Classifications

• • H—ELECTRICITY
  • H04—ELECTRIC COMMUNICATION TECHNIQUE
  • H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
  • H04L63/00—Network architectures or network communication protocols for network security
  • H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
  • H04L63/105—Multiple levels of security

Definitions

• the present invention relates to a method of transmitting information between at least a first and a second communication means, including a step of storing at least one set of information in an intermediate element distinct from the first and second communication means.
• Such a method is currently implemented in telecommunication systems operated by the applicant, with a view to enabling transmission and temporary storage of service information formed by context or profile information relating to a user of the system, by accompaniment with data issued by this user.
• the elements which are here called “data” will usually form an essential body of the communication which is in principle initiated by said user in the current state of the art, these data being able for example to be constituted by data representative of a signal of speech and / or video signal produced by the user.
• the context or profile information may for example consist of a geographical location or a list of sectors of interest specific to this user.
• a telecommunication system implementing the method described above includes a main communication network, such as a switched telephone network, able to connect a terminal made available to the user with the less a first means of communication implemented by a first client, said upstream client, identified as the first recipient of a communication initiated by the user, for example by dialing a predetermined code on an alphanumeric keyboard which is provided with its terminal .
• This first means of communication may for example be a home voice server capable of receiving a verbal request from the user and to direct this request, and therefore the current communication, to a second means of communication implemented. by another client, said downstream client, which has been identified by the upstream client as providing a service able to satisfy the request made by the user.
• client should be understood here and in the remainder of the narrative to refer to an entity that requests the resources of another entity to perform a task, a client that can be embodied by a stand-alone server, a group of servers or by various elements separately distributed within various means of communication included in the system.
• this upstream client when the upstream client re-directs the communication to the downstream client, this upstream client can previously store the service information at a particular location of a memory space included in an intermediate element constituted by an auxiliary server and send , via a signaling link provided for this purpose, an address for identifying said particular location.
• this address is formed by a combination of an IP address (abbreviation of the English expression "Internet Protocol” well known to those skilled in the art) assigned to the auxiliary server and an address of a port memory, internal to said auxiliary server, where the service information will have actually been stored.
• IP address abbreviation of the English expression "Internet Protocol” well known to those skilled in the art
• a usage session as a chain of successive activations of different means of communication, such as for example the user's terminal and the servers implemented by the upstream and downstream customers mentioned above.
• the inventors have found that, in the current state of the art, the service information stored by one of these means of communication are related to it and are destined to disappear very quickly after this means of communication ceases to exist. intervene in the current session.
• an interruption of communication of one of the means of communication attractions in the communication chain during a session of use shall not cause a break in continuity of the said session of use.
• servers such as the servers implemented by the upstream and downstream customers mentioned above may, in such a situation, have taken over and proceed offline to a data processing provided by the intervener before calling this intervener to provide them with Results of treatment.
• continuity of the current usage session can not be accompanied by a continuity of existence of the service information, so that it is not possible at present to perform usage sessions where one or more stakeholders could disconnect temporarily or permanently without interrupting the data processing chain.
• One of the aims of the invention is to protect the data stored in the intermediate element against inadvertent access by third parties to whom these data are not intended.
• a method is characterized in that it includes a preliminary step of defining a plurality of groups of customers, a step of designation by the first means of communication of at least a group of clients authorized to access said set of information, and at least one filtering step implemented by the intermediate element to prevent access to said set of information by a non-client audit group.
• the invention thus makes it possible to secure to a large extent the integrity of the information contained in the intermediate element, by organizing a prior selection of the clients authorized to access said information.
• a set of information may also consist of a simple data packet, as well as an assembly, for example within a frame, of a plurality of such packets.
• a speaker may not know all the recipients of a frame that he has generated, but is nevertheless able to secure each of the data packets that constitute it by designating, for each of these packets, one or more groups of clients authorized to access the package in question.
