JP2009171619A - Notification number verifying system - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide a number verifying system for verifying the propriety of a notification number. <P>SOLUTION: A number verifying system comprises: a communication connection control means for controlling a communication connection with a calling telephone terminal; a user information management means for managing user information of each user, including at least one or more setting notification numbers set as a notification number of a calling party and authentication information; a user authenticating means for authenticating the calling party, based on the authentication identification information, included in a reception packet received from the calling telephone terminal, by referring to the user information managed by the user information management means, when a connection request is received from the calling telephone terminal to the communication connection control means; and a notification number verifying means for verifying the propriety of a call origination notification number, by determining whether the call origination notification number included in the reception packet agrees with the number included in the setting notification numbers of the user information in the user information management means, when propriety is authenticated by the user authentication means. <P>COPYRIGHT: (C)2009,JPO&INPIT

Description

  The present invention relates to a notification number verification system, and can be applied to, for example, a caller number verification method in an IP telephone network.

  In recent years, IP telephones have become widespread, and demand for additional services provided by conventional telephone networks (fixed telephones, mobile phones, etc.) is also increasing. As a typical service, there is a “caller number notification service” for notifying a receiving terminal of a telephone telephone number of a calling telephone terminal.

  In IP telephones using SIP (Session Initiation Protocol), which is one of the protocols applied to IP telephones, IETF (Internet Technical Research Committee) and TTC (Telephone Telephone Technical Committee) have been established regarding caller number notification methods. ) And other standardization organizations.

  Conventionally, in the SIP protocol, a caller number is set by a caller (outgoing telephone terminal) on a From header or a P-Preferred-Identity header (P-Asserted-Identity header) specified in the SIP protocol. In general, information (telephone number or the like) is handled as a caller number by notifying the called party.

IETF RFC3261

  Conventionally, in the RFC 3261 of SIP, digest authentication is defined as user authentication, but this digest authentication is merely a user authentication of user authentication information such as a user ID by collating with management information, and on the header. It was not possible to determine whether the number is a valid contract telephone number in the IP network.

  However, it is defined up to the means for verifying the normality of whether the number set on the above-mentioned From header or P-Preferred-Identity header (P-Asserted-Identity header) is an actually contracted telephone number. This may lead to so-called “spoofing transmission” by a third party using a counterfeit terminal.

  Therefore, a means for verifying the normality of the number set on the header in the IP telephone network is required, and a number verification system for verifying the number is required.

  There is also a case where the caller wants to notify the callee of a number different from the contracted phone number assigned to the telephone terminal used. For example, it is required that the caller side receiving the free phone (incoming billing service) notifies the callee side of the number of the freephone access instead of the phone number of the telephone terminal used.

  Even in such a case, in the SIP protocol, the number set by the calling telephone terminal is only the number set on the From header or the P-Preferred-Identity header (P-Asserted-Identity header). In the range specified by the SIP protocol, the number is notified to the recipient as it is, so it is necessary to verify the number set on the header as a network and to notify the recipient after ensuring the normality.

  Therefore, for example, in an IP telephone network using the SIP protocol, there is a need for a notification number verification system that clarifies caller number notification conditions and verifies the normality of the caller number on the network side.

  In order to solve this problem, a notification number verification system according to the present invention is a notification number verification system for verifying the validity of an outgoing notification number notified from an outgoing telephone terminal in an IP communication network. Communication connection control means for controlling communication connection with the telephone terminal; (2) managing at least one or more setting notification numbers set as the caller notification number and user information of each user having authentication information User information management means, (3) When a connection request is received from the outgoing telephone terminal to the communication connection control means, the user information managed by the user information management means is referred to and included in the received packet received from the outgoing telephone terminal A user authentication means for authenticating the caller based on the authentication identification information, and (4) if it is legitimately authenticated by the user authentication means, it is included in the received packet. A notification number verification means for verifying the validity of the transmission notification number by comparing whether or not the transmission notification number is the same as the number included in each setting notification number of the user information of the user information management means It is characterized by providing.

  According to the notification number verification system of the present invention, it is possible to verify the validity of the transmission notification number notified from the calling telephone terminal in the communication network.

