`
`[19]
`
`[11] Patent Number:
`
`5,958,016
`
`Chang et al.
`
`[45] Date of Patent:
`
`Sep. 28, 1999
`
`US005958016A
`
`5,526,489
`6/1996 Nilakantan et al.
`5,539,886
`7/1996 Aldfed Ct a1~ ~
`22393:: 1212:: size. 1
`,
`,
`a ar e a. .
`‘
`5572583 11/1996 Whéeler’ Jr‘ et 91‘
`5586477 12/1996 Fm“ 6‘ ‘*1’
`'
`5,623,601
`4/1997 Vu .................................... .. 395/187.01
`5,721,908
`2/1998 L
`d
`t
`l.
`395/610
`5,802,146
`9/1998 Dfifiafi
`...
`....N 379/34
`5,826,029
`10/1998 Gore et al.
`....................... .. 395/200.57
`
`
`
`.
`
`[54]
`
`INTERNET-WEB LINK FOR ACCESS TO
`INTELLIGENT NETWORK SERVICE
`
`[75]
`
`Inventors: Te-An Chang, Laytonsville; Joseph R.
`Rostock, Davidsonville both of Md
`’
`'
`.
`,
`.
`[73] Assignee: Bell Atlantic Network Services, Inc.,
`Arllngton, Va~
`
`[211 APP1~ Nee 03/904117
`[22]
`Filed;
`Jul, 13, 1997
`
`§§§'Z§?.fZ3‘,?.Z1,§7,f!,:Zsa§f§,i11”§?,‘§jI2§
`Attorney, Agent, or Firm—McDermott, Will & Emery
`
`Int. 0.6 .................................................... .. H04M 1/24
`[51]
`[52] U.S. Cl.
`........................ .. 709/229; 709/202; 709/203;
`
`[57]
`A
`
`b
`
`ABSTRACT
`f
`~
`
`~
`
`d d
`
`h, h
`
`bl
`
`27 Claims, 5 Drawing Sheets
`
`4.19
`244
`
`unn
`
`ISCP m
`243
`SCE
`ll/IllIIIH
`
`SMS
`(SPACE)
`246
`'50P‘
`
`'
`DATA
`DISTR.
`
`_\
`\:\:\\
`\‘1\
`
`241
`
`|SCP-
`SITE 2
`
`«-241
`
`EX. 1004
`
`YMax Corporation
`
`Page 1 of 20
`
`
`
`237
`swncn
`AC3
`MGMT SVS's
`235
`RAO
`
`251
`
`FIREWALL
`
`
`
`musrso
`253 mwx svs.
`
`SECURE ACCESS
`(ms)
`PLATFORM
`E
`255
`:
`
`
`Q
`
`was ssavnce
`PROFILE
`MGMT. svs, APPL'N
`DB
`03 E
`
`258
`WSMS
`
`11
`
`[58] Field Of Search ......................... 395/200.59, 200.55,
`395/200'54> 200'49> 200'33> 20032; 709/229>
`225> 224> 219> 203> 202
`References Cited
`U.S. PATENT DOCUMENTS
`8/1988 Chang et 91'
`'
`8/1989 Estrada et al.
`.
`8/1993 Babson, III et al.
`9/1993 Kay et al.
`.
`2/1994 Kasprzyk et al.
`5/1994 perlman et a1.
`.
`7/1994 Wolff et a].
`.
`12/1994 Wegner et al.
`2/1995 Bulfer eta1..
`4/1995 Ba11d0iI1 -
`6/1995 Berteau -
`7/1995 Mcconnell ‘
`11/1995 Satter et al.
`11/1995 Gut .
`2/1996 Rangachar .
`3/1996 Koster .
`5/1996 McConnell .
`.
`5/1996 Akman et al.
`6/1996 Cheston, III et al.
`
`................. .. 379/201
`
`.
`
`.
`
`.
`
`.