• all access to a set of information stored in the intermediate element is preceded by:
• a validation step during which the group identifier transmitted by the sender of the request is compared with the identifiers of the client groups authorized to access said set of information during the designation step.
• This first embodiment makes it possible to control in a simple manner at the level of the intermediate element whether or not a client wishing to access information stored in said intermediate element has been previously authorized to do so.
• This first mode of implementation requires each client to know where groups in which it is included, but avoids the intermediate element from having to identify in a centralized way the possible multiple affiliations of the various customers to different groups, only being necessary a knowledge at the level of the intermediate element of identifiers of groups designated as authorized.
• a second possible embodiment of the invention provides for a prior step of storage by the intermediate element, and with reference to each client group defined during the definition step, client identifiers. which are included in the group under consideration, all access to a set of information stored in the intermediate element being preceded by:
• a validation step during which the identifier of the sender of the request is compared with the identifiers of the clients included in the group or groups of customers authorized to access said set of information during the designation step .
• This second mode of implementation requires the intermediate element that it knows the composition of each group of customers, but avoids each of these customers to have to know himself the possible different groups to which he can belong, sometimes also without his knowledge, to have for example been registered by an administrator of an auxiliary network which he would be dependent, so that this second embodiment of the invention is perfectly transparent to customers since it does not require any particular approach to group identification.
• a systematic census of the population of the groups, performed centrally at the intermediate level, is also generally useful for a good administration of the system as to prevent groups of customers from being created anarchically. since only the members of the groups who are effectively enumerated by the intermediate element can actually benefit from the protection of the information that will be stored there.
• a first embodiment of this first variant is characterized in that the method described above further includes an enabling step, during which is designated at least one group of clients entitled to require a storage of a set of information within the intermediate element, any memorization of a set of information in the intermediate element being preceded by:
• a validation step during which the group identifier transmitted by the sender of the request is compared to the identifiers of the groups of customers authorized to memorize a set of information during the enablement step.
• This first mode of implementation makes it possible to simply perform query filtering at the intermediate element level, but requires each client to have an exact knowledge of the group or groups to which it belongs.
• a second embodiment of this first variant is characterized in that the method described above also includes an enabling step, during which is designated at least one group of clients entitled to require storage of a device. set of information within the intermediate element, any memorization of a set of information in the intermediate element being preceded by:
• a validation step during which the identifier of the sender of the request is compared with the identifiers of the clients included in the group or groups of customers authorized to memorize a set of information during the step of d empowerment.
• This second mode of implementation is made transparent for the clients at the cost of a centralized census of the populations of the different groups at the level of the intermediate element, such a census being however useful in itself to the administration of the system.
• a method according to the preceding description may further include a step of encrypting the information included in the set to be stored, which encryption step is preferably implemented by the communication means which has issued a request for storage of the information. the set of information concerned, the encryption itself being executed using a key specific to the group of clients designated by the issuer as authorized to access said set of information.
• Such an encryption step makes it possible to reinforce the confidentiality of the data stored in the intermediate element.
• this transmitter can append this number to its storage request, so that this number can also be stored in the intermediate element.
• a client authorized to access the set of information considered has received and then decrypted this information by means of the key belonging to his group, he can also calculate a number of validation and send it back to the intermediate element as an acknowledgment of receipt of the set of information considered.
• the intermediate element can thus compare this new validation number to that initially calculated by the issuer of the information, which makes it possible to carry out a double posterior validation of verifying that the transfer of this information has indeed been made, d on the one hand, while respecting the integrity of said information, on the other hand.