1 is an overall configuration diagram of a caller number verification system according to a first embodiment. It is explanatory drawing explaining the example of a management item of the subscriber information management part of 1st Embodiment. It is a flowchart which shows operation | movement of the sender | caller number verification system of 1st Embodiment. It is a processing sequence figure in the sender number verification system of a 1st embodiment. It is a processing sequence figure in the sender number verification system of a 1st embodiment. It is a processing sequence figure in the sender number verification system of a 1st embodiment. It is a processing sequence figure in the sender number verification system of a 1st embodiment. It is a whole block diagram of the sender | caller number verification system of 2nd Embodiment. It is explanatory drawing explaining the example of a management item of the subscriber information management part of 2nd Embodiment. It is a flowchart which shows operation | movement of the sender | caller number verification system of 2nd Embodiment. It is a processing sequence figure in the sender number verification system of a 2nd embodiment. It is a whole block diagram of the sender | caller number verification system of 3rd Embodiment. It is a flowchart which shows operation | movement of the sender | caller number verification system of 3rd Embodiment. It is a processing sequence figure in the sender number verification system of a 3rd embodiment.

  The best mode for carrying out the notification number verification system of the present invention will be described below with reference to the drawings.

  Each embodiment described below is a caller number verification system that verifies the validity of a caller number notified from a calling telephone terminal to a called telephone terminal in a voice communication system that employs SIP as a voice communication protocol. The case where the notification number verification system of the present invention is applied will be described.

(A) First Embodiment Hereinafter, a first embodiment of a notification number verification system of the present invention will be described with reference to the drawings.

(A-1) Configuration of First Embodiment FIG. 1 is a configuration diagram showing an overall configuration of a caller number verification system according to the present embodiment.

  As shown in FIG. 1, the caller ID verification system 100 of this embodiment includes IP telephone subscriber terminals 5 and 6 and an IP telephone exchange 2 that can be connected to an IP telephone network 1. In the present embodiment, the IP telephone subscriber terminal 5 will be described as a transmitting terminal, and the IP telephone subscriber terminal 6 will be described as an incoming terminal.

  The IP telephone network 1 is a communication network whose communication protocol is IP (Internet Protocol), and a dedicated network, a public network, a mobile communication network, or a communication network that combines these can be applied.

  The IP telephone exchange 2 is a communication device (SIP server) that can be connected to the IP telephone network 1 and has a function of realizing voice communication between the IP telephone subscriber terminals 5 and 6 using SIP. The IP telephone exchange 2 includes a user authentication function, a call connection function, a registration processing function, a transfer processing function, and the like based on a received message from the calling terminal.

  FIG. 1 shows a main internal configuration of the IP telephone exchange 2, which has a subscriber information management unit 3 and a connection processing unit 4.

  The subscriber information management unit 3 manages the set subscriber information related to the contract subscriber. As shown in FIG. 2, the subscriber information management unit 3 includes a subscriber information table 31 and an other notification number table 32.

  The subscriber information table 31 is a table for managing information on contract subscribers using an authentication ID (authentication identification information) assigned to the contract subscriber as a key. In the present embodiment, as shown in FIG. 2, the subscriber information table 31 manages authentication information, contract telephone numbers, and other notification number link IDs using authentication IDs as keys. Of course, it is possible to manage other information related to the contract subscriber.

  Here, the authentication information is authentication information for user authentication of the contract subscriber. This authentication information may be determined independently by the contract subscriber. The contract telephone number is a telephone number assigned to the telephone terminal used by the contract subscriber in the IP telephone network 1. In addition, the other notification number link ID can be set when the contract subscriber wants to notify the called party of a number other than the contract telephone number of the telephone terminal used. Identification information.

  In addition, the other notification number table 32 is a table for managing the set other notification number when the contract subscriber intends to notify the receiving side of a number other than the contracted telephone number of the telephone terminal in use. The other notification number can be registered with the IP telephone subscriber terminal 5 using SIP, and one or a plurality of other notification numbers can be set.

  The connection processing unit 4 is a processing unit that performs voice communication between the IP telephone subscriber terminals 5 and 6 based on SIP. The main functions controlled by the connection processing unit 4 are a user authentication function (digest authentication is performed in this embodiment), a caller ID verification function, a call control function, a connection processing function, a registration process, a transfer process, and the like. is there.

  When receiving a call request from the calling terminal, the connection processing unit 4 issues an authentication request to the calling terminal, and when receiving a message (INVITE) including the call request and authentication information from the calling terminal, the subscriber information managing unit 3 , User authentication (digest authentication) is performed based on the authentication information of the message. Thereby, the legitimacy of the contract subscriber can be authenticated.

  Here, the digest authentication is a user authentication method. For example, authentication information such as a user ID or a password encrypted on the terminal side (for example, using a hash function) is transmitted to the server and decrypted by the server side. There is a method of performing user authentication based on information and management authentication information. Thereby, high-security user authentication can be realized. In this embodiment, digest authentication is used in consideration of security, but it can be widely applied if user authentication is possible.