`
`[561
`
`4>798>150
`4,855,905
`5,241,588
`5,247,571
`5,287,103
`5,309,437
`5,327,435
`5,377,186
`5,392,357
`5,406,557
`5>423>003
`5’436’957
`5,469,500
`5,471,459
`5,495,521
`5,499,290
`5,517,562
`5,519,772
`5,526,413
`
`:2
`a Communication network’ Such as the advanced intelligent
`telephone network via a public packet data network typi-
`cally the network now commonly known as the Internet. The
`b
`b
`dI
`h
`l
`l
`f
`Ziiféifep$138e3t?§e§hZCZ?$?§’§§§,L,§oEef§33of1§”i§°,§y
`sugscriger who also uses the I(Ii1t:‘IlCI, for €X:.IIlpl€
`usinghthe
`.
`’
`. ti
`PC
`t
`t
`.
`:71\lelS)(-:"rl“1VerteSriIf1:iXii1:l.m§ secur:n aCCf£S)SVV:)T:If::InVV£)1::V10(1rCS E11615
`-
`-
`-
`-
`-
`lmirface and Commumcates V” a pnvate data “‘7’tW‘.’rk Wlth
`various systems used to manage the communication net-
`.
`work. The secure access platform includes a firewall coupled
`between the public ‘data network and the private data net-
`work. The firewall implements the web page interface and
`validates certain users of the public data network as sub-
`scribers to services of the communication network. The
`secure access platform also includes a web services man-
`agement system, which communicates with the firewall and
`with the communication network management systems via
`.
`the private data network. The platform enables persons
`.
`.
`.
`.
`surfing the web to control their services and receive various
`reports relating to status and/or usage of their network
`SerV1CeS~
`
`Ex. 1004
`YMax Corporation
`Page 1 of 20
`
`
`
`U.S. Patent
`
`Sep 28, 1999
`
`Sheet 1 of 5
`
`5,958,016
`
`x_\_
`
`P.O_..._x
`_xmR_
`
`
`
`mmm8<....................................-.EzmmHz_Emmaumm3\2
`
`<0V)
`
`o
`
`ii-
`Ea 5‘
`5 ‘__U__..___
`
`‘_LLl
`
`imezmu
`
`mu_..Eo
`
`
`
`
`
`w._m_zz<Iom_o_o>Ew._mzz<_.._om_o_O>
`
`€525
`
`mu_to
`
`EX. 1004
`
`YMax Corporation
`
`Page 2 of 20
`
`Ex. 1004
`YMax Corporation
`Page 2 of 20
`
`
`
`
`
`
`
`nCtaP&
`
`S
`
`9991
`
`.m
`
`te
`
`5
`
`tSN
`
`
`
`wo<owxozsm
`
`
`
`w_m>m:5222.2%:
`
`
`
`
`
`mm.IWR1322
`
`an
`
`M2$255.
`
`2852:
`
`cm-mom_.w>m:32
`
`S:<2am:
`
`
`
`
`
` _3EN».mm2m9:<:5NEa32:m$8<mmaomm
`
`9:7.mo9$55-n_om_3SNBmomm
`
`O
`
`6Owem.CP.X3No:a
`
`4H0mmm1.mommw
`
`Ex. 1004
`YMax Corporation
`Page 3 of 20
`
`
`
`
`ftH6ftaD13U
`
`Sep.28, 1999
`
`Sheet 3 of 5
`
`5,958,016
`
`.ouz_
`
`mma_>omm
`
`m_m
`HH______._
`
`_
`
`\
`
`MMHDOZ
`
`+.o_m
`
`mmeaommmhbom
`//xE\
`ESEmmfiaom.E\%-H<_o
`
`
`
`_
`
`com
`
`
`
`éoamzn5-H<aESE/H.,§_._\\
`
`55x.............................................m.O_n_ .\ //2juI.IIII—xwas\§H,,.,ESE25_
`
`9$
`
`mmf
`Eme
`.rOX04
`om.CP
`
`002
`
`4H0
`
`/II//I
`
`EE>oEWmmfiaommuesomin
`HVXHmm,,
`anH,,fifimmi
`
`Eoamz...5-._<_oM2?\mmfiaom,,
`
`_Hmmfisom\E_._\)XHx_/
`_/H._..._oE<._
`
`Hmam
`
`_mmfiaom\_HIE.ao_.,?o_E__5%xmmzaom.25_HNuHH__
`
`J.a:..u..no..:a.:«.uv.:...........:.n.....:........u.:.u.-.u:.u..-u-:n-u:..nusIIlII.—
`
`N31--
`
`HH
`
`Ex. 1004
`YMax Corporation
`Page 4 of 20
`
`
`
`
`U.S. Patent
`
`9991O092u.eS
`
`5f04whS
`
`
`
`V.2:29
`
`‘1
`
`9332mSEEO
`“M,a
`
`M0M.0525::mP
`
`4H0mmmm.m,w
`
`Ex. 1004