• Another object of the present invention is to ensure a greater durability in time of the information stored in the intermediate element, by proposing a method and a data transmission system in which all the information relevant for a communication session in execution may be recognized as such in order, in particular, to be preserved throughout the course of the said session.
• a method as described above is characterized according to a variant of the invention in that it also includes an addressing step during which at least one set of information which is intended to be stored in the intermediate element is referenced by means of an address including a session identifier, a session being defined as a chain of successive activations of different communication means, for example the terminal made available to the user or the servers implemented by the upstream and downstream customers mentioned above.
• the invention makes it possible to mark a set of information unequivocally by means of an identifier that will be invariable throughout the course of the session in question, which identifier can also be protected by providing for selective transmission to groups of clients. previously identified as authorized to intervene during the session in question. No element outside the session can, in principle, reach or alter this information, the durability of which will thus be ensured until the end of the session.
• the session identifier is constituted by a string of characters too long to be transported as it is on the main communication network to be communicated from an upstream server to a downstream server.
• the method defined above then advantageously includes at least:
• the call identifier having a nature more volatile than the session identifier, as only useful for a transmission between said two means of communication, it is possible to encode it by means of a character string of length much lower than that of the session identifier whose durability must be guaranteed regardless of the length of the session. This shorter length makes it possible to transmit the call identifier by means of a signaling link which could not have ensured transmission of the session identifier itself.
• the session identifier is unique
• the method according to the variant described above allows to store, for example dynamically, multiple sets of information by means of multiple call identifiers which are all linked to the unique session identifier, which multiple sets of information are thus identifiable as linked together because of the relationship that all their call identifiers share with the identifier of the current session.
• the generation step can be executed not only after, but also before the identifier of the session in question is generated.
• a session can take place in a linear manner, and then cascade a succession of communication means, each of which is attractive in the session one and only one means of communication following.
• a session may also not run in a linear manner, so that a so-called original communication means can attract not only one session in the current session, but also at least two communication means each intended to produce a specific contribution to the processing. data to be completed during the session.
• the session identifiers may be generated in various ways and by different entities included in a telecommunication system in which the invention is implemented.
• this session identifier can be generated by the terminal of a user of the system in a case where this terminal acts as the initiator of the session.
• a session identifier may alternatively be generated by a communication means other than said terminal, for example a server implemented by a client that has been attracted, via the main communication network, in the session initiated by this terminal.
• this session identifier can be generated by a manager of the main communication network via which the various communication means are intended to communicate with each other.
• the call identifiers can also be generated in different ways, and by different means of communication that may occur during the session.
• the step of generating the identifier of call can advantageously be executed by said server on request of one of said communication means.
• This mode of implementation is advantageous in that all the call identifiers are centrally created and managed by an element separate from the communication means but able to communicate with each of them.
• This specific server which will be hereinafter called intermediate information server, may also be able to generate the session identifier, for example on request of the first communication means to which the terminal of the user has been connected.
• each communication means may be able to itself create a call identifier and simply inform the intermediate server of information by notifying it, or by soliciting writing data to an address defined by the call identifier thus created.
• Such decentralized generation may cause collisions between write commands from different communication means having separately designated the same address defined by identical call identifiers.
• the invention also concerns, as a product directly obtained by the implementation of the method described above, a signal intended to be transmitted within a telecommunication system capable of ensuring a transmission of information between at least a first and second communication means via an intermediate element separate from said communication means, which signal carries a request for storage of a set of information within a memory included in the intermediate element and including a field representative of at least one identifier of a group of clients authorized to access said set of information.
• the invention also relates to a telecommunication system capable of ensuring an information transmission between at least a first and a second communication means, furthermore including an intermediate element distinct from the first and second means of communication.
