Title of Invention	PEER-TO-PEER TELEPHONE SYSTEM
Abstract	There is provided a peer-to-peer telephone system (10) comprising a plurality of end-users (20, 30) and a communication structure (80) through which one or more end-users (20, 30) are couplable for communication purposes. The system (10) is distinguished in that: (a) the communication structure (80) is substantially decentralized with regard to communication route switching therein for connecting said one or more end-users (20, 30); (b) said one or more end-users (20, 30) are operable to establish their own communication routes through the structure (80) based on exchange of one or more authorisation certificates, namely User Identity Certificates (UIC), to acquire access to the structure (80); and (c) said structure (80) includes an administration arrangement (100) for issuing said one or more certificates to said one or more end-users (20, 30).

Title of Invention

PEER-TO-PEER TELEPHONE SYSTEM

Abstract

There is provided a peer-to-peer telephone system (10) comprising a plurality of end-users (20, 30) and a communication structure (80) through which one or more end-users (20, 30) are couplable for communication purposes. The system (10) is distinguished in that: (a) the communication structure (80) is substantially decentralized with regard to communication route switching therein for connecting said one or more end-users (20, 30); (b) said one or more end-users (20, 30) are operable to establish their own communication routes through the structure (80) based on exchange of one or more authorisation certificates, namely User Identity Certificates (UIC), to acquire access to the structure (80); and (c) said structure (80) includes an administration arrangement (100) for issuing said one or more certificates to said one or more end-users (20, 30).

Full Text	PEER-TO-PEER TELEPHONE SYSTEM AND METHOD Field of the invention The present invention relates to telecommunications systems, for example to telephone systems as well as to decentralized telecommunications systems operating according to a peer-to-peer principle. Moreover, the invention also relates to methods of operating such telephone systems and telecommunications systems. Background to the invention Contemporary telecommunications systems presently deployed, for example "public switched telephony network" (PSTN), mobile telephone and "Voice over Internet protocol" (VoIP), are substantially centralized in nature. They often employ central exchanges linked to users through trunk lines, local metro-rings and similar distribution structures. More recently, software-operated end-user devices have become available for connecting to such contemporary telephone systems, for example desk telephones, mobile telephones and VoIP devices. However, for performing almost any function offered by the telephony service provider, end-user devices are obliged to communicate with a central telephone exchange and/or branch exchange which executes one or more desired functions for them. In most cases, two end-user telephones of such a contemporary telephone system are not able to communicate directly to one another without a central exchange of the system linking the two end-user telephones together. For example, two people using their mobile telephones to converse together is facilitated by their two telephones communicating by radio via one or more mobile base stations, such base station communication being required even when the two people and their associated mobile telephones are in the same building. In another example, two people using "Voice over IP" software to converse together over the public Internet is facilitated by their software applications communicating via a central server, such server being required even though a connection can be established directly between the two people. The use of centralized telephone systems places considerable demands on central switching exchanges. Such central exchanges are increasingly dependent on wide bandwidth optical connections employing dense wavelength division multiplexing (DWDM) with up to 120 optical channels distributed into wavelength bands of 50 GHz frequency spacing at an optical carrier frequency in the order of 300 THz. Such centralized exchanges are extremely costly and complex items of equipment which are susceptible to occasional malfunction, such malfunction potentially resulting in loss of communication traffic therethrough with potential corresponding compensation payments due to customers. Moreover, the cost of operating such central exchanges scales proportionally with the number of end users. The inventors of the present invention have appreciated that such a centralized approach is sub-optimal in many situations and that advantages arise from the deployment of other alternative telephone system architectures. In order to address issues arising from adoption of such alternative architectures, the inventors have devised the present invention. Summary of the invention A first object of the invention is to provide a substantially decentralized telephone network system. A second object of the invention is to provide such a decentralized telephone system in which subscriber authentication, network access control and accounting are performable in a more robust and reliable manner. A third object of the invention is to provide a decentralised telephone system operable to reduce concentration of communication traffic therein by transferring responsible for establishing connections to end-users of the system. According to a first aspect of the present invention, there is provided a peer-to-peer telephone system comprising a plurality of end-users and a communication structure through which one or more end-users are couplable for communication purposes, characterised in that: (a) the communication structure is substantially de-centralized with regard to communication route switching therein for connecting said one or more end-users; (b) said one or more end-users are operable to establish their own communication routes through the structure based on verification of one or more authorisation certificates to acquire access to the structure; and (c) said structure includes administrating means for issuing said one or more certificates to said one or more end-users. The invention is of advantage in that it is capable of addressing at least one of the aforementioned objects of the invention. The invention is capable of addressing issues associated with less-centralized architectures, namely issues of control and user-authorisation, for example for billing/invoicing purposes to which the present invention is directed. Preferably, in the system, the administrating means is operable to administer at least one of end-user sign-up and end-user payment for access to the communication structure. More preferably, for example to try to circumvent unauthorised free and/or fraudulent use of the system, the