`YMax Corporation
`Page 5 of 20
`
`
`
`U.S. Patent
`
`Sep.28, 1999
`
`Sheet 5 0f5
`
`5,958,016
`
`FIG.5
`
`
`
`
`
`APPLlCATlON
`SECURITY
`COMPUTER
` ROUTER
`
`EX. 1004
`
`YMax Corporation
`
`Page 6 of 20
`
`Ex. 1004
`YMax Corporation
`Page 6 of 20
`
`
`
`1
`INTERNET-WEB LINK FOR ACCESS TO
`INTELLIGENT NETWORK SERVICE
`CONTROL
`
`TECHNICAL FIELD
`
`The present invention relates to a system and methodol-
`ogy for providing telephone service customers with a stan-
`dardized interface for access to service control and manage-
`ment elements of a communication network, such as the
`telephone network, via a public packet switched data
`network, such as the Internet.
`
`Acronyms
`
`The written description uses a large number of acronyms
`to refer to various services, messages and system compo-
`nents. Although generally known, use of several of these
`acronyms is not strictly standardized in the art. For purposes
`of this discussion, acronyms therefore will be defined as
`follows:
`
`Advanced Intelligent Network (AIN)
`Automatic Message Accounting (AMA)
`Autonomous System (AS)
`Call Processing Record (CPR)
`Central Office (CO)
`Common Channel Interoffice Signaling (CCIS)
`Competing Local Exchange Carrier (CLEC)
`Customer Premises Equipment (CPE)
`Data Distributor (DD)
`Data Reporting System (DRS)
`File Transfer Protocol (FTP)
`Generic Data Interface (GDI)
`HyperText Mark-Up Language (HTML)
`HyperText Transfer Language Protocol (HTTP)
`Integrated Service Control Point (ISCP)
`Integrated Services Digital Network (ISDN)
`Intelligent Peripheral (IP)
`IntereXchange Carrier (IXC)
`Internet Service Provider (ISP)
`ISDN Users Part (ISDN-UP)
`Local Area Network (LAN)
`Local Exchange Carrier (LEC)
`Memory Administration Recent Change System (MARCH)
`Multipurpose Internet Mail Extension (MIME)
`Multi-Services Application Platform (MSAP)
`Office Equipment (OE) number
`Operations Systems Network (OSN)
`Personal Computer (PC)
`Personal Identification Number (PIN)
`Plain Old Telephone Service (POTS)
`Point In Call (PIC)
`Primary Rate Interface (PRI)
`Public Switched Telephone Network (PSTN)
`Regional Bell Operating Companies (RBOCs)
`Revenue Accounting Office (RAO)
`Service Control Point (SCP)
`Service Creation Environment (SCE)
`Service Management System (SMS)
`Service Order Administration and Control System (SOACS)
`Service Switching Point (SSP)
`Signaling Point (SP)
`Signaling System 7 (SS7)
`Signaling Transfer Point (STP)
`Simplified Message Desk Interface (SMDI)
`Station Message Detail Recording (SMDR)
`Transaction Capabilities Application Part (TCAP)
`
`10
`
`15
`
`20
`
`25
`
`30
`
`40
`
`50
`
`60
`
`5,958,016
`
`2
`
`Transmission Control Protocol/Internet Protocol (TCP/IP)
`TRunk (TR)
`Trusted Network System (TNS)
`Universal Resource Locator (URL)
`Web Service Management System (WSMS)
`BACKGROUND
`
`For some years, the telephone industry has been devel-
`oping an enhanced telephone network, sometimes referred
`to as an Advanced Intelligent Network (AIN), for providing
`a wide array of new voice grade telephone service features.
