GB2496850A - Modification of session establishment messages to redirect associated media messages. - Google Patents
Modification of session establishment messages to redirect associated media messages. Download PDFInfo
- Publication number
- GB2496850A GB2496850A GB1120004.5A GB201120004A GB2496850A GB 2496850 A GB2496850 A GB 2496850A GB 201120004 A GB201120004 A GB 201120004A GB 2496850 A GB2496850 A GB 2496850A
- Authority
- GB
- United Kingdom
- Prior art keywords
- media
- text
- messages
- mbs
- ntp
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Withdrawn
Links
- 238000012986 modification Methods 0.000 title claims description 7
- 230000004048 modification Effects 0.000 title claims description 7
- 230000011664 signaling Effects 0.000 claims abstract description 26
- 238000011282 treatment Methods 0.000 claims description 13
- 238000000034 method Methods 0.000 claims description 6
- 238000012545 processing Methods 0.000 claims description 4
- 230000000977 initiatory effect Effects 0.000 abstract 1
- 238000012546 transfer Methods 0.000 description 4
- 238000012544 monitoring process Methods 0.000 description 3
- 238000007792 addition Methods 0.000 description 2
- 230000002457 bidirectional effect Effects 0.000 description 2
- 238000004891 communication Methods 0.000 description 2
- 230000005540 biological transmission Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 238000003780 insertion Methods 0.000 description 1
- 230000037431 insertion Effects 0.000 description 1
- 230000010076 replication Effects 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L65/00—Network arrangements, protocols or services for supporting real-time applications in data packet communication
- H04L65/1066—Session management
- H04L65/1101—Session protocols
- H04L65/1104—Session initiation protocol [SIP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L65/00—Network arrangements, protocols or services for supporting real-time applications in data packet communication
- H04L65/10—Architectures or entities
- H04L65/102—Gateways
- H04L65/1023—Media gateways
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2463/00—Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
- H04L2463/121—Timestamp
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0471—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload applying encryption by an intermediary, e.g. receiving clear information at the intermediary and encrypting the received information at the intermediary before forwarding
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L65/00—Network arrangements, protocols or services for supporting real-time applications in data packet communication
- H04L65/1066—Session management
- H04L65/1069—Session establishment or de-establishment
Abstract
Session establishment signaling messages, e.g. session initiation protocol (SIP) messages, are modified to enable redirection of media messages in an existing end-to-end system. Real-time data stream 7 originating from user end 2 is redirected by network termination point 8 to media bypass server (MBS) 6 whereas signaling stream 5 continues undiverted to internet telephony service provider 1. The MBS may provide encoding of the data stream. The redirection may be automatically disabled in the event of a fault with the MBS.
Description
Page 1 System for the Addition of External Media Handling Facilities to Existing Real Time Packet Systems
Field of the Invention
This invention relates to a system that can be added to already existing packet communication systems that utilise the Real-time Transfer Protocol (RTP) for packet data and transparently modifies the associated session signalling protocol such as (but not limited to) SIP or H.323, so as to redirect the data via a processing system that is capable of adding additional functionality not present in the original system.
Background
The current trend in the development of telecommunications platforms is to move connections away from using circuit switched networks and towards using packet switched networks. Inherently, packet data systems utilize a shared path which can lead to problems with security and quality of service, and in addition the use of the Internet as part of the IP path can lead to issues with resilience and reliability not normally experienced in the circuit switched domain.
An example of this trend would be the transfer of telephony traffic from analogue and ISDN lines to IP connectivity paths such as ADSL (Asymmetric Digital Subscriber Lines) or EFM (Ethernet First Mile) connections. A second example would be a similar transfer of Video data from the circuit switched domain to the packet switched domain.
The majority of new IP based VoIP systems such as IP PBX and SIP or H.323 based Telephony Service Provider platforms usually operate in a many to one configuration.
These current systems, particularly SIP trunks, are considered to be unreliable and to provide poor quality audio. Also, in view of their use of public IP networks, data security and continuity of service are also issues of concern.
These platforms do not as standard provide functionality to deal with the problems of poor quality IP paths or offer media encryption across public IP paths, but rely on external apparatus such as Virtual Private Network routers at both ends that could provide encryption. This type of ancillary equipment is usually placed permanently in between the Page 2 two original endpoints of the communication system and there is no methodology to switch them in or out based on information contained within the signalling stream or upon the failure of the equipment at one end. In the case of a failure of one end the entire link becomes unusable.Virtual Private Networks (VPNs) usually provide "tunnels" into which for a particular endpoint all IF traffic is directed, whereas this system targets specific protocols only.