  In the case of digest authentication OK, the connection processing unit 4 indicates that the number (notification number) set in the header part of the received message (INVITE) is the same as the subscriber information management unit 3 (subscriber information table 31). It is compared whether or not it matches the contract telephone number to be managed.

Thereby, the normality of the caller number (notification number) included in the signal from the caller terminal authenticated by the user can be determined, and the normal caller number can be notified to the called party.

  Here, a From header, a P-Preferred-Identity header, a P-Asserted-Identity header, or the like can be applied as a header in which a notification number is set, but the setting location is not particularly limited as long as the notification number can be set. .

  Further, when the notification number on the header of the message does not match the contract telephone number, the connection processing unit 4 confirms the presence / absence of the other notification number link ID in the subscriber information table 31. Thereby, it is possible to confirm whether or not there is a setting for using a number other than the contract telephone number as a notification number.

  When the other notification number link ID is in the subscriber information table 31, the connection processing unit 4 determines whether or not the other notification number of the link destination based on the other notification number link ID matches the number on the header of the message. If the numbers match, it is determined that the number on the header is the other notification number (determined to be a normal number in the IP telephone network 1). If the numbers do not match, the number on the header is not the other notification number. to decide.

  Thereby, when they match, the number on the header can be notified as a valid notification number in the IP telephone network 1. Further, from the contract subscriber side, it is possible to notify the incoming call of a number other than the contract telephone number of the terminal used.

  The IP telephone subscriber terminals 5 and 6 are SIP compatible IP telephone terminals. The IP telephone subscriber terminals 5 and 6 may be of a software type that realizes a call by executing a SIP compatible program by a control means such as a CPU. In the case of functioning as a calling terminal, the IP telephone subscriber terminals 5 and 6 write a telephone number assigned in advance on the header of the message and transmit it to the IP telephone exchange 2.

(A-2) Operation of the First Embodiment Next, the operation of the caller ID verification system 100 of the present embodiment will be described with reference to the drawings.

  In the following, the digest authentication process based on the message (INVITE) from the calling terminal and the caller number verification process based on the information of the header part of the message in the IP telephone exchange 2 will be described with reference to FIG.

  FIG. 3 is a flowchart showing processing in the IP telephone exchange 2.

  The IP telephone exchange 2 performs a predetermined sequence with the calling terminal (IP telephone subscriber terminal 5), receives a connection request message including authentication information, and performs the following processing based on the connection request message (F1).

  When a connection request message is given to the IP telephone exchange 2 from the IP telephone subscriber terminal 5, the IP telephone exchange 2 specifies the subscriber information from the subscriber information table 31 based on the authentication ID included in the connection request message. (F2).

  When the subscriber information is specified from the subscriber information table 31, the authentication information included in the connection request message is compared with the authentication information corresponding to the authentication ID in the subscriber information table 31, and a digest based on the authentication information is performed. Authentication is performed (F3, F4).

  When the authentication result of digest authentication by the IP telephone exchange 2 is NG, a message indicating that the authentication result is NG is given from the IP telephone exchange 2 to the IP telephone subscriber terminal 5 (F5).

  If the authentication result of the digest authentication by the IP telephone exchange 2 is OK, the number set in the header part of the received connection request message and the contract telephone number corresponding to the authentication ID in the subscriber information table 31 are obtained. Whether or not they match is compared (F6).

  If the setting number on the header matches the contract telephone number, the connection processing unit 4 determines that the setting number can be guaranteed as a valid telephone number in the IP telephone network 1, and subsequent connection processing is performed (F11). . As a result, the IP telephone subscriber terminals 5 and 6 are connected. Detailed description of subsequent connection processing is omitted.

  On the other hand, if the setting number on the header does not match the contract telephone number, the connection processing unit 4 confirms whether or not there is another notification number link ID in the subscriber information table 31 (F7).

  If there is no other notification number link ID in the subscriber information table 31, a message indicating that the connection is impossible is given from the IP telephone exchange 2 to the IP telephone subscriber terminal 5 (F8).

  Further, when the other notification number link ID is present in the subscriber information table 31, it is compared whether or not the other notification number set in the other notification number table 32 matches the set number on the header of the message ( F9). When a plurality of other notification numbers are set in the other notification number table 32, it is determined whether or not the setting number on the header matches any of the plurality of other notification numbers.

  When the setting number on the header matches the other notification number, it is determined that the setting number on the header can be guaranteed as a valid telephone number in the IP telephone network 1, and subsequent connection processing is performed (F11). Then, connection processing between the IP telephone subscriber terminals 5 and 6 is performed. Details of the subsequent connection process are omitted.