`In an AIN type system, local and/or toll offices of the public
`telephone network detect one of a number of call processing
`events identified as AIN “triggers”. An office which detects
`a trigger suspends processing of a call, compiles a call data
`message and forwards that message via a common channel
`interoffice signaling (CCIS) link to a database system, such
`as an Integrated Service Control Point (ISCP) which
`includes a Multi-Services Application Platform (MSAP)
`database. If needed, the ISCP can instruct the central office
`to obtain and forward additional information. Once suffi-
`cient information about the call has reached the ISCP, the
`ISCP accesses its stored data tables in the MSAP database to
`translate the received message data into a call control
`message and returns the call control message to the office of
`the network via CCIS link. The network offices then use the
`call control message to complete the particular call. For an
`ordinary telephone service call, there would be no event to
`trigger AIN processing; and the local and toll office switches
`function normally and process such a call without referring
`to the central database for instructions. AnAIN type network
`for providing an Area Wide Centrex service, for example,
`was disclosed and described in detail in commonly assigned
`U.S. Pat. No. 5,247,571 to Kay et al.
`In an AIN network developed by the Regional Bell
`Operating Companies (RBOCs) and Bell Communications
`Research (Bellcore), a terminal and software system referred
`to as ‘SPACE’ functions as the service creation environment
`and/or service provisioning system for the AIN control
`functions in the central database system. For example, as
`disclosed in U.S. Pat. No. 5,241,588 Babson, III et al.,
`customized call processing information records are created
`and/or modified in a graphical environment, by creating or
`modifying a customer’s service graph-on the display termi-
`nal. Data corresponding to the service graph is then stored
`in a service control point (SCP) database. Other terminal and
`software systems could be used to create and provision the
`AIN services. For AIN services today, however, telephone
`company personnel utilize the SPACE system to create
`templates for the service logic for new services. When
`customers subscribe to the services, the templates are filled
`in with the subscribers’ data to create individual call pro-
`cessing records (CPRs). The CPRs are stored in the database
`in the SCP or in an ISCP, for controlling actual call pro-
`cessing.
`Many of the enhanced communication services offered by
`the AIN permit a subscriber to input control information, to
`manage services as desired. For example,
`in a simple
`forwarding or redirection service,
`the subscriber might
`change the ‘forward to’ number from time to time to route
`calls to different destinations. As another example, a sub-
`scriber might want to block calls unless they are to or from
`numbers on a list, and the subscriber would want to change
`the list of numbers from time to time. Some subscribers need
`
`to change certain information quite frequently, even for
`relatively simple AIN services. It
`is too cumbersome to
`require the subscriber to call the local telephone company’s
`business office and request each and every one of the routine
`changes.
`
`Ex. 1004
`
`YMax Corporation
`
`Page 7 of 20
`
`Ex. 1004
`YMax Corporation
`Page 7 of 20
`
`
`
`5,958,016
`
`3
`At present, automated subscriber interactions to modify
`the subscribers’ AIN services rely mainly on a voice
`response type interaction. The subscriber calls a special
`number, hears recorded announcements or synthesized voice
`prompts and inputs a PIN number and service related
`information. Typically,
`the subscriber inputs the various
`information by keying buttons on a Touch Tone telephone,
`but use of speech recognition technology has been proposed
`to enable a subscriber to vocally input the information.
`Consider for example, commonly assigned U.S. Pat. No.
`5,572,583 to David F. Wheeler, Jr. and Robert D. Farris. This
`Patent discloses an intelligent peripheral (IP) for providing
`enhanced call processing functions, such as announcement
`and digit collection, voice recognition, facsimile mail and
`voice mail,
`in an AIN type telephone network. The IP
`connects through telephone line groups to one or more
`Service Switching Point (SSP) offices of the telephone
`network. The IP also communicates with an ISCP via a
`
`10
`
`15
`
`signaling network separate from the voice circuits and from
`the CCIS network that interconnects the ISCP to the SSP
`
`20
`
`offices. One major use for the disclosed IP relates to provi-
`sioning and/or modifying services. The IP provides prompts
`and receives dual-tone-multi-frequency tone signals or
`speech inputs from subscribers.