administrating means is operable to generate one or more private-public key pairs, the administrating means being operable to maintain said one or more private keys secret and to distribute said one or more corresponding public keys within the system for certificate authentication purposes. Yet more preferably in the system, the administrating means is operable to generate private-public key pairs using a Rivest-Shamir-Adelman (RSA) method. Preferably, for purposes of enhancing network robustness in the system, the structure includes a peer-to-peer communication network through which the end-users are mutually connectable. More preferably, the peer-to-peer network is implemented as a combination of interfacing nodes and storage nodes, said storage nodes being configured in one or more slots for database access purposes. Beneficially, the structure is implemented by way of a proprietary Global Index peer-to-peer network technology. Preferably, in the system, the administrating means is arranged to perform one or more of: (a) providing an end-user accounts database; (b) providing a synchronizing time reference for the communication structure; (c) providing globally-configurable settings for the system; (d) providing peer discovery during bootstrap of the structure; (e) handling new end-user registration; and (f) monitoring operation of the structure for controlling desired modes of operation thereof. Preferably, in the system, a plurality of end-users are operable to mutually exchange their authorisation certificates prior to commencing communication therebetween where at least one of said certificates is identified to be authentic. Preferably, for example to assist adoption of the system in practice, the structure is arranged to support end-user free-trial use of the system, such free-trial use being subject to administration from the administrating means by repeated issuing of authorisations. Preferably, the administrating means is operable to invoice one or more end-users on a flat-fee rate substantially irrespective of use of the system exercised by said one or more end-users Preferably, in order to promote usage of the system in existing deployed equipment, the system is arranged to be configurable to operate concurrently with POTS and/or PSTN. Abbreviations POTS and PSTN correspond to "Plain Old Telephone System" and "Public Switch Telephone Network" respectively. Preferably, the administrating means is implemented by way of one or more central computer servers. Such an implementation is especially beneficial when the system is configured in conjunction with the public Internet. Alternatively, the administrating means is otherwise susceptible to being implemented in a substantially de-centralized manner. Preferably, the administrating means is operable to apply an heuristics fraud detection analysis of end-user registration and system usage data for detecting fraudulent access to the system by end-users. According to a second aspect of the present invention, there is provided a method of operating a peer-to-peer telephone system comprising a plurality of end-users and a communication structure through which one or more end-users are couplable for communication purposes, characterised in that the method includes steps of: (a) arranging for the communication structure to be substantially de-centralized with regard to communication route switching therein for connecting said one or more end-users; (b) arranging for said one or more end-users to be operable to establish their own communication routes through the structure based on verification of one or more authorisation certificates to acquire access to the structure; and (c) arranging for said structure to include administrating means for issuing said one or more certificates to said one or more end-users. The method is of advantage in that its application to the system is capable of addressing at least one of the objects of the invention. Preferably, in the method, the administrating means is operable to administer at least one of end-user sign-up and end-user payment for access to the communication structure. Preferably, in the method, the administrating means is operable to generate one or more private-public key pairs, the administrating means being operable to maintain said one or more private keys secret and to distribute said one or more corresponding public keys within the system for certificate authentication purposes. Preferably, in the method, the administrating means is operable to generate private-public key pairs using a Rivest-Shamir-Adelman (RSA) method. However, other approaches to private-public key generation are also susceptible to being used in the method. Preferably, in the method, the structure includes a peer-to-peer communication network through which the end-users are mutually connectable. More preferably, the peer-to-peer network is implemented as a combination of interfacing nodes and storage nodes, said storage nodes being configured in one or more slots for database access purposes. Preferably, in the method, the administrating means is arranged to perform one or more of: (a) providing an end-user accounts database; (b) providing a synchronizing time reference for the communication structure; (c) providing globally-configurable settings for the system; (d) providing peer discovery during bootstrap of the structure; (e) handling new end-user registration; and (f) monitoring operation of the structure for controlling desired modes of operation thereof. Preferably, in the method, a plurality of end-users are operable to mutually exchange their authorisation certificates prior to commencing communication therebetween where at least one of said certificates is identified to be authentic. Preferably, to encourage adoption of the system, the method is implemented such that the structure is arranged to support end-user free-trial use of the system, such free-trial use being subject to administration from the administrating means by repeated issuing of authorisations. Preferably, in the method, the administrating means is operable to invoice one or more end-users on a flat-fee rate substantially irrespective of use of the system exercised by said one or more end-users. Preferably, in order to encourage use of the system where existing telephone infrastructure exists, the method is implemented such that the system is arranged to be configurable to operate concurrently with POTS and/or PSTN. Abbreviations POTS and PSTN correspond to "Plain Old Telephone System" and "Public Switched Telephone Network" respectively Preferably, in the method, the administrating means is implemented by way of one or more central computer servers. Preferably, in order to avoid fraudulent use of the system when implementing the method, the administrating means is operable to apply an heuristics fraud detection analysis of end-user registration and system usage data for detecting fraudulent access to the