  On the other hand, if the setting number on the header does not match the other notification number, a message indicating that the connection is impossible is given from the IP telephone exchange 2 to the IP telephone subscriber terminal 5 (F10).

  As described above, by checking the setting number on the header of the connection request message (INVITE) from the calling terminal that has succeeded in the digest authentication with the subscriber information used in the digest authentication, the IP telephone exchange 2 It is possible to verify whether or not the above setting number is normal in the IP telephone network 1.

  Next, a specific processing sequence between the IP telephone subscriber terminal 5 and the IP telephone exchange 2 will be described with reference to FIGS.

  FIG. 4 shows a processing sequence when the contract telephone number is set in the From header, and FIG. 5 shows a processing sequence when the other notification number is set in the From header. FIG. 6 shows a processing sequence when the contract telephone number is set in the P-Preferred-Identity header (or P-Asserted-Identity header). FIG. 7 shows the other notification number in the P-Preferred-Identity header ( Or a P-Asserted-Identity header).

  First, the processing sequence shown in FIG. 4 will be described. In FIG. 4, first, a call request message (INVITE) is given to the IP telephone exchange (SIP server) 2 from the IP telephone subscriber terminal 5 which is a calling terminal (S101).

  When INVITE (call request) is given from IP telephone subscriber terminal 5 to IP telephone exchange 2, an authentication request (407 Proxy Authentication Required) is given from IP telephone exchange 2 to IP telephone subscriber terminal 5 (S102).

  When an authentication request is given from the IP telephone exchange 2 to the IP telephone subscriber terminal 5, the IP telephone subscriber terminal 5 returns a response signal (ACK) (S103) and then sends a connection request message (INVITE) with authentication information added thereto. The data is transmitted to the IP telephone exchange 2 (S104). At this time, a connection request message (INVITE) in which the contract telephone number is set in the From header is given to the IP telephone exchange 2.

  When the connection request message (INVITE) to which the authentication information is added is given to the IP telephone exchange 2, the IP telephone exchange 2 performs the signal analysis processing of the connection request message described with reference to FIG. The following detailed processing is omitted.

  When the connection request message is given to the IP telephone exchange 2, subscriber information is specified from the subscriber information table 31 based on the authentication ID (S105, F2).

  When subscriber information is specified from the subscriber information table 31, digest authentication is performed by comparing the authentication information of the connection request message with the subscriber information table 31 (S106, F3 to F5).

  If the digest authentication is OK, the contract telephone number on the From header and the contract telephone number in the subscriber information table 31 are compared to determine whether or not they match (S107, F6 to F10).

  If the contract telephone number on the From header matches the contract telephone number in the subscriber information table 31, the caller number included in the message is an IP telephone that is valid in the IP telephone network 1. The exchange 2 determines, and a connection request message (INVITE) is transmitted to the receiving terminal, and subsequent connection processing is performed (S108, F11).

  Next, the processing sequence shown in FIG. 5 will be described. In FIG. 5, the processing sequence of S101 to S103 corresponds to the processing described in FIG.

  After the response to the authentication request, in the IP telephone subscriber terminal 5, a number other than the contract telephone number of the terminal is set on the From header, and a connection request message (INVITE) including authentication information is transmitted to the IP telephone exchange 2 (S204).

  When the connection request message is given to the IP telephone exchange 2, the connection processing unit 4 specifies subscriber information based on the authentication ID of the connection request message and performs digest authentication based on the authentication information (S105 and S106).

  When the digest authentication is OK, the connection processing unit 4 compares the number on the From header of the connection request message with the contract telephone number of the subscriber information table 31. In this case, since the other notification number is set in the From header, the setting number on the header does not match the contract telephone number.

  Accordingly, the connection processing unit 4 confirms whether or not the other notification number link ID exists in the subscriber information table 31 (S207, F6). When there is another notification number link ID in the subscriber information table 31, the other notification number of the other notification number table 32 which is a link destination based on the other notification number link ID is viewed.

  Then, it is compared whether or not the setting number on the From header matches the other notification number set in the other notification number table 32 (S208, F9).

  When the setting number on the From header matches the other notification number, the IP telephone switch 2 determines that the setting number on the From header is a valid number in the IP telephone network 1 and connects to the receiving terminal. A request message (INVITE) is transmitted, and subsequent connection processing is performed (S108, F11).

  Next, the processing sequence shown in FIG. 6 will be described. In FIG. 6, the processing sequence of S101 to S103 corresponds to the processing described in FIG.

  Here, generally, the P-Preferred-Identity header (or P-Asserted-Identity header) is used as a header capable of setting a number other than the contract telephone number of the terminal used.

