 provided key (K) as one for the second client device ( 20 ) specific second authentication code (AC2).
  11. Arrangement according to claim 10, characterized in that the first client device ( 10 ) a first test means ( 15 ) which is set up to check whether the provider device ( 30 ) the second authentication code (AC2) within a predetermined period of time by means of the IP-based voice channel (SK1) to the first client device ( 10 ) transmits; and that the provider device ( 30 ) has a second test means ( 35 ), which is set up to check whether the first client device ( 10 ) the first authentication code (AC1) within the predetermined period of time by means of the IP-based voice channel (SK1) to the provider device ( 30 ) transmits.
  12. Arrangement according to claim 10 or 11, characterized in that the respective provision means ( 11 . 31 ) is adapted to generate the first authentication code (AC1) and the second authentication code (AC2).
  13. Arrangement according to claim 12, characterized in that the first test means ( 15 ) from the provider device ( 30 ) checks voice data (SD2) incoming via the IP-based voice channel (SK1) for a match with the generated second authentication code (AC2) and generates a first acknowledgment signal (BS1) when a match has been found; and the second test means ( 35 ) from the first client device ( 10 ) examines incoming voice data (SD1) via the IP-based voice channel (SK1) for a match with the generated first authentication code (AC1) and generates a second acknowledgment signal (BS2) when a match has been found.
  14. Arrangement according to Claim 8 or one of Claims 9 to 13, characterized in that the IP-based, first client device ( 10 ) a termination agent ( 13 ), which transmits the IP-based voice channel (SK1) in the absence of a voice output of the provided authentication code (AC2) by the provider device (SK1). 30 ) terminated.
  15. Arrangement according to claim 13, characterized in that at least one termination Mitmit tel ( 13 . 33 ) terminating the IP-based voice channel (SK1) when it does not receive the first acknowledgment signal (BS1) and / or the second acknowledgment signal (BS2) within a predetermined time period.
  16. Arrangement according to claim 8 or one of claims 9-15, characterized in that the termination means ( 13 . 23 ) in the provider device ( 30 ) or the first client device ( 10 ) is arranged.
  17. Method for transmitting voice data (SD1) at least partially via an IP-capable, first client device ( 10 ) and a provider device ( 30 IP-based voice channel (SK1) comprising the steps of: a) providing a key (K) of the first client device ( 10 ) and the provider device ( 30 ); b) generating an authentication code (AC2) for one with the provider device ( 30 ) coupled, non-IP capable second client device ( 20 ) depending on the provided key K by the provider device ( 30 ), c) generating a voice output (S (AC2)) of the provided authentication code (AC2) by the provider device ( 30 ); and d) transmitting the generated authentication code (SD2; S (AC2)) to the first client device ( 10 ) and / or to the second client device ( 20 ) for deciding on termination of the IP-based voice channel (SK1).
  18. Computer program product running on a programmatic Establishment the implementation a method according to claim 17 causes.
DE200810029610 2008-06-23 2008-06-23 Provider device for transferring voice data to e.g. Internet protocol compatible client device, over voice channel, has voice output unit transferring voice output to client devices upon determination of termination of voice channel Withdrawn DE102008029610A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
DE200810029610 DE102008029610A1 (en) 2008-06-23 2008-06-23 Provider device for transferring voice data to e.g. Internet protocol compatible client device, over voice channel, has voice output unit transferring voice output to client devices upon determination of termination of voice channel

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
DE200810029610 DE102008029610A1 (en) 2008-06-23 2008-06-23 Provider device for transferring voice data to e.g. Internet protocol compatible client device, over voice channel, has voice output unit transferring voice output to client devices upon determination of termination of voice channel

Publications (1)

Publication Number Publication Date
DE102008029610A1 true DE102008029610A1 (en) 2009-12-24

Family

ID=41335003

Family Applications (1)

Application Number Title Priority Date Filing Date
DE200810029610 Withdrawn DE102008029610A1 (en) 2008-06-23 2008-06-23 Provider device for transferring voice data to e.g. Internet protocol compatible client device, over voice channel, has voice output unit transferring voice output to client devices upon determination of termination of voice channel

Country Status (1)

Country Link
DE (1) DE102008029610A1 (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1355469A1 (en) * 2002-04-19 2003-10-22 Red-M (Communications) Limited Voice data transmission
US20070055517A1 (en) * 2005-08-30 2007-03-08 Brian Spector Multi-factor biometric authentication
US20070155366A1 (en) * 2005-12-30 2007-07-05 Manohar Deepak J Method, apparatus, and system for biometric authentication of user identity
US20070157026A1 (en) * 2005-07-27 2007-07-05 Zimmermann Philip R Method and system for key management in voice over internet protocol
DE102006047650A1 (en) * 2006-10-09 2008-04-10 Giesecke & Devrient Gmbh Cryptographic computation method for participants of voice over Internet protocol (VoIP) connection involves performing cryptographic computation at least partly in safety module after accomplishing part of key administrative minutes

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1355469A1 (en) * 2002-04-19 2003-10-22 Red-M (Communications) Limited Voice data transmission
US20070157026A1 (en) * 2005-07-27 2007-07-05 Zimmermann Philip R Method and system for key management in voice over internet protocol
US20070055517A1 (en) * 2005-08-30 2007-03-08 Brian Spector Multi-factor biometric authentication
US20070155366A1 (en) * 2005-12-30 2007-07-05 Manohar Deepak J Method, apparatus, and system for biometric authentication of user identity
DE102006047650A1 (en) * 2006-10-09 2008-04-10 Giesecke & Devrient Gmbh Cryptographic computation method for participants of voice over Internet protocol (VoIP) connection involves performing cryptographic computation at least partly in safety module after accomplishing part of key administrative minutes

Similar Documents

Publication Publication Date Title
US9882723B2 (en) Method and system for authentication
US10284555B2 (en) User equipment credential system
US20170353442A1 (en) Proximity-based authentication
US9961197B2 (en) System, method and apparatus for authenticating calls
US8996861B1 (en) Secure communications system for mobile devices
US9749318B2 (en) Key management in a communication network
EP2215769B1 (en) Key management for secure communication
US7409552B2 (en) Method for securing communications between a terminal and an additional user equipment
US8307421B2 (en) End-to-end authentication of session initiation protocol messages using certificates
FI117181B (en) A method and system for identifying a user's identity
US8615086B2 (en) Key agreement and re-keying over a bidirectional communication path
KR100974142B1 (en) System and method for spam detection
US9628585B2 (en) Systems and methods for cross-layer secure connection set up
Zimmermann et al. ZRTP: Media path key agreement for unicast secure RTP
US7246236B2 (en) Method and apparatus for providing peer authentication for a transport layer session
ES2526703T3 (en) Communication security
DE60017292T2 (en) Authentication method between a subscriber and a service provider that can be reached by a network operator by providing a secure channel
EP1471708B1 (en) System and method for establishing secondary channels
US8214649B2 (en) System and method for secure communications between at least one user device and a network entity
CN101208900B (en) Secure instant messaging
CN101641976B (en) An authentication method
US6907034B1 (en) Out-of-band signaling for network based computer session synchronization
US8290871B1 (en) Systems and methods for a secure recording environment
CN1697552B (en) Techniques for performing server user proxy authentication using SIP (session initiation protocol) messages
EP1378101B1 (en) Voip terminal security module, sip stack with security manager, system and security methods

Legal Events

Date Code Title Description
OP8 Request for examination as to paragraph 44 patent law
8139 Disposal/non-payment of the annual fee