system by end-users. According to a third aspect of the present invention, there is provided software operable to implement at least part of the telephone system according to the first aspect of the invention. According to a fourth aspect of the invention, there is provided software operable to execute at least part of the method according to the second aspect of the invention. It will be appreciated that features of the invention are susceptible to being combined in any combination without departing from the scope of the invention. Diagrams of embodiments of the invention Embodiments of the invention will now be described, by way of example only, with reference to the following diagrams wherein: Figure 1 is a schematic diagram of a telephone system according to the present invention; and Figure 2 is a schematic representation of a per-to-peer structure of the system of Figure 1. Description of embodiments of the invention A telephone system according to the present invention is substantially a decentralised structure comprising a spatially distributed array of end-users connected by way of a peer-to-peer communication network. The structure is substantially devoid of any form of centralized exchange except for one or more administration nodes for performing some specific network administration functions such as subscriber sign-up and payment for communication network usage. In the decentralised structure, most routine functions, for example placing a telephone call, are handled entirely by end-user devices operable to communicate substantially directly to each other or via some form of local exchange such as an optical metro ring or distributed relay nodes on the public Internet. In a system according to the present invention, the system indicated generally by 10 in Figure 1, a first end-user (FEU) 20 of the system 10 desiring to send a message to a second end-user (SEU) 30 thereof adopts a method of communication as follows: (a) the first end-user 20 locates the second end-user 30; such location is executed by way of peer-to-peer technologies, for example using a "Global Index" (Gl) proprietary peer-to-peer technology which will be described later and/or contemporary "Distributed Hash Table" technology, arranged to provide node look up functionality; (b) the first end-user 20 receives information regarding the address of the second end-user 30 and also details of one or more communication path-ways 50, 60 which may be used for making a connection from the first end-user 20 to the second end-user 30; and (c) the first end-user 10 then follows a protocol to establish the one or more communication pathways 50, 60 to the second end-user 30. In the Gl peer-to-peer technology, there is provided a network of participating nodes interlinked through a distributed communication network. The participating nodes are allocated to be either interfacing nodes or storage nodes. Preferably, the number of storage nodes is arranged to be considerably less than the number of interfacing nodes, for example 100 times more interfacing nodes than storage nodes. Moreover, the storage nodes are responsible for storing data records whereas the interfacing nodes are responsible for processing queries and sending requests to the storage nodes for sending data records therefrom in response to the queries. Moreover, the interfacing nodes are also responsible for receiving data records to be stored and determining one or more appropriate groups of storage nodes to receive the data records for storage therein. The storage nodes are arranged in groups known as slots wherein association of a given storage node with a particular slot is dependent upon address data held in each of the storage nodes. The Gl technology is described in a patent application approximately contemporary with the present patent application, the contents of the Gl technology patent application herewith being incorporated by reference for purposes of describing the telephone system of the present invention. In the system 10, there is a considerable requirement for subscriber authentication, access control and accounting. Using major system functions of the system 10 is only possible if one or more end-users thereof have paid or otherwise have authorized access to such functions. In a contemporary conventional telephone system, end-user access to one or more major system functions is checked by a central office thereof in a manner of centralised control. In contradistinction, in the system 10, access is checked by end-user devices using public-key cryptography. In such cryptography, each end-user, also referred to as subscriber, has associated therewith a cryptography key pair which is created by the end-user's device. Upon subscriber sign-up or payment, a central office of the system 10 issues to the subscriber a digital certificate, such certificate also being referred to as a User Identity Certificate (UIC), whereby the central office certifies that the owner of this key pair is an authorised subscriber. In step (c) of the aforementioned method, when the first end-user 20 communicates with other subscriber devices, namely the second end-user 30, the first end-user 20 provides the certificate, namely the aforementioned UIC, as a proof of subscription. In the system 10, end-user devices are arranged to refuse to mutually communicate where there exists an absence of such proof of subscription. Moreover, using public-key cryptography, end-user devices of the system 10 are arranged to be operable to verify each other's certificates (UlC's) without needing to communicate with the aforesaid central office of the system 10 responsible for issuing certificates (UlC's). The system 10 thus functions in a de-centralized manner on account of the end-users 20, 30 not needing to communicate with the central office of the system 10 when establishing a communication route between the end-users 20, 30. When a subscribing device of the system, for example the first end-user 20, has located a recipient, for example the second end-user 30, they will subsequent need to mutually communicate. Such communication is preferably by a direct route, for example along the path-way 60 illustrated in Figure 1. However, for example for reasons of spatial separation and/or terrain, such a direct route is not always technically feasible; for example, if communication is desired from the first end-user 20 to the second end-user 30 via the public Internet, such communication is not feasible when the second end-user 30 has a private address that is not accessible from outside a local network of the system 10. In a situation where direct communication is not feasible, the system 10 is operable to route communication via one or more peer nodes in its peer-to-peer structure 80 to assist the first and second end-users 20, 30 to mutually communicate. These one or more peer nodes are preferably implemented by subscriber devices that need not necessarily