  After the response to the authentication request, the IP telephone subscriber terminal 5 sets the contract telephone number on the P-Preferred-Identity header (or P-Asserted-Identity header) of the connection request message (INVITE) including the authentication information, and the connection A request message (INVITE) is transmitted to the IP telephone exchange 2 (S304).

  When the connection request message is given to the IP telephone exchange 2, identification of subscriber information based on the authentication ID of the connection request message and digest authentication based on the authentication information are performed (S105 and S106).

  If the digest authentication is OK, the setting number on the P-Preferred-Identity header (or P-Asserted-Identity header) of the connection request message is compared with the contract telephone number in the subscriber information table 31 to see if they match. Determination is made (S307, F6).

  When the contract telephone number on the P-Preferred-Identity header (or P-Asserted-Identity header) matches the contract telephone number in the subscriber information table 31, the caller number included in the message is an IP telephone. The IP telephone exchange 2 determines that the number is valid in the network 1, and a connection request message (INVITE) is transmitted to the receiving terminal, and subsequent connection processing is performed (S308, F11).

  Next, the processing sequence shown in FIG. 7 will be described. In FIG. 7, the processing sequence of S101 to S103 corresponds to the processing described in FIG.

  After the response to the authentication request, the IP telephone subscriber terminal 5 sends a connection request message (INVITE) including authentication information in which another notification number is set on the P-Preferred-Identity header (or P-Asserted-Identity header). It is transmitted to the exchange 2 (S404).

  When the connection request message is given to the IP telephone exchange 2, identification of subscriber information based on the authentication ID of the connection request message and digest authentication based on the authentication information are performed (S105 and S106).

  When the digest authentication is OK, the number on the P-Preferred-Identity header (or P-Asserted-Identity header) of the connection request message is compared with the contract telephone number of the subscriber information table 31. In this case, since the other notification number is set in the P-Preferred-Identity header (or P-Asserted-Identity header), the setting number on the header does not match the contract telephone number. Accordingly, it is confirmed whether or not the other notification number link ID exists in the subscriber information table 31 (S407, F6).

  When the other notification number link ID is present in the subscriber information table 31, the set number on the P-Preferred-Identity header (or P-Asserted-Identity header) matches the other notification number of the other notification number table 32. Are compared (S408, F9).

  When the setting number on the P-Preferred-Identity header (or P-Asserted-Identity header) matches the other notification number, the IP telephone exchange indicates that the number on the header is a valid number in the IP telephone network 1. 2 is determined, a connection request message (INVITE) is transmitted to the receiving terminal, and subsequent connection processing is performed (S108, F11).

(A-3) Effect of the First Embodiment As described above, according to the present embodiment, the normality of the caller's notification number is set to the caller number set on the signal that is OK in the digest authentication, This can be realized by comparing the subscriber number on the subscriber information used in the digest authentication.

  In addition, according to the present embodiment, regarding the number that the caller wants to notify other than the contractor number, “other notification number” is managed in advance as additional information of the subscriber information and becomes NG in comparison with the contractor number. Even in this case, if the comparison result with the “other notification number” registered in advance becomes normal, it is possible to guarantee the normality of the notification number as the IP telephone network.

(B) Second Embodiment Next, a second embodiment of the caller ID verification system will be described with reference to the drawings.

(B-1) Configuration of Second Embodiment FIG. 8 is an overall configuration diagram of a caller ID verification system according to the second embodiment. As shown in FIG. 8, the caller ID verification system 200 includes at least an IP telephone exchange 2, IP telephone subscriber terminals 5 and 6, and an announcement server 7 that can be connected to the IP telephone network 1.

  In FIG. 8, constituent elements that are the same as or correspond to those in the system of FIG. In addition, detailed functional descriptions of these corresponding component requirements are omitted.

  As in the first embodiment, the IP telephone exchange 2 performs user authentication (digest authentication) processing, caller ID verification processing, call control processing, connection processing, transfer processing, and the like based on the message received from the calling terminal. SIP server to perform. The IP telephone exchange 2 includes a subscriber information management unit 3 and a connection processing unit 4.

  As shown in FIG. 9, the subscriber information management unit 3 includes a subscriber information table 33, another notification number table 32, and a connection NG operating condition table 34.

  The subscriber information table 33 is a table for managing subscriber information. In addition to the management item example described with reference to FIG. 2, the present embodiment has an item of “number verification NG operation”. The operation at the time of number verification NG indicates an operation that can be performed by the IP telephone exchange 2 when the verification result of the setting number on the message header is NG. The specific operation content can be set in the connection NG operation condition table 34.