`Typically, a telephone company technician initially sets
`up a subscriber’s service using the Service Creation Envi-
`ronment or SCE in the ISCP. As part of this procedure, the
`technician establishes one or more data tables for the sub-
`
`scriber in the service control point (SCP) database 43.
`Subsequently, the subscriber controls the service by input-
`ting data to populate the subscriber’s data table(s) through
`an interaction with the IP. The newly input control data is
`transferred from the IP to the ISCP for storage and for
`subsequent control of the subscriber’s communication ser-
`vices. The IP also may provide a data interface for PC based
`access,
`
`Such interactive voice response processing provides only
`limited input capabilities and is subject
`to input errors,
`because the subscriber accidently hits the wrong button or
`incorrectly pronounces a spoken input. Many of the AIN
`services require subscriber inputs, for example combinations
`of blocked numbers, time of day and day of the week, that
`are too complex for the average subscriber to input using the
`interactive voice response procedures.
`Several other patents have suggested data terminal or PC
`access, through a local area network or direct dial-up links
`to a host computer in the telephone network.
`For example, commonly assigned U.S. Pat. No. 5,436,957
`to Von K. McConnell relates to an AIN-based technique
`enabling a commercial telephone subscriber to selectively
`activate service through a group of lines assigned to the
`subscriber. To facilitate input of the data for controlling the
`selective service activation, McConnell suggested use of PC
`type data terminals. One PC connects to the service man-
`agement system (SMS) in the ISCP via a dedicated data
`communication line. Another PC communicates with the
`
`SMS via a dial-up modem session through the telephone
`network. Either PC may store information relating to the
`subscriber’s products and services and preset tables or forms
`for entry of the necessary data to control that subscriber’s
`restricted access communication services.
`
`With the McConnell system, when the subscriber wants to
`activate communication services in relation to one or a series
`
`of products or services (e.g., a delayed or canceled airline
`flight), the representative accesses the necessary data relat-
`ing to products or services and completes the data tables to
`
`25
`
`30
`
`35
`
`40
`
`45
`
`50
`
`55
`
`60
`
`65
`
`4
`activate the communication services, for example identify-
`ing the particular line(s) for which service will be active and
`the on and off times. When the representative has entered
`and confirmed the data for activating the service, the PC
`downloads that data to the SMS within the ISCP. The SMS
`
`updates the appropriate records in the ISCP, after which the
`ISCP activates services from the subscriber lines in accord
`
`with the most recently entered data.
`Commonly assigned U.S. Pat. No. 5,526,413 issued Jun.
`11, 1996 to Frank C. Cheston, III, James E. Curry and
`Robert D. Farris suggests extending AIN into customer
`premises equipment (CPE). The CPE system includes a
`signaling transfer point (STP) coupled to the CCIS system of
`the public telephone network as well as an ISCP database.
`The ISCP on the customer premises may be implemented in
`software in a personal computer. Although not disclosed in
`detail in the issued Cheston, III, et al. Patent, a related
`application (Ser. No. 08/508,428) adds the teaching of
`customer programming of the network ISCP from the CPE
`equipment. In accord with this aspect of the Cheston et al.
`invention, a PC or other computer on the customer premises
`will run telephone service programming software. The sig-
`naling communication link to the CCIS network of the
`exchange carriers permits the subscriber using the
`on-premises PC and software to load AIN service informa-
`tion into the relevant CPE devices as well as into the ISCPs
`
`and switches of the local exchange carrier network and the
`interexchange carrier (IXC) network.
`Although the PC or terminal based solutions offer some
`enhanced subscriber access to control AIN services,
`the
`solutions proposed to date have inherent limitations. Any of
`these prior art implementations using a PC or terminal to
`access the network require specialized terminals and/or
`software and provide only limited access. Also, in most
`cases, the local operating company must maintain the local
`area network or a bank of modems to provide the PC access
`service.
`
`A need therefore still exists for a technique which will
`enable any subscriber to personally access and control their
`AIN services from a general purpose computer without
`specially developed hardware or software interfaces.