• communication provided with means for memorizing at least one set of information, characterized in that it includes filtering means adapted to be implemented by the intermediate element in order to prevent any access to said set of information from a user not belonging to a population previously designated by one of the communication means as authorized to access said set of information.
• the invention also relates, as a means useful for its implementation, a data server intended to be included in a telecommunication system able to ensure an information transmission between least a first and a second means of communication, which data server is provided with means for storing at least one set of information and filtering means able to prevent any access to said set of information by a user. client not belonging to a population previously designated by one of the communication means as authorized to access said set of information.
• the invention finally relates, as another means useful for the implementation of a telecommunication system according to the foregoing description, a data carrier intended to be included in a intermediate element through which at least one set of information is intended to be transmitted between at least a first and a second communication means, which data medium is provided with means for inhibiting any read or write access to said set of information information from a client not belonging to a population previously designated by one of the communication means as authorized to access said set of information.
• Fig. 1 is a block diagram showing a telecommunication system in which a method according to the invention is implemented
• FIG. 2 is a diagram of steps which schematically represents a method according to the invention.
• Fig.3 is a block diagram showing a possible mode of operation of a telecommunication system in which a method according to a variant of the invention is implemented
• FIG.4 is a block diagram which shows such a telecommunication system in another possible mode of operation
• FIG. 5 is a timing diagram which illustrates an addressing mode according to a variant of the invention.
• Fig. 6 is a timing chart which illustrates an addressing mode according to an advantageous embodiment of this variant of the invention.
• FIG. 1 schematically represents a telecommunication system SYSTO including a plurality of communication means CM1, CM2 ... CMP able to communicate with each other via data links which will for example be established within a network of main communication formed by a PSTN switched telephone network, the SYSTO system being further provided with means for implementing a transmission method according to the invention.
• the SYSTO system is dedicated to ensuring transmission between data servers forming first and second CMl and CM2 communication means implemented by upstream and downstream clients, the term "client" here designating a entity that requests the resources of another entity to execute a task, each client implementing in this particular example an autonomous server forming one of the communication means CM1, CM2 ... CMP.
• this SYSTO system includes filtering means (CPU, GIDM, GPTB) able to be implemented by the intermediate element IEL in order to prevent any access to one or more sets of information SD of the from customers not belonging to a population previously designated as authorized to access this or these sets of information SD.
• filtering means CPU, GIDM, GPTB
• the first communication means CM1 when the first communication means CM1 wishes to transmit to the second communication means CM2 a set of information SD, it will send to an intermediate element IEL a storage request WrRq (CGl 5 CGq), for the purposes to perform a storage of said SD set within a memory medium materialized here by a database DBS which may not be unique, and may include for example one or more hard disks or optical disks.
• a storage request WrRq CGl 5 CGq
• This memorization request WrRq (CGl 5 CGq) includes in this example an identifier CG1 denoting a group of clients including one that implements the first communication means CMl, as well as at least one other group identifier CGq which designates a population clients authorized to later access the SD information set, which population must include the client implementing the second CM2 communication means.
• the first means of communication CM1 will then be able to signal to the second CM2 communication means, via an LS 12 signaling link, the presence in the intermediate element IEL information for said second CM2 communication means.
• the intermediate element IEL includes a group identification table GPTB in which have been previously stored, with reference to each group of clients CG1 ... CGk, identifiers of clients (IdI 1 ... IdIm) ... (Idkl ... Idkp) which are respectively included in the group considered.
• any access by the second means of communication CM2 to the set of information SD stored in the database DBS will in principle be authorized by the intermediate element IEL after receipt of a read request RdRq (Idq2 / CGq ) on the part of said second communication means CM2 by which this second communication means CM2 transmits to the intermediate element at least one individual identifier Idq2 peculiar to this transmitter, and / or at least one identifier CGq specific to at least one group of customers to which belongs this second means of communication CM2.
• Effective access to the SD information set can then be preceded by a validation step during which the identifier Idq2 of the sender of the request is compared with the identifiers of the customers included in the designated customer group. by the group identifier CGq.