  The connection NG operation condition table 34 is a table for managing specific operation contents to be performed by the IP telephone exchange 2 when the number verification is NG, and includes items such as operation conditions and connection destinations. In this operation condition, for example, the IP telephone exchange 2 can set the operation content such as disconnection from the calling terminal, connection to the receiving terminal without notification, connection to the announcement server 7, etc. For example, when connecting to an announcement server or another application server, the connection destination (for example, IP address) of these servers can be set. In the present embodiment, a case will be described in which connection to the announcement server 7 is set as an operation condition of the connection NG operation condition table 34, and the IP address of the announcement server 7 is set as a connection destination corresponding to the operation condition. .

  As in the first embodiment, the connection processing unit 4 executes a user authentication function (digest authentication), a caller number verification function, a call control function, a connection processing function, and the like. In addition, after digest authentication is OK, the connection processing unit 4 does not have the other notification number link ID in the subscriber information table 33 or if the number on the header of the received message does not match the other notification number (caller number verification result) If the number verification NG operation is performed in the subscriber information table 33, and if the number verification NG operation is performed, the subscriber information table 33 is operated according to the operation condition of the connection NG operation condition table 34. is there.

  Thereby, when the verification result of the caller ID is NG, it is possible to cause the IP telephone exchange 2 to perform a preset operation. In the present embodiment, when the caller ID verification is NG, the IP telephone exchange 2 establishes a session with the announcement server 7. As a result, the announcement server 7 transmits to the calling terminal a recorded voice indicating that the caller number verification result is NG and the connection to the receiving terminal cannot be made.

  The announcement server 7 receives a message (INVITE) from the IP telephone exchange 2 and transmits a preset recording voice to the calling terminal after the session is established.

(B-2) Operation of Second Embodiment Next, the operation of the second embodiment will be described with reference to the drawings. FIG. 10 is a flowchart showing the operation of the second embodiment. FIG. 11 shows a processing sequence diagram of the third embodiment.

  The sequence of connection request, authentication request, etc. between the calling terminal (IP telephone subscriber terminal 5) and the IP telephone exchange 2 and the digest authentication in the IP telephone exchange 2 have been described in the first embodiment. Omitted (F1 to F5 in FIG. 10, S101 to S104 in FIG. 11).

  In F4 of FIG. 10, when the authentication result of the digest authentication by the IP telephone exchange 2 is OK, the setting on the P-Preferred-Identity header is referred to the subscriber information table 33 as in the first embodiment. It is determined whether or not the number is a contract telephone number (F6). At this time, if the setting number on the header is the contractor telephone number, the subsequent connection processing is performed as in the first embodiment (F11).

  Further, when the setting number on the header does not match the contract telephone number and the other information number link ID is present in the subscriber information table 33 (F107), the setting number on the header is the link as in the first embodiment. It is determined whether or not it matches the other notification number (F108). If they match, it is determined that the number on the header is a normal number in the IP telephone network 1, and the subsequent connection processing is performed (F11).

  On the other hand, when there is no other notification number link ID in the subscriber information table 33, or when the number on the header does not match the other notification number, the connection processing unit 4 verifies the number set in the subscriber information table 33. The content of the NG operation is confirmed (F109).

  If there is no setting for the number verification NG operation in the subscriber information table 33, a message indicating that the caller number verification is NG is transmitted to the calling terminal (IP telephone subscriber terminal 5) (F110).

  In addition, the connection with the announcement server 7 is set as an operation condition in the operation at the time of the number verification NG in the subscriber information table 33, and the connection destination (for example, IP address) of the announcement server 7 is set as the connection destination. (S505, S506 in FIG. 11), the connection processing unit 4 uses the destination of the message (INVITE) as the connection destination of the announcement server 7, transmits the message (INVITE) to the announcement server 7, and connects. Processing is performed (S507 to S510 in FIG. 11).

  After the session between the IP telephone exchange 2 and the announcement server 7 is established, the announcement server 7 is a caller ID verification NG with respect to the calling terminal (IP telephone subscriber terminal 5). (Audio signal) is transmitted (F111), and the caller is made to listen (S511 in FIG. 11).

(B-3) Effects of the Second Embodiment As described above, according to the second embodiment, when the number verification NG operation is set in the subscriber information in advance and the number result is NG, the IP telephone exchange (SIP Server) can be operated during number verification NG.

  In addition, according to the present embodiment, the operation at the time of number verification NG is set as a connection with the announcement server 7, and it is possible to announce the connection impossibility factor from the announcement server 7 to the transmission terminal.

  As a result, by notifying the caller that the incoming call cannot be made by an announcement, there is an effect of suppressing an increase in traffic due to re-transmission after connection failure. In addition, it is possible to detect an event such as an illegal signal transmission due to a terminal failure at an early stage.