belong to the first and second end-users 20, 30 involved in making a telephone call therebetween. Thus, for example, in such a scenario where direct connection is not feasible, a subscriber communicates to another device that is directly accessible, and this other device communicates directly with the final recipient. Architectural aspects of the system 10 will now be described in further detail. The peer-to-peer structure 80 is subdivided into two sections as illustrated in Figure 2, namely central servers (CS) 100 on the one hand and a peer-to-peer network (P2PN) 110 on the other hand. The central servers 100 are preferably operated by the proprietor of the structure 80. These servers 100 are arranged to execute one or more of the following tasks: (i) providing an end-user accounts database for recording end-users' accounting details; (ii) providing a synchronizing time reference for the structure 80; (iii) providing globally-configurable settings for the system 10; (iv) providing peer discovery during bootstrap of the structure 80 and handling new end-user registration; (v) electronically signing critical information pertinent to the system 10, for example signing end-user identities as described in the foregoing, for example the aforementioned User Identity Certificates (UlC's), using digital signatures using secret cryptographic keys known only to the proprietor of the system 10; (vi) providing add-on services from one or more of the proprietor's infrastructure, rented infrastructure and outsourced infrastructure; and (vii) monitoring operation of the central servers 100 and the network 110 for ensuring desired modes of operation thereof. The add-on services referred in (vi) above relate to one or more of: (1) "Public Switched Telephone Network" (PSTN) and/or "plain old telephone system" (POTS) connectivity, to "Voice over Internet Protocol " (VoIP) traffic termination and reverse thereof, for example from POTS to the proprietor's system 10; (2) handling "Instant Message" (IM) to "Short Message Service" (SMS) connectivity; and (3) handling end-user conferencing, voicemail and similar activities couplable to back-end servers included within the central servers 100. The peer-to-peer network 110 preferably comprises end-user computing devices arranged to execute thereon software provided by the proprietor of the system 10. The network 110 is also preferably based on a version of the aforementioned Gl protocol customized by the proprietor of the system 10. The network 110 is operable to perform functions preferably including one or more of: (a) administering end-user buddy lists; (b) handling end-user preferences, for example buddy online/offline notification; (c) providing end-user identification by way of one or more of the following: node identification (ID), username, end-user profile data; (d) maintaining basic statistics, for example a number of end-users currently actively communicating within the system 10; and (e) maintaining firewall and/or "Network Address Translation" (NAT) traversal via random peer nodes within the network 110 functioning as ad hoc proxies supporting communication therethrough. In (c) above pertaining to the peer-to-peer network 110, the username is effectively useable as a "telephone number" within the system 10. Moreover, the end-user profile data relates to data records if provided by the end-users, such records including one or more of: real name (e.g. Roger Smith, Annie Hansen), spatial location (e.g. Washington > USA; Copenhagen, Denmark), date of birth and e-mail address. The inventors have appreciated that operation of the system 10 is dependent on security provided by, for example, the use of public key encryption therein. In devising the system 10, the inventors have further anticipated that a peer-to-peer IM/VolP system is inherently i less secure than POTS or any comparable telephone system reliant on one or more central servers; as in the foregoing, abbreviations IM, VoIP and POTS refer to "Instant Messaging", "Voice over Internet Protocol" and "Plain Old Telephone System" respectively. In the system 10, the inventors have arranged for the use of contemporary Rivest-Shamir-Adelman (RSA) public key encryption and associated digital signatures to ; cater for most basic security requirements within the system 10. However, it will be appreciated that other types of public-private key encryption are susceptible to being employed in the system 10. Upon an end-user, for example one of the end-users 20, 30, seeking registration at the i central servers 100, the end-user proceeds to generate a RSA encryption key pair, namely complementary private and public keys wherein said private key is not derivable from said public key and vice versa. The end-user's public key appears in the User Identity Certificate (UIC) provided to the end-user, whereas the private key is stored locally at the end-users premises. During a call set-up from the first end-user 20 to the second end-user 30, similarly during an Instant Message (IM) sending, prior to commencing communication, both end-users 20, 30 present their User Identity Certificate (UIC), or Temporary Identification Number (TIN) where the system 10 is set up to accept these, as appropriate to the other; if they i have a user name, they present their UIC. If a UIC is presented from a primary one of the end-users 20, 30 to a secondary one thereof, the secondary end-user verifies the signature provided by the primary end-user, such verification not requiring any contact with the central servers 100. Moreover, the secondary end-user verifies that the primary end-user has the corresponding secret key by issuing a challenge data packet for the i primary end-user's public key and checks that the primary end-user is capable of decrypting it. After completion of such activities, the primary end-user is in a position to safely believe that the primary end-user legitimately has the username it claims to hold. When calls are made within the system 10, additional checking is required because calls i require payment unless permission for a limited trial period has been granted. In the system 10, it is difficult to monitor in a secure manner duration of calls or number of calls made; in this respect, the inventors have appreciated that it is advantageous to employ a time-based subscription as a basis of billing/invoicing within the system 10. Thus, in order to implement such time-based subscription, User Identity Certificate (DIG) privileges are checked and non-trial calls are not communicated through the peer-to-peer network 110 if neither of the end-users 20, 30 in the above example has a User Identity Certificate (UIC) with non-expired subscription privileges. In other words, a call will propagate through the peer-to-peer network 110 if one or more of the end-users 20, 30 has a valid subscription or trial. To keep their subscriptions from expiring, end-users of the system 10 are obliged