`
`DISCLOSURE OF THE INVENTION
`
`The present invention addresses the above-stated needs by
`providing a web page type interface, for accessing control of
`intelligent network type telephone services, via a public
`packet data network, such as the network now commonly
`known as the Internet. Typically, a person’s PC or other
`terminal runs common software, such as a ‘browser’ to
`obtain various web pages of information from the network.
`While viewing web pages using the browser, the invention
`enables persons surfing the web to access the telephone
`network,
`to control
`their telephone services and receive
`various reports relating to their telephone services. The
`inventive web access also provide an architecture, which
`maintains the necessary security of the telephone network
`and associated network management systems.
`Thus, one aspect of the invention relates to a communi-
`cation network. The overall network includes a traffic net-
`
`work for providing selective communications to subscriber
`stations and an operations network. One example of such a
`communication network is a public switched telephone
`network. At
`least one network management system is
`coupled to the operations network, for managing selective
`communication services provided through nodes of the
`traffic network. The overall communication network also
`
`Ex. 1004
`
`YMax Corporation
`
`Page 8 of 20
`
`Ex. 1004
`YMax Corporation
`Page 8 of 20
`
`
`
`5,958,016
`
`5
`includes a secure access platform coupled to the operations
`network and for coupling to a public data network.
`The secure access platform validates predetermined users
`of the public data network as subscribers to services of the
`communication network. The platform implements a stan-
`dard graphical user interface of the public data network,
`preferably an Internet type web page interface, enabling
`communications with terminals on the public data network.
`The platform also communicates with the management
`system. The platform enables validated subscribers to
`review service data from the network management system
`and to input control data to the network management system.
`In response to the control data, the network management
`system modifies operations of the traffic network as selected
`by the validated subscribers.
`Examples of network management systems include pro-
`visioning systems and usage and/or billing data processing
`systems. The provisioning systems establish or modify data
`files or records, in various elements of the traffic network,
`that control subscribers’ services. The data processing sys-
`tems receive operational data from the elements of the traffic
`network and process that data, for example to generate
`subscriber usage reports or bills.
`The control data input by the subscribers may control
`services facilitated through high level network control
`points. In an intelligent network implementation of a tele-
`phone network, for example,
`the control data is used to
`establish or modify call processing records stored in a
`service control point. The control data also may be used to
`modify individual subscriber profiles in central office
`switching systems of the telephone network.
`The service related data presented to the users through the
`graphical user interface may relate to existing services
`provided by the communication network, e.g. stored in a
`provisioning system. For example, this data may relate to
`current status of intelligent network services to which each
`customer subscribes. The service related data also may relate
`to usage of the communication network services and/or to
`the account or billing for services used, as supplied from a
`data processing system.
`Another aspect of the invention relates to a specific
`implementation of the secure access platform. The platform
`includes a firewall and a service management system. The
`firewall is coupled to the public data network. The firewall
`comprises a proxy server, an application server and an
`access control. The application server provides the standard
`graphical user interface through the proxy server for users
`accessing the firewall via the public data network. The
`access control authenticates users of the packet data network
`as valid subscribers of communication network services.
`
`The service management system communicates with the
`application server and the network management system. The
`service management system receives subscriber inputs via
`the application server and processes at least some of the
`subscriber inputs to provide data to the network manage-
`ment system. The service management system also sends at
`least some information, relating to services provided to
`subscribers by the communication network, from the net-
`work management system through the application server and
`the public data network to subscribers.
`The preferred embodiment also includes a further security
`system logically operating between the firewall and the
`service management system. All messages going to and
`from the firewall via the operation network, including com-
`munications between the firewall and the service manage-
`ment system, pass through this network security system. The
`
`6
`network security system passes message to and from the
`firewall only if the messages are valid in accord with certain
`security restrictions.
`As noted, in the preferred embodiment, the traffic network
`is an intelligent telephone network. The nodes of the traffic
`network, for example, include various central office switch-
`ing systems of the telephone network. The central offices are
`interconnected by trunks for carrying interoffice traffic and
`by a signaling network, which carries call set-up related
`messages and other signaling communications. The intelli-
`gent implementation of the telephone network also includes
`a service control point. The service control point stores data
`for controlling certain call processing operations of the
`central office switching systems.