(C) Third Embodiment Next, a third embodiment of the caller ID verification system will be described with reference to the drawings.

  In the present embodiment, the contents of the operation at the time of number verification NG are different from those in the second embodiment. In the case of number verification NG, in the second embodiment, the IP telephone exchange 2 is intended to establish a session with the announcement server 7. However, in this embodiment, the IP telephone exchange 2 is an application server (B2BUA: Back to Back User Agent). And try to have a session. This makes it possible to connect to the receiving terminal without notification through the application server (B2BUA).

(C-1) Configuration of Third Embodiment FIG. 12 is an overall configuration diagram of a caller number verification system of the third embodiment. In FIG. 12, a caller ID verification system 300 according to the third embodiment includes an IP telephone exchange 2, IP telephone subscriber terminals 5 and 6, and an application server (B2BUA) 8 that can be connected to the IP telephone network 1.

  In FIG. 12, the same or corresponding components as those described in the first embodiment will be described with corresponding reference numerals. Detailed functional descriptions of these corresponding configurations are omitted.

  The IP telephone exchange 2 corresponds to the IP telephone exchange 2 described in the second embodiment. Accordingly, the IP telephone exchange 2 has a subscriber information management unit 3 having a table shown in FIG.

  As shown in FIG. 9, in the connection NG operation condition table 34, the connection with the application server (B2BUA) 8 is set as the operation condition, and the connection destination (eg, IP address) of the application server (B2BUA) 8 is set as the connection destination. There is a setting.

  As in the second embodiment, the IP telephone exchange 2 operates when the number is not verified when the subscriber information table 33 has no other notification number link ID or when the number on the header does not match the other notification number. Confirm. The IP telephone exchange 2 establishes a session with the application server (B2BUA) 8 when the connection with the application server (B2BUA) 8 is set in the operation condition table 34 at the time of connection NG.

  As a result, even if the caller ID verification result from the calling terminal is NG, it is possible to realize a call with the receiving terminal by non-notified incoming call by establishing a session with the receiving terminal through the application server (B2BUA) 8. .

  When receiving a message (INVITE) from the IP telephone exchange 2, the application server (B2BUA) 8 transmits a connection request (INVITE) to the receiving terminal designated by the calling terminal.

  At this time, the application server (B2BUA) 8 sets a dummy number (anonymous) in the From header, and transmits a message (INVITE) with a privacy header (ID setting) to the receiving terminal. As a result, it is possible to make a call with a non-notification incoming call.

(C-2) Operation of Third Embodiment Next, the operation of the caller ID verification system of the third embodiment will be described with reference to the drawings.

  FIG. 13 is a flowchart showing the operation of the caller ID verification system 300 of the third embodiment. FIG. 14 is a processing sequence diagram in the caller ID verification system 300 of the third embodiment.

  Sequence of connection request, authentication request, etc. between the calling terminal (IP telephone subscriber terminal 5) and the IP telephone exchange 2, digest authentication in the IP telephone exchange 2, confirmation of other notification numbers, operation verification during number verification NG, Since it demonstrated in 1st and 2nd embodiment, detailed description is abbreviate | omitted (F1-F110 of FIG. 13, S101-S506 of FIG. 14).

  In F109 of FIG. 13, when the IP telephone exchange 2 confirms the operation at the time of number verification NG and the operation condition of the operation condition table 34 at the time of connection NG is connection with the application server (B2BUA) 8, the connection processing unit 4 Using the destination of the message (INVITE) as the connection destination of the application server (B2BUA) 8, the message (INVITE) is transmitted to the application server (B2BUA) 8, and the connection process is performed (F112, S607 in FIG. 14).

  The application server (B2BUA) 8 that has received the message (INVITE) from the IP telephone exchange 2 sets a dummy number (anonymous) in the From header of the INVITE, adds a privacy header, and sends the originating terminal (IP telephone subscriber terminal 5 The INVITE is transmitted to the receiving terminal designated by () (F113, S608).

  The IP telephone subscriber terminal 6 that has received the message (INVITE) from the application server (B2BUA) 8 establishes a session by transmitting and receiving signals to and from the calling terminal 5 through the application server (B2BUA) 8 to realize a call ( S609 to S616).

(C-3) Effect of Third Embodiment As described above, according to the third embodiment, when the caller ID verification result is NG, the IP telephone exchange 2 cooperates with the application server (B2BUA) 8. Thus, it is possible to receive a call without a caller ID. By realizing this method, it is possible to reduce call loss while guaranteeing a signal as a network by receiving a call without notifying the number that was the caller number verification NG.