These problems have led to reluctance from the business community in particular to adopt the technology. There is therefore a need for a more effective and efficient IF network transmission system, particularly a VoIP system.
There is also a need to address at least one of the problems of the prior art.
Summary of the Invention
The system according to a first embodiment of the invention that is described here includes two elements:-An element (e.g. a Network Termination Point, termed here as the "NIP") that is normally located at the demarcation point between the remote user's associated IP telephony equipment and the network provided by the IP service provider. An example of equipment normally found at this type of demarcation point would be an ADSL router.
A second element (e.g. a Media Bypass Server, termed here as the "MBS") which is located either close to, or within, the IF Telephony/Video Service Provider's (lISP) Network/Platform. The IP connection between the MBS and the ITSP is typically short, dedicated, secure and free from contention and packet loss issues.
The NIP and MBS would normaliy be deployed in a many to one scenario.
The NIP utilises a method of packet interception and rewriting on some elements of the content of the session establishment signalling protocol messages being exchanged between the user's equipment and the lISP's equipment. This action forces/enables the bidirectional streams of media packets associated with the session, that are also being sent between the two endpoints, to take an alternative path to the originally intended path.
Page 3 The redirection of the media packets allows the insertion of additional processing capabilities on the data contained in the media packets without having to change the configuration or functionality of the original endpoints. In the event of a failure of the MBS the NTP will be capable of recognising the fault condition and allow the signalling protocol messages to pass without modifications thereby allowing the media packets to traverse between the two endpoints via the originally intended path.
The method of achieving this packet redirection is detailed in the following sections.
How this embodiment of the invention can be effected will now be described: For many of the Session establishment protocols currently in use, the requested IP address and port destination of the media packets is specified as a separate element to the requested IP address and port for the signalling protocol. In this embodiment of the invention, the signalling protocol is monitored by the NTP and, on the basis of the content of other elements in the signalling messages, the requested IF destination of the media packets can be rewritten to direct the media to an alternative IP destination termed the "Media Bypass Server"(MBS). An example of the content that can be used in redirecting the media packets includes the ultimate destination of the audio or video information contained in the media packets (e.g. the called number' in the case of telephony). The interception and modification of the signalling protocol happens in such a way that the action is transparent to either end of the original system.
An example of where this facility could prove useful would be in the context of a bank that would normally make IP telephone calls to customers across the internet and would not expect them to be "secure" as they traverse the Public IP network. However in the case of a call between two branches of the same bank the called number would determine that this cali should be made "secure" by rerouting the media via the BMS and the NTP. The NTP and BMS would work together to encrypt the media packets as they traverse the public section of the IF network. This is achieved without the knowledge of the original two endpoints in the connection.
The MBS and the NTP can thereafter work in tandem to provide media processing treatments (such as data encryption), which may be unrelated, to the normal functionality Page 4 provided in the existing system. In this way, the MBS and NTP can be used, when desired (e.g. at a later date), to add such treatments to an existing system, without having to modify the existing system directly.
The use of such a bypass system (i.e. the MBS and NTP combination) can therefore allow additional enhanced treatments at low upgrade cost.
The media treatments that can be applied between the NTP and BMS can be used to deliver higher levels of security, service quality, availability and resilience than those already existing in the original system. As an example the NTP and BMS can be used to provide encryption of the media packet content when sent across the Internet, or the NTP and BMS can be used to replicate the media packets across multiple IP paths to enhance the probability of safe delivery between the original endpoints. These are merely examples of the media treatments that can be applied but there are many others.
Figure 1 shows the structure of an un-modified system.
(1.1) Is one end of the system exchanging bi-directional signalling and real time data streams (1.2) Is the other end of the system exchanging bi-directional signalling and real time data streams (1.3) Is the IP path being used to communicate between 1.1 and 1.2 (1.4) Is the bi directional stream of signalling protocol packets (1.5) Is the bi directional stream of real time media packets Figure 2 shows an example of an upgraded system according to an embodiment of the invention, where the NTP and BMS have been added to the existing system.
(2.1) Is the Internet Telephony Service provider end of the system exchanging bi-directional signalling (5) and real time data streams (7) with a user (2.2) Is the User end of the system exchanging bi-directional signalling (5) and real time data streams (7) with the service provider (2.3) Is the IF path being used to communicate between 2.1 and 2.2 (2.4) Is the bi-directional stream of signalling protocol packets Page 5 (2.5) Is the bi-directional stream of real time media packets (2.6) Is the Bypass Media Server (BMS) (2.7) Is the NIP (2.8) Is the point (within the NIP) where the monitoring of, and modification to, the signalling protocol is done for both directions of messages.