• Such validation will be performed by a central processing unit CPU which will receive the individual identifier Idq2 and / or the group identifier CGq and will transmit the content to a management module of identifiers GIDM of the census table GPTB adapted to exchanging with said table Gid identifier-carrying signals, which GIDM identifier management module transmitting back to the central processing unit CPU a validation signal Vds in case of correspondence between the individual identifier and / or the group identifier defining the population of recipients able to access the set of information SD and the individual identifier Idq2 and / or the group identifier CGq transmitted by the second means of communication CM2.
• the central processing unit CPU will issue an authorization signal En which will allow the
• This mode of implementation requires the intermediary element IEL that it knows the composition of each customer group CG 1 ... CGk, but avoids these customers to have each to know himself the possible different groups to which it may belong, so that this mode of implementation of the invention is perfectly transparent for customers, as they do not require any particular group identification process.
• the systematic census of the population of the groups in the GPTB table, centrally executed at the IEL intermediate level, will also be generally useful for the proper administration of the SYSTO system as customers are not created anarchically, since only the members of the groups that will actually be identified by the intermediate element IEL will actually benefit from the service of protection of the information that will be stored there.
• the content of the GPTB table may also advantageously be updated dynamically, for example by means of successive periodic or non-periodic consultations of one or more third-party databases not illustrated in this Figure.
• the first communication means CM1 can append this number Cksl to its request for memorizing WrRq (CGl 5 CGq), so that this number Cksl can also be stored in the intermediate element IEL, for example within the GIDM identifier management module of the census table GPTB.
• WrRq CGl 5 CGq
• IEL intermediate element as an acknowledgment of the SD information set considered.
• the central processing unit CPU can then perform a comparison between this new validation number Cks2 and the number Cksl initially calculated by the sender of the information, in order to verify a posteriori that the transfer of the set of information SD has been operated respecting its integrity.
• the GPTB table can advantageously dynamically store attributes in association with each customer group identifier CG 1 ... CGk, attributes which will represent rights which will or will not benefit the members. of the group considered. It will thus be possible to check centrally whether a given client belongs to a group whose members are generally authorized to access the SYSTO system, to memorize data in the intermediate element IEL, to read data. since the intermediate element IEL, etc.
• Fig.2 schematically represents a method according to the invention which is implemented in the telecommunication system described above.
• This method includes an initial CGDEF definition step of a plurality of client groups CG 1 ... CGk, which respectively include sets of clients individually referenced by means of their identifiers (IdI l ... IdIm) ... ( Idkl ... Idkp).
• This method includes a next CGDES designation step by a first CMl communication means of at least one CGQ group of authorized clients accessing an information set SD (CGq) produced by this first CMl communication means, and intended to be stored in the intermediate element during a next step MEM (SD) for storing the set of information SD (CGq).
• SD next step MEM
• CM2 a second CM2 communication means equipped with an identifier Idq2 requires from the intermediate element access to the set of information SD (CGq) that has been previously stored therein .
• the intermediate element then implements a FILT filtering step in the course of which said intermediate element verifies that the second communication means CM2 belongs to the group CGq of clients authorized to access the set of information SD (CGq). If this is not the case, the intermediate element sends back a RqDn message rejecting the access request issued by the second CM2 communication means.
• the element intermediate executes a next step TR (SD) of transmission of said 'set of information SD (CGq) to said second means of communication CM2.
• SD next step TR
• the intermediate element is thus able to prevent access to said set of information SD (CGq) from a client not belonging to the customer group CGq selected by the first communication means CM1 during the step CGDES designation.
• FIG. 3 schematically represents a telecommunication system SYST1 provided with means for implementing a variant of a transmission method according to the invention.
• This SYSTl system is dedicated to ensuring a transmission of DAT data between a terminal, for example a radiotelephone, a personal diary equipped with transmission / reception functions, or a microcomputer or a multimedia console, made available to a user.
• USR user system SYSTl and a multiplicity of communication means, in the example described here SERVA and SERVB data servers implemented by upstream and downstream clients, and hereinafter respectively referred to as upstream and downstream servers SERVA and SERVB all of these communication means being able to communicate with one another via DLU, DLA and DLB data links established within a main communication network formed by a PTC type CTNW switched telephony network.
• the terminal is able to issue an access request AxRq (T) containing instructions identifying a service defined by the user USR by means, for example, of an alphanumeric keyboard. , a graphical user interface or a voice command tool.