`The operations network provides communications
`between one or more provisioning systems and the elements
`of the telephone network, such as the central office switching
`systems and/or the service control point. The operations
`network also carries communications between the telephone
`network elements and one or more data processing systems,
`which generate usage reports and bills.
`Through the web page access provided by the platform,
`telephone subscribers can review the status of their services
`and modify or upgrade their telephone services, including
`switch-based services and intelligent network services con-
`trolled through the data stored in the service control point.
`Subscribers also may review reports of usage of their
`services or review account or billing statements.
`Additional objects, advantages and novel features of the
`invention will be set forth in part in the description which
`follows, and in part will become apparent to those skilled in
`the art upon examination of the following or may be learned
`by practice of the invention. The objects and advantages of
`the invention may be realized and attained by means of the
`instrumentalities and combinations particularly pointed out
`in the appended claims.
`
`BRIEF DESCRIPTION OF DRAWINGS
`
`The drawing figures depict the present invention by way
`of example, not by way of limitations. In the figures, like
`reference numerals refer to the same or similar elements.
`
`FIG. 1 is a high level functional block diagram of an
`intelligent telephone network, systems for managing ser-
`vices provided by that telephone network and a system for
`providing secure Internet type access to subscribers to allow
`them to manage their telephone services via the Internet, in
`accord with the invention.
`
`10
`
`15
`
`20
`
`25
`
`30
`
`35
`
`40
`
`45
`
`50
`
`FIG. 2 is a somewhat more detailed block diagram useful
`in understanding the secure customer access, in accord with
`the invention.
`
`55
`
`60
`
`FIG. 3 is a block diagram of the public packet switched
`data network now commonly referred to as the Internet.
`FIG. 4 is a block diagram of one embodiment of a
`terminal, in the example a personal computer, for accessing
`the management systems of the intelligent telephone net-
`work in accord with the invention.
`
`FIG. 5 is a detailed block diagram of the firewall and the
`trusted network system used in the system of FIG. 2.
`BEST MODE FOR CARRYING OUT THE
`INVENTION
`
`65
`
`Recently, considerable public attention has focused on the
`packet data network known as the Internet and the range of
`information and multimedia services available via the
`
`‘World Wide Web’ portion of that network. Typically, a
`
`Ex. 1004
`
`YMax Corporation
`
`Page 9 of 20
`
`Ex. 1004
`YMax Corporation
`Page 9 of 20
`
`
`
`5,958,016
`
`7
`person’s PC runs common software referred to as a
`‘browser’ to obtain various web pages of information from
`the network. Several vendors also now offer a ‘Web-TV’
`
`terminal device for coupling to a television set, to provide
`web browsing and other Internet services using a remote
`control and a television screen. While viewing pages using
`either type of terminal,
`the user can enter requests by
`clicking on text or icons or can send typed inputs to a server.
`The invention enables persons surfing the web using such
`common technology to access a communication network,
`preferably the AIN telephone network,
`to control
`their
`services and receive various reports relating to their services.
`The inventive Internet access opens the personal control
`of AIN telephone services to any subscriber who also uses
`the Internet, using the subscriber’s existing PC and software
`or their Web-TV terminal. However, Internet access raises
`serious security concerns. The inventive web access there-
`fore entails an access architecture, which provides the web
`page type user interface via the Internet and maintains the
`necessary security of the telephone network and associated
`network management systems. The inventive access system
`also offers efficient service management, both for provision-
`ing functions and for usage monitoring functions.
`FIG. 1 provides a high level illustration of an intelligent
`telephone network, its control and management systems as
`well as the customer access thereto provided by the inven-
`tion. To understand the invention, it may be helpful first to
`review the structure and operation of the telephone network.
`The overall communication network illustrated in FIG. 1
`
`includes a telephone type traffic network as well as a private
`operations data network and management systems coupled
`thereto to provision and report on operations of the tele-
`phone network. The communication network connects to a
`public packet switched data network, such as the Internet,
`and through that network to a variety of users terminal
`devices. A secure access platform interfaces the public
`packet switched data network to the private data network
`associated with the telephone system. The access through
`the secure platform allows users to operate their terminals to
`access the telephone network management systems via the
`Internet.