to renew their User Identity Certificate (UIC) periodically for instance by paying a fee for a coming month/year; it will be appreciated that other payment periods are possible or that UlCs may be extended based on other criteria than payment. Upon receipt of renewal payments, the central servers 100 are operable to issue new UlC's in response in the earlier end-users' names, the new UlC's having associated new subscription privilege expiry details. When credit/debit card billing/invoicing has been authorised by one or more of the end-users of the system 10, billing/invoicing is susceptible to being performed automatically by the central servers 100 without the need for associated end-user intervention. Thus, in the system 10, a preferred method of payment for calls made is by flat-fee monthly or yearly subscription entitling the user to an unlimited number of calls in the system 10. Such a billing/invoicing arrangement is acceptable in the system 10 from a business perspective because calls made do not incur operating expenses to the proprietor of the system 10 as central exchange resources are substantially not utilized when making such calls. In contradistinction, calls to or from POTS/PSTN incur real per-minute operating costs and are therefore appropriately charged separately and distinctly from calls made according to the invention in the system 10. When the peer-to-peer structure 80 is implemented in the manner of the aforementioned Gl protocol, the end-users 20, 30 in Figure 1 together with other end-users not shown, the central servers 100 and the peer-to-peer network 110 are effectively participating nodes. In such a configuration, each end-user advertises its presence to Gl storage nodes by periodically sending thereto its information about its identity or Temporary Identification Number (TIN) when the system 10 is configured to accept such TIN'S. When one or more end-users make Gl queries, for example akin to telephone directory enquiries, the storage nodes are responsive to send such stored User Identity Certificates (UIC) or Temporary Identification Numbers (TIN) as data packets in response to such queries. In the case of UlC's, corresponding data packets despatched by the Gl storage nodes are received at end-users which sign off the data packets with their end-user private keys; one or more querying end-users are thereby capable of verifying authenticity of the data packets received thereat, for example in response to making an enquiry, using a corresponding public key. Such an arrangement is advantageous because it is substantially capable of guaranteeing that no-one is able to fake User Identity Certificate (DIG) end-user directory entries. The rationale of such an approach is that a participating node who owns a User Identity Certificate (UIC) is operable, for example when advertising its presence, to send its private-key-signed data packets corresponding to its UIC to one or more storage nodes and another participating node if required. The signed UIC received from one or more of the storage nodes and stored therein for subsequent release is verifiable at an enquiring participating node by using a corresponding public key. Such an arrangement is capable of circumventing tampering with UIC and even faked UlC's. The system 10 is further provided with a free-trial facility, such a facility being of commercial advantage for purposes of attracting new end-users to the system 10. Preferably, such a free-trial facility pertains to XT free days or, alternatively or additionally, X2 free calls For such free-trial days or calls, the central servers 100 are required to provide explicit permission for each free call made. Preferably, all permissions given or requested are recorded in a database of the system 10, for example for heuristic fraud detection purposes as described later. If the end-user has already used up free days and/or free calls allocated thereto, permission is not granted from the central servers 100 and the end-user is subsequently requested to pay if it still desires to make calls within the system 10. The system 10 is capable of being operated concurrently within, or in combination with, a conventional telephone system, for example a conventional telephone system capable of implementing the Internet. The aforementioned free-trial permission scheme is intended by the inventors only to pertain to the system 10. For conventional paid subscription calls undertaken in connection with the system 10, a normal conventional subscription regime applies and per-call permissions are neither requested nor recorded. For PSTN calls, a free-trial scheme does not pertain although it is potentially capable of being provided in connection with the system 10. For each free-call permission request received in the system 10, the central servers 100 are operable to record at least one of the following parameters with regard to a call: (a) calling end-user's identity in the form of a username or Temporary Identification Number (TIN); (b) calling end-user's computer identification (ID); (c) calling end-user's Internet Protocol (IP) address; (d) called end-user's identity in the form of a username or TIN; (e) called end-user's computer ID; (f) called end-user's IP address; (g) time and date of the call; (h) whether or not permission was granted for the call. Thus, in the system 10, a "trial user" explicit status is not accommodated; preferably, there is merely a need for an end-user to make some free calls from a defined starting date D. Any end-user is entitled to make free calls if its first free calls were less than X, days ago (or the end-user has not yet exercised a free-call option within the system 10). Alternatively, the system 10 may be set up in such a way as to allow a free-trial period to consist of X number of free calls as opposed to X days. Hacked version of system 10 software enables fraudulent end-users to omit free-trial permission asking and permission checking provisions employed within the system 10. However, on account of the system 10 implementing both calling end-user and called end-user permission checking, such hacking only enables fraudulent end-users to call other fraudulent end-users free of charge; in other words, pirated fraudulent end-user software is only capable of providing very limited benefit when employed on the system 10. In many cases, such limited fraudulent use of the system 10 can be accommodated without significant financial loss to the proprietor of the system 10. The inventors have appreciated that a major opportunity of fraud exists in the system 10 when a hacker attempts to fake a username or computer ID and repetitively starts new free trials. Such a major opportunity of fraud requires the hacker to omit from system 10 compatible software all local shareware-type checks. In order to counteract such fraud, the central servers 100 are programmed to perform heuristic fraud detection to identify repetitive