• a platform intelligent network form INPF will direct the DAT data transmitted by the USR user terminal to the SERVA upstream data server which has been identified by the INPF platform as better able to respond to the request issued by the user USR , and therefore as the first recipient of the communication initiated by the user USR.
• the INPF intelligent network platform usually includes a SAC access switch controlled by an SCP service control point and is in itself well known to those skilled in the art, so that it will not be further described. right here.
• the upstream server SERVA When the upstream server SERVA receives DAT data from the user terminal, it will simultaneously receive service information relating to said DAT data, and must ensure their integrity, as well as their storage if necessary. Indeed, it will often happen that the upstream server SERVA is not able, on its own, to carry out an exhaustive processing of the request AxRq (T) issued by the user USR, in which case said upstream server SERVA will have to make use of another SERVB server, called downstream server, to handle certain aspects of this request. In such a case, the upstream server SERVA will warn the INPF platform of the need for the intervention of the downstream server SERVB, which will then be requested by said platform INPF and will be communicated by the server upstream SERVA data that he is destined to treat.
• T request AxRq
• the upstream server SERVA will be able to support a service providing general information and receive from the user USR a request for the purpose of being connected to a philatelic club close to its geographical location, which is included in the service information.
• the SERVB downstream server corresponding to the targeted philatelic club will then be attracted to the current communication session in order to satisfy the USR user request.
• the successive connections of the user's terminal USR with the upstream server SERVA, then the upstream server SERVA with the downstream server SERVB are part of the same chain of successive activations of communication means and are therefore included in the same communication session.
• the downstream server SERVB or the upstream server SERVA can in turn request a connection to the terminal of said user USR by means of an access request AxRq (S) transmitted via the main communication network CTNW, in order to restore to this user USR the result of the processing of its initial request AxRq (T), all the above-described communications always being part of the same communication session although the USR user was temporarily absent.
• the upstream server SERVA may also be required to attract in the current communication session a terminal instead of the downstream server SERVB, particularly a terminal other than the one set. available to the USR user.
• this upstream server SERVA when the upstream server SERVA has received the initial request AxRq (T) and has deduced that the intervention of a downstream server is at least partially necessary for the processing of said query, this upstream server SERVA will establish a communication with an intermediate information server MNGS, to organize a specific addressing of service information received in parallel with this initial request AxRq (T).
• This communication will take the form of a request CIDRq (Si) of at least one call identifier linked to the session in progress, which will have been previously identified by means of a session identifier Si defined either by the platform INPF intelligent network form, either by the SERVA upstream server.
• the upstream server SERVA may also require the intermediate server of information MNGS that it defines the session identifier Si.
• the intermediate information server MNGS is here able to communicate via a specific SCNW communication network, for example a dedicated intranet type network, with the various communication means intended to be activated during the session.
• the intermediate information server MNGS provides in this example to the upstream server SERVA a plurality of call identifiers C 1 (Si) ... CN (Si). ) which are all linked to the same session identifier Si.
• the call identifiers Cl ... CN can be generated in a group without being linked in advance.
• the upstream server SERVA can then send to the intermediate information server MNGS a storage request SDWr (Cj 5 Si 5 CGq), for the purposes of making a storage, at an address defined by a conjunction of the call identifier.
• SDWr Cj 5 Si 5 CGq
• Cj with the session identifier Si of an SDA service information set that is intended for a downstream server that will only be allowed to access the service information if it belongs to the designated customer group by the identifier CGq.
• the intermediate information server MNGS then operates this storage in a data medium, here a DBS database including for example a hard disk or an optical disk, at an address simultaneously including the call identifier Cj and the identifier
• a data medium here a DBS database including for example a hard disk or an optical disk
• the upstream server SERVA will then associate this call identifier Cj with the group identifier CGq, in order to ensure that only the clients belonging to the group clients corresponding to this identifier CGq can receive the call identifier then noted Cj (Si 5 CGq), which will be transmitted to the downstream server SERVB via an LSAB signaling link established by means of the main communication network CTNW.