(D) Other Embodiments (D-1) In the first to third embodiments described above, the receiving terminal is shown as a terminal connected to the IP telephone network, but can be connected to the general telephone network (PSTN). By linking with a soft switch, the present invention can also be applied to a case where a terminal connected to the PSTN is a destination.

(D-2) In the second and third embodiments described above, the announcement server 7 and the application server (B2BUA) 8 may be physically configured on the same server as the IP telephone exchange (SIP server). Good.

(D-3) Regarding the subscriber management information in FIGS. 2 and 9, there is no particular limitation on the table configuration (multi-table configuration, single table configuration, etc.) as long as necessary information is managed.

(D-4) In the first embodiment (see FIG. 3), the case of session participation request (INVITE) is shown, but this verification procedure is performed in the presence or the like, such as location registration request (REGISTER) or the like It can be applied to other requests. In the case of a location registration request (REGISTER), a contract can be established by using this table with “other notification number link ID” as “other registration permission number link ID” and other notification number table as “other registration permission number table”. Even when a registration request is made by a third party other than the user, it can be checked whether the request is from a permitted user, and rewriting of registration information by an unauthorized user can be guarded.

(D-5) In the first to third embodiments described above, the case where the present invention is applied to a voice call system employing SIP has been described. However, a number (setting number) included in a signal given from a calling telephone terminal in a call sequence ) Can be verified, the voice communication protocol is not limited to SIP. Also compatible with voice communication protocols such as H.323.

(D-6) In the first to third embodiments described above, the SIP server 2 receives INVITE with authentication information added (S104 in FIG. 4), and after digest authentication (user authentication), The case of performing the verification has been described. In other words, notification number verification was performed immediately before session establishment.

  This is by verifying the caller number immediately before establishing a session with the receiving terminal, so that a “spoofing action” of a third party that can be performed between the first call request (S101) and S104 from the calling terminal is performed. Intended to prevent.

  That is, a third party may avoid the number verification by setting the INVITE setting number of S101 as the caller number and the INVITE setting number of S104 as another number. In the above-described embodiment, this point is fully considered, and the notification number verification is performed immediately before the session is established, so that it is more effective.

  However, the timing for performing the caller ID verification in the above-described embodiment may be performed at the time of reception of S101, and may be performed in both S101 and S104 if possible.

  When the caller number verification is performed at the timing of S101, the number verification is performed with reference to the subscriber information table using the setting number (caller number) included in INVITE as a key.

100: Caller ID verification system, 1 ... IP telephone network,
2 ... IP telephone exchange (SIP server), 3 ... subscriber information management unit,
31, 33 ... subscriber information table, 32 ... other notification number table,
34 ... NG operating condition table when connected,
4 ... connection processing unit, 5, 6 ... IP telephone subscriber terminal.

Claims (5)

A notification number verification system that verifies the validity of an outgoing notification number notified from an outgoing telephone terminal in an IP communication network,
Communication connection control means for controlling communication connection with the calling telephone terminal;
User information management means for managing user information of each user having at least one or more setting notification numbers and authentication information set as a caller notification number;
Upon receiving a connection request from the calling telephone terminal to the communication connection control means, the authentication included in the received packet received from the calling telephone terminal with reference to the user information managed by the user information management means User authentication means for authenticating the caller based on the identification information;
Whether or not the outgoing notification number included in the received packet matches the number included in each of the setting notification numbers of the user information of the user information management means when the user authentication means authentically authenticates And a notification number verification means for verifying the validity of the call notification number.   The notification according to claim 1, wherein the user information management means manages one or a plurality of telephone numbers as the setting notification number in addition to the contract telephone number assigned to the calling telephone terminal. Number verification system. The user information management means also manages the operation mode to be operated when the verification result by the notification number verification means is not valid,
3. The notification number verification system according to claim 1, wherein when the verification result of the notification number verification unit is not valid, the communication control unit operates according to the operation mode.   4. The notification number verification system according to claim 3, wherein the operation mode is a connection with an announcement server that transmits a recorded voice indicating that the verification result is not valid to the calling telephone terminal. The communication connection control means adopts SIP to perform communication connection control. When a connection request message is received from the calling telephone terminal, an authentication request necessary for caller authentication is sent to the calling telephone terminal. Do,
The user authentication means authenticates the caller using the authentication identification information included in the message received from the caller telephone terminal;
The said notification number verification means verifies validity using the said transmission notification number set to the header of the said message containing the said authentication identification information. The any one of Claims 1-4 characterized by the above-mentioned. Notification number verification system described in.

Images