fraud patterns. For example, the central servers 100 are operable to detect a fraudulent end-user seeking free-call provisions Z times and then subsequently seeking with the same IP address and new computer ID for new free-call permission to call the same people. Since explicit permission for free calls in the system 10 is required from the central servers 100, there is considerable information available within the system 10 for input to such heuristics fraud detection software executing within the system 10. However, the inventors are aware that such heuristics fraud detection is unlikely to detect all cases of hacking occurring within the system 10. It will be appreciated that embodiments of the invention described above are susceptible to being modified without departing from the scope of the invention. In the foregoing, the system 10 is described as being able to support the use of Temporary Identification Numbers (TINs). However, the system 10 is capable of being modified so that TINs are not utilized therein, such that user names and associated User Identity Certificates (DIC's) with associated time-limited substantially cost-free privileges are employed for free-trial purposes. If required, the system 10 is even susceptible to being configured so that free-trial usage as described earlier is not provided to end-users; alternatively, other arrangements for free trials can be utilized, for example reimbursement of initial paid subscription fee. The system 10 is preferably implemented, at least in part, using software executable on computing hardware. Such software can be distributed to users via a communication network such as the Internet and/or via the software stored on a suitable data carrier such as a CD ROM supplied to users. In the foregoing description of embodiments of the invention relating to the telephone system 10, it will be appreciated that the invention is relevant to telecommunications systems in general and the term "telephone" should therefore be construed accordingly. Specifically, other forms of communication susceptible to being performed with the system include video calls, conference calls and text messaging. In the foregoing, terms such as "contain", "include", comprise", "have", "has", "is", "are", "incorporate" and "encompass" are intended to be construed as being non-exclusive, namely other items not disclosed are also potentially present. WE CLAIM : 1. A peer-to-peer telephone system (10) comprising a plurality of end-users (20, 30) and a communication structure (80) through which one or more end- users (20, 30) are couplable for communication purposes, characterised in that: (a) the communication structure (80) is substantially de-centralized with regard to communication route switching therein for connecting said one or more end-users (20, 30); (b) said one or more end-users (20, 30) are operable to establish their own communication routes through the structure (80) based on verification of one or more authorisation certificates to acquire access to the structure (80); and (c) said structure (80) incorporates administrating means (100) for issuing said one or more certificates to said one or more end-users (20, 30). 2. A system (10) as claimed in Claim 1, wherein the administrating means (100) is operable to administer at least one of end-user sign-up and end-user payment for access to the communication structure (80). 3. A system (10) as claimed in Claim 1 or 2, wherein the administrating means (100) is operable to generate one or more private-public key pairs, the administrating means (100) being operable to maintain said one or more private keys secret and to distribute said one or more corresponding public keys within the system (10) for certificate authentication purposes. 4. A system (10) as claimed in Claim 3, wherein the administrating means (1r00) is operable to generate private-public key pairs using a Rivest-Shamir-Adelman (RSA) method. 5. A system (10) as claimed in Claim 1, 2, 3 or 4, wherein the structure (80) incorporates a peer-to-peer communication network (110) through which the end-users (20, 30) are mutually connectable. 6. A system (10) as claimed in Claim 5, wherein the peer-to-peer network (110) is implemented as a combination of interfacing nodes and storage nodes, said storage nodes being configured in one or more slots for database access purposes. 7. A system (10) as claimed in any one of the previous claims, wherein the administrating means (100) is arranged to perform one or more of: (a) providing an end-user (20, 30) accounts database; (b) providing a synchronizing time reference for the communication structure (80); (c) providing globally-configurable settings for the system (10); (d) providing peer discovery during bootstrap of the structure (80); (e) handling new end-user (20, 30) registration; and (f) monitoring operation of the structure (80) for controlling desired modes of operation thereof. 8. A system (10) as claimed in any one of the preceding claims, wherein a plurality of end-users are operable to mutually exchange their authorisation certificates prior to commencing communication therebetween where at least one of said certificates is identified to be authentic. 9. A system (10) as claimed in any one of the preceding claims, wherein the structure (80) is arranged to support end-user free-trial use of the system (10), such free-trial use being subject to administration from the administrating means (10) by repeated issuing of authorisations. 10. A system (10) as claimed in any one of the preceding claims, wherein the administrating means (100) is operable to invoice one or more end-users (20, 30) on a flat-fee rate substantially irrespective of use of the system (10) exercised by said one or more end-users (20, 30). 11. A system (10) as claimed in any one of the preceding claims arranged to be configurable to operate concurrently with POTS and/or PSTN. 12. A system (10) as claimed in any one of the preceding claims, wherein the administrating means (100) is implemented by way of one or more central computer servers. 13. A system (10) as claimed in any one of the preceding claims, wherein the administrating means (100) is operable to apply an heuristics fraud detection analysis of end-user registration and system (10) usage data for detecting fraudulent access to the system (10) by end-users (20, 30). 14. A system as claimed in claim 1, wherein the communication route is for a call. 15. A system as claimed in claim 1, wherein the communication route is for VOIP communication. 16. A system as claimed in claim 1, in which an end user identification in the form of a user name is used as a telephone number to establish a call through the communication structure. 17. A system as claimed in claim 14, wherein the call is one of a telephone call, a video call and a conference call. 18. A system as claimed in claim 1 wherein the communication route is established for text messaging.