In this example the signalling (5) used is the SIP protocol as per RFC 3261. The media control is achieved through the use of Session Description Protocol (SDP) as per REC 4566. As the SIP signalling packets originating from the user endpoint (2.2) pass through the NIP, the SDP connection data element (c=) is rewritten with the IP address of the BMS before being allowed to continue on to the service provider endpoint (2.1). NOIE, The SIP signalling packets are NOT redirected to the BMS (i.e. only the data streams are).
Similarly, SIP signalling packets containing SDP sent by the service provider endpoint (2.1) are rewritten by the NTP such that RIP packets sent by the endpoint (2.2) are directed to the BMS. By this means the BMS and NIP can be added to the existing system and used to add additional treatment to the media RIP packet contents.
As described previously, an example of a media treatment" includes the media being encrypted. Other types of treatment applied to the bidirectional streams by the NIP/BMS combination are possible within the inventive concept. A second example of a possible media treatment would be the replication of the media packets and transfer via two different IP networks in order to enhance redundancy and thereby increase the probability of safe delivery between the two endpoints. In this regard, use of two paths for signalling and/or audio data means that the failure of a single path will not affect the received data.
Similarly, any IP problems on one of the paths do not affect the received data quality in view of the path duality.
In this way, two diversely routed low cost broadband connections can be deployed in tandem to achieve a greater degree of quality and resilience. Ihis NTP/MBS system is also able to be achieved in an affordable manner.
It is to be noted that the NTP/BMS system can be used to replicate a data stream or divert the data stream, depending upon the media treatment being applied. For example, in the Page 6 second example described above, the media packets are replicated to improve data quality, so that two versions of the packets are transmitted (i.e. one version by the standard route, and the other via the NTP/BMS). This is to be contrasted with the encryption technique, where the media packets are diverted (and encrypted) via the NTP/BMS combination in order to achieve the necessary security.
Figure 3 shows an example where the media is video. The redirection of the media packets in this instance is achieved using the same method as described in the previous example but the media treatment system in this case adds timestamps, frame cryptographical signing, and local or remote storage of the data.
(3.1) Is the Service provider end of the system exchanging bi-directional signalling and receiving a unidirectional real time data stream (3.2) Is the User end of the system exchanging bi-directional signalling and sending a unidirectional real time data stream.
(3.3) Is the IF path being used to communicate between 3.1 and 3.2 (3.4) Is the bi directional stream of signalling protocol packets (3.5) Is the unidirectional stream of real time media packets (3.6) Is the Bypass Media Server (BMS) (3.7) Is the NTP (3.8) is the media storage module (3.9) is an unmodified media frame (3.10) is a media frame modified with the timestamp (3.11) is the media frame with timestamp modification and a cryptographic signing (3.12) is the media frame after modifications, before being sent off for storage, and forwarded on to the other end of the system Advantageously, where the NTP is a SIP NTP delivering voice cails, through the duplication of the data stream between the NTP and BMS, this aspect of the invention is able to provide a more resilient delivery mechanism for SIP calls and audio over low quality of service broadband IF infrastructures, including fixed line and/or mobile sections.
These embodiments of the invention have particular application to the technological Page 7 sectors of remote monitoring, access control and video monitoring.
The embodiments of the invention just described are to be taken as illustrative of the invention and not limitative, in that changes and additions are possible within the inventive concept. For example, whilst the inventive concept has particular application to Voice over IP, it is also applicable to other types of data, such as video data.