• downstream server SERVB when the downstream server SERVB receives from the platform INPF an intervention request in the current session, said downstream server SERVB will simultaneously receive, via the LSAB signaling link, an address from which it can retrieve, at condition of being a member of the group of customers identified by the identifier CGq, the service information stored at the instigation of the server upstream SERVA.
• the downstream server SERVB will then send a read request SDRd (Cj, Si 5 IdB) to the intermediate information server MNGS, and will in return receive a communication from the SDA set of service information initially stored on the server's order.
• upstream SERVA at the address defined by the call identifier in association with the session identifier (Cj 5 Si) 5 with the precondition that the identifier IdB of the downstream server SERVB is included in the list of identifiers of Clients belonging to the group designated by the identifier CGq within a census table which is included in the intermediate information server MNGS, as described above.
• the downstream server SERVB can also be assigned call identifiers linked to the identifier Si of the current session, in order to control in turn a storage of identical service information or different from the SDA set that it has received from the upstream server SERVA, which information may be intended for other servers arranged downstream of the downstream server SERVB but may also be intended for upstream communication means such as the upstream server SERVA or the USR user terminal.
• certain embodiments of the invention provide for associating client group identifiers with session identifiers and / or call identifiers, it is possible to establish and manage dynamic within the intermediate information server MNGS a list of rights generally assigned to each group or subgroup of customers that is recorded therein.
• these general rights may notably include a right to be communicated and / or use session identifiers in general, or only certain predefined session identifiers, in order to be able to intervene in one of these sessions.
• these general rights may also include a right to be communicated and / or use call identifiers in general, or only certain predefined call identifiers.
• these general rights may still be a right to create call identifiers in general, or only certain predefined call identifiers.
• FIG. 4 illustrates a situation in which the downstream server SERVB has requested storage of a new set SDB of service information with the intermediate information server MNGS, by means of a storage request SDWr (Cl 3 Si 5 CGp) specifying an address defined by a conjunction of a call identifier C1 previously reserved for said downstream server SERVB, on the one hand, with the session identifier Si, on the other hand, and a CGp identifier a group of clients to which any recipient of this new SDB service information set must belong to be authorized to actually access it.
• SDWr Cl 3 Si 5 CGp
• the downstream server SERVB will also associate this call identifier C1 with the group identifier CGp, with a view to ensuring that only the clients belonging to the client group corresponding to this identifier CGp will be able to receive the call identifier then denoted Cl (Si 3 CGp).
• Cl Call identifier
• the downstream server SERVB is here able to attract another SERVC downstream server in the session by means of a signaling link LSBC, through which it can also communicate to said other downstream server SERVC the call identifier Cl (Si 5 CGp) which will allow this other downstream server SERVC to recover, by means of a read request SDRd (Cl 5 SiJdC), the SDB information set which has been stored for it on the order of the SERVB server, on the condition that the IdC identifier of this other downstream server SERVC is included in the list of identifiers of clients belonging to the group designated by the identifier CGp within the census table included in the intermediate information server MNGS.
• This other server SERVC may further implement a similar procedure to retrieve information that has been previously stored for it by the server upstream SERVA.
• FIG. 5 illustrates in a very schematic form an addressing system that can be used in the embodiments of the invention described above, in its most basic form, where a set of service information D (Si) is referenced by means of an address AD which is here exclusively constituted by the session identifier Si.
• a set of service information D (Si) is referenced by means of an address AD which is here exclusively constituted by the session identifier Si.
• this elementary form of the invention makes it possible to ensure throughout the session considered a durability of the information of D service (Si), and thus brings a considerable advantage over the current state of the art.
• a set of service information can be understood as a group of information which relates to a certain type of information, for example three coordinates in different directions form a set of information enabling accurately inform the recipient of this set on a spatial position of an object or a user.

Landscapes

• Engineering & Computer Science (AREA)
• Computer Security & Cryptography (AREA)
• Computer Hardware Design (AREA)
• Computing Systems (AREA)
• General Engineering & Computer Science (AREA)
• Computer Networks & Wireless Communication (AREA)
• Signal Processing (AREA)
• Mobile Radio Communication Systems (AREA)
• Data Exchanges In Wide-Area Networks (AREA)

Applications Claiming Priority (2)

Publications (1)

Family

ID=36499358

Family Applications (1)

Country Status (3)

Families Citing this family (3)

Family Cites Families (4)

• 2006
  • 2006-08-30 WO PCT/EP2006/008485 patent/WO2007028533A1/fr not_active Ceased
  • 2006-08-30 US US12/065,804 patent/US7975004B2/en not_active Expired - Fee Related
  • 2006-08-30 EP EP06777123A patent/EP1922853A1/de not_active Withdrawn

Non-Patent Citations (1)

Also Published As

Similar Documents

Legal Events