Full Text

PEER-TO-PEER TELEPHONE SYSTEM AND METHOD
Field of the invention
The present invention relates to telecommunications systems, for example to telephone systems as well as to decentralized telecommunications systems operating according to a peer-to-peer principle. Moreover, the invention also relates to methods of operating such telephone systems and telecommunications systems.
Background to the invention
Contemporary telecommunications systems presently deployed, for example "public switched telephony network" (PSTN), mobile telephone and "Voice over Internet protocol" (VoIP), are substantially centralized in nature. They often employ central exchanges linked to users through trunk lines, local metro-rings and similar distribution structures. More recently, software-operated end-user devices have become available for connecting to such contemporary telephone systems, for example desk telephones, mobile telephones and VoIP devices. However, for performing almost any function offered by the telephony service provider, end-user devices are obliged to communicate with a central telephone exchange and/or branch exchange which executes one or more desired functions for them. In most cases, two end-user telephones of such a contemporary telephone system are not able to communicate directly to one another without a central exchange of the system linking the two end-user telephones together. For example, two people using their mobile telephones to converse together is facilitated by their two telephones communicating by radio via one or more mobile base stations, such base station communication being required even when the two people and their associated mobile telephones are in the same building. In another example, two people using "Voice over IP" software to converse together over the public Internet is facilitated by their software applications communicating via a central server, such server being required even though a connection can be established directly between the two people.
The use of centralized telephone systems places considerable demands on central switching exchanges. Such central exchanges are increasingly dependent on wide bandwidth optical connections employing dense wavelength division multiplexing (DWDM) with up to 120 optical channels distributed into wavelength bands of 50 GHz frequency spacing at an optical carrier frequency in the order of 300 THz. Such centralized exchanges are extremely costly and complex items of equipment which are susceptible to occasional malfunction, such malfunction potentially resulting in loss of communication traffic therethrough with potential corresponding compensation payments due to
customers. Moreover, the cost of operating such central exchanges scales proportionally with the number of end users.
The inventors of the present invention have appreciated that such a centralized approach is sub-optimal in many situations and that advantages arise from the deployment of other alternative telephone system architectures.
In order to address issues arising from adoption of such alternative architectures, the inventors have devised the present invention.
Summary of the invention
A first object of the invention is to provide a substantially decentralized telephone network system.
A second object of the invention is to provide such a decentralized telephone system in which subscriber authentication, network access control and accounting are performable in a more robust and reliable manner.
A third object of the invention is to provide a decentralised telephone system operable to reduce concentration of communication traffic therein by transferring responsible for establishing connections to end-users of the system.
According to a first aspect of the present invention, there is provided a peer-to-peer telephone system comprising a plurality of end-users and a communication structure through which one or more end-users are couplable for communication purposes, characterised in that:
(a) the communication structure is substantially de-centralized with regard to
communication route switching therein for connecting said one or more end-users;
(b) said one or more end-users are operable to establish their own communication
routes through the structure based on verification of one or more authorisation
certificates to acquire access to the structure; and
(c) said structure includes administrating means for issuing said one or more
certificates to said one or more end-users.
The invention is of advantage in that it is capable of addressing at least one of the aforementioned objects of the invention.
The invention is capable of addressing issues associated with less-centralized architectures, namely issues of control and user-authorisation, for example for billing/invoicing purposes to which the present invention is directed.
Preferably, in the system, the administrating means is operable to administer at least one of end-user sign-up and end-user payment for access to the communication structure.
More preferably, for example to try to circumvent unauthorised free and/or fraudulent use of the system, the administrating means is operable to generate one or more private-public key pairs, the administrating means being operable to maintain said one or more private keys secret and to distribute said one or more corresponding public keys within the system for certificate authentication purposes. Yet more preferably in the system, the administrating means is operable to generate private-public key pairs using a Rivest-Shamir-Adelman (RSA) method.
Preferably, for purposes of enhancing network robustness in the system, the structure includes a peer-to-peer communication network through which the end-users are mutually connectable. More preferably, the peer-to-peer network is implemented as a combination of interfacing nodes and storage nodes, said storage nodes being configured in one or more slots for database access purposes. Beneficially, the structure is implemented by way of a proprietary Global Index peer-to-peer network technology.