`
`In the example depicted in FIG. 1, the telephone network
`is an advanced intelligent network or ‘AIN’. As shown, the
`telephone network includes a switched traffic network and a
`common channel signaling network carrying the control
`signaling messages for the switched telephone traffic net-
`work. The telephone or traffic network, operated by one
`carrier or a combination of local carriers and interexchange
`carriers, includes a number of nodes, typically end office and
`tandem office type central office (CO) switching systems 11
`interconnected by trunk circuits TR.
`FIG. 1 shows a number of subscriber stations, depicted as
`telephones 1, connected to a series of central office switches
`11. In the preferred implementation, the connections to the
`central office switches 11 utilize telephone lines (e.g. POTS
`or ISDN), and the switches are telephone type switches for
`providing landline communication. However, it should be
`recognized that other communication links and other types
`of switches could be used. For example, some or all of the
`connections between the stations 1 and the central offices
`
`may include digital or analog radio inks, and the central
`offices may include mobile telephone switching offices.
`Trunk circuits TR carry communication traffic between the
`central office switches 11.
`
`Each end office type central office switch 115 provides
`switched telephone connections to and from local commu-
`
`10
`
`15
`
`20
`
`25
`
`30
`
`35
`
`40
`
`45
`
`50
`
`55
`
`60
`
`65
`
`8
`nication lines or other subscriber links coupled to end users
`stations or telephone sets 1. The typical telephone network
`also includes one or more tandem switching offices such as
`offices 11,, providing trunk connections between end offices
`and/or between other tandem offices. Other trunks TR might
`directly connect end offices 115. Some offices may serve as
`both end offices and tandem offices for providing different
`call connections. As such, the traffic network consists of
`local communication links and a series of switching office
`type nodes interconnected by voice grade trunks TR.
`Although shown as telephones in FIG. 1, the terminal
`devices or stations 1 can comprise any communication
`device compatible with the local communication link.
`Where the link is a standard voice grade telephone line, for
`example,
`the terminals could include facsimile devices,
`modems etc. As discussed more later, many subscribers will
`have terminals with access to a public packet switched data
`network, such as the Internet, and many of those terminals
`will utilize modem connections through the lines and
`switches 11 of the telephone traffic network to access the
`public data network.
`The lines and trunks through the central offices 11 carry
`the communication traffic of the telephone network, includ-
`ing voice traffic and some Internet access traffic. The pre-
`ferred telephone network, however, also includes a common
`channel
`interoffice signaling (CCIS) network carrying a
`variety of signaling messages, principally relating to control
`of processing of various calls through the traffic portion of
`the network. The CCIS network includes packet data links
`(shown as dotted lines) connected to appropriately equipped
`central office switching systems such as offices 11 and a
`plurality of packet switches,
`termed Signaling Transfer
`Points (STPs) 15. To provide redundancy and thus a high
`degree of reliability, the STPs 15 typically are implemented
`as mated pairs of STPs. The STPs of each pair are inter-
`connected with each other and with other pairs of STPs on
`the CCIS network. The CCIS network of the telephone
`system operates in accord with an accepted signaling pro-
`tocol standard, preferably Signaling System 7 (SS7).
`In the preferred embodiment shown in FIG. 1, each
`central office 11 has at
`least minimal SS7 signaling
`capability, which is conventionally referred to as a signaling
`point (SP) in reference to the SS7 network. As such, the
`offices can exchange messages relating to call set-up and
`tear-down, typically in ISDN users part format (ISDN-UP)
`of the SS7 protocol.
`At least some, and preferably all, of the central office
`switches 11 are programmed to recognize identified events
`or points in call (PICs) as advanced intelligent network
`(AIN) type service triggers. In response to a PIC or trigger,
`a central office 11 initiates a query through the CCIS
`signaling network to a control node, such as one of the
`Service Control Points (SCPs) 19, or to a database system.
`An SCP 19 provides instructions relating to AIN type
`services in response to such queries. The signaling message
`communications be