Claims (2)
- <claim-text>Page 8 Claims 1. A system that transparently modifies session establishment signalling messages to enable the transparent redirection of media only in an existing end to end system.</claim-text> <claim-text>2. A system that performs the treatment of media data received, as redirected to it by claim 1.</claim-text> <claim-text>3. The modification as per claim 1 can be automatically disabled in the event of a fault with the treatment processing unit BMS as per claim
- 2.</claim-text> <claim-text>4. A system substantially as herein described with reference to the accompanying drawings.</claim-text> <claim-text>5. A method substantially as herein described with reference to the accompanying drawings.</claim-text> <claim-text>6. An IP network element, such as an NTP or BMS, substantially as herein described with reference to the accompanying drawings.</claim-text>
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| GB1120004.5A GB2496850A (en) | 2011-11-21 | 2011-11-21 | Modification of session establishment messages to redirect associated media messages. |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| GB1120004.5A GB2496850A (en) | 2011-11-21 | 2011-11-21 | Modification of session establishment messages to redirect associated media messages. |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| GB201120004D0 GB201120004D0 (en) | 2012-01-04 |
| GB2496850A true GB2496850A (en) | 2013-05-29 |
Family
ID=45475431
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| GB1120004.5A Withdrawn GB2496850A (en) | 2011-11-21 | 2011-11-21 | Modification of session establishment messages to redirect associated media messages. |
Country Status (1)
| Country | Link |
|---|---|
| GB (1) | GB2496850A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| GB2569772A (en) * | 2017-10-11 | 2019-07-03 | Pci Pal U K Ltd | Processing sensitive information over VOIP |
| GB2611432A (en) * | 2017-10-11 | 2023-04-05 | Pci Pal U K Ltd | Processing sensitive information over VoIP |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20040213209A1 (en) * | 2003-04-22 | 2004-10-28 | O'connor Neil | Processing of communication session request messages |
| US20090168778A1 (en) * | 2007-12-28 | 2009-07-02 | Zulfiqar Ahmed | Extending communication protocols |
-
2011
- 2011-11-21 GB GB1120004.5A patent/GB2496850A/en not_active Withdrawn
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20040213209A1 (en) * | 2003-04-22 | 2004-10-28 | O'connor Neil | Processing of communication session request messages |
| US20090168778A1 (en) * | 2007-12-28 | 2009-07-02 | Zulfiqar Ahmed | Extending communication protocols |
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| GB2569772A (en) * | 2017-10-11 | 2019-07-03 | Pci Pal U K Ltd | Processing sensitive information over VOIP |
| US11310291B2 (en) | 2017-10-11 | 2022-04-19 | PCI-PAL (U.K.) Limited | Processing sensitive information over VoIP |
| GB2569772B (en) * | 2017-10-11 | 2023-01-18 | Pci Pal U K Ltd | Processing sensitive information over VOIP |
| GB2611432A (en) * | 2017-10-11 | 2023-04-05 | Pci Pal U K Ltd | Processing sensitive information over VoIP |
| US11689585B2 (en) | 2017-10-11 | 2023-06-27 | PCI-PAL (U.K.) Limited | Processing sensitive information over VoIP |
| GB2611432B (en) * | 2017-10-11 | 2023-10-25 | Pci Pal U K Ltd | Processing sensitive information over VoIP |
| US11870822B2 (en) | 2017-10-11 | 2024-01-09 | PCI-PAL (U.K.) Limited | Processing sensitive information over VoIP |
Also Published As
| Publication number | Publication date |
|---|---|
| GB201120004D0 (en) | 2012-01-04 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US8457117B1 (en) | Static, dynamic and intelligent VRF routing for services traffic | |
| AU2005206976B2 (en) | Method and apparatus for transporting encrypted media streams over a wide area network | |
| US7274684B2 (en) | Method and system for implementing and managing a multimedia access network device | |
| EP1985078B1 (en) | System and method for recording calls in an ip-based communications system | |
| US8238325B2 (en) | Packet communication network and packet communication method | |
| JP2005525024A (en) | Communication switching architecture | |
| US7953070B1 (en) | Client configuration download for VPN voice gateways | |
| US9025438B1 (en) | System and method for communication failover | |
| US8417942B2 (en) | System and method for identifying encrypted conference media traffic | |
| US20100189097A1 (en) | Seamless switch over from centralized to decentralized media streaming | |
| JP5242683B2 (en) | Improvements in or related to monitoring in the Internet Protocol (IP) domain | |
| US9560085B2 (en) | Systems and methods for communicating a stream of data packets via multiple communications channels | |
| GB2496850A (en) | Modification of session establishment messages to redirect associated media messages. | |
| US7447150B1 (en) | Automated path restoration for packet telephony | |
| US20140029606A1 (en) | Systems and methods for communicating a stream of data packets via multiple communications channels | |
| US20140029523A1 (en) | Systems and methods for communicating a stream of data packets via multiple communications channels | |
| Cisco | G.Clear, GSMFR, and G.726 Codecs and Modem and Fax Passthrough for Cisco Universal Gateways | |
| JP2010153955A (en) | Switching exchange | |
| CN116325659A (en) | Method, system and computer readable medium for routing of lawful interception packets | |
| US9391810B2 (en) | Systems and methods for communicating a stream of data packets via multiple communications channels | |
| US20060221947A1 (en) | Multiple IP identities for end user telephony devices | |
| WO2003081852A1 (en) | Virtual trunking over packet networks | |
| US20140029748A1 (en) | Systems and methods for preventing the examination of data packet contents | |
| US20150036548A1 (en) | System and method for recording calls in an ip-based communications system | |
| Bell et al. | VoIP quality and security issues for consumers and small businesses |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| WAP | Application withdrawn, taken to be withdrawn or refused ** after publication under section 16(1) |