Preferably, in the system, the administrating means is arranged to perform one or more of:
(a) providing an end-user accounts database;
(b) providing a synchronizing time reference for the communication structure;
(c) providing globally-configurable settings for the system;
(d) providing peer discovery during bootstrap of the structure;
(e) handling new end-user registration; and
(f) monitoring operation of the structure for controlling desired modes of operation
thereof.
Preferably, in the system, a plurality of end-users are operable to mutually exchange their authorisation certificates prior to commencing communication therebetween where at least one of said certificates is identified to be authentic.
Preferably, for example to assist adoption of the system in practice, the structure is arranged to support end-user free-trial use of the system, such free-trial use being subject to administration from the administrating means by repeated issuing of authorisations.
Preferably, the administrating means is operable to invoice one or more end-users on a flat-fee rate substantially irrespective of use of the system exercised by said one or more end-users
Preferably, in order to promote usage of the system in existing deployed equipment, the system is arranged to be configurable to operate concurrently with POTS and/or PSTN. Abbreviations POTS and PSTN correspond to "Plain Old Telephone System" and "Public Switch Telephone Network" respectively.
Preferably, the administrating means is implemented by way of one or more central computer servers. Such an implementation is especially beneficial when the system is configured in conjunction with the public Internet. Alternatively, the administrating means is otherwise susceptible to being implemented in a substantially de-centralized manner.
Preferably, the administrating means is operable to apply an heuristics fraud detection analysis of end-user registration and system usage data for detecting fraudulent access to the system by end-users.
According to a second aspect of the present invention, there is provided a method of operating a peer-to-peer telephone system comprising a plurality of end-users and a communication structure through which one or more end-users are couplable for communication purposes, characterised in that the method includes steps of: (a) arranging for the communication structure to be substantially de-centralized with
regard to communication route switching therein for connecting said one or more
end-users;
(b) arranging for said one or more end-users to be operable to establish their own
communication routes through the structure based on verification of one or more
authorisation certificates to acquire access to the structure; and
(c) arranging for said structure to include administrating means for issuing said one or
more certificates to said one or more end-users.
The method is of advantage in that its application to the system is capable of addressing at least one of the objects of the invention.
Preferably, in the method, the administrating means is operable to administer at least one of end-user sign-up and end-user payment for access to the communication structure.
Preferably, in the method, the administrating means is operable to generate one or more private-public key pairs, the administrating means being operable to maintain said one or more private keys secret and to distribute said one or more corresponding public keys within the system for certificate authentication purposes.
Preferably, in the method, the administrating means is operable to generate private-public key pairs using a Rivest-Shamir-Adelman (RSA) method. However, other approaches to private-public key generation are also susceptible to being used in the method.
Preferably, in the method, the structure includes a peer-to-peer communication network through which the end-users are mutually connectable. More preferably, the peer-to-peer network is implemented as a combination of interfacing nodes and storage nodes, said storage nodes being configured in one or more slots for database access purposes.
Preferably, in the method, the administrating means is arranged to perform one or more of:
(a) providing an end-user accounts database;
(b) providing a synchronizing time reference for the communication structure;
(c) providing globally-configurable settings for the system;
(d) providing peer discovery during bootstrap of the structure;
(e) handling new end-user registration; and
(f) monitoring operation of the structure for controlling desired modes of operation
thereof.
Preferably, in the method, a plurality of end-users are operable to mutually exchange their authorisation certificates prior to commencing communication therebetween where at least one of said certificates is identified to be authentic.
Preferably, to encourage adoption of the system, the method is implemented such that the structure is arranged to support end-user free-trial use of the system, such free-trial use being subject to administration from the administrating means by repeated issuing of authorisations.
Preferably, in the method, the administrating means is operable to invoice one or more end-users on a flat-fee rate substantially irrespective of use of the system exercised by said one or more end-users.
Preferably, in order to encourage use of the system where existing telephone infrastructure exists, the method is implemented such that the system is arranged to be configurable to operate concurrently with POTS and/or PSTN. Abbreviations POTS and PSTN correspond to "Plain Old Telephone System" and "Public Switched Telephone Network" respectively
Preferably, in the method, the administrating means is implemented by way of one or more central computer servers.
Preferably, in order to avoid fraudulent use of the system when implementing the method, the administrating means is operable to apply an heuristics fraud detection analysis of end-user registration and system usage data for detecting fraudulent access to the system by end-users.
According to a third aspect of the present invention, there is provided software operable to implement at least part of the telephone system according to the first aspect of the invention.
According to a fourth aspect of the invention, there is provided software operable to execute at least part of the method according to the second aspect of the invention.
It will be appreciated that features of the invention are susceptible to being combined in any combination without departing from the scope of the invention.
Diagrams of embodiments of the invention
Embodiments of the invention will now be described, by way of example only, with reference to the following diagrams wherein:
Figure 1 is a schematic diagram of a telephone system according to the present invention; and
Figure 2 is a schematic representation of a per-to-peer structure of the system of Figure 1.
Description of embodiments of the invention
A telephone system according to the present invention is substantially a decentralised structure comprising a spatially distributed array of end-users connected by way of a peer-to-peer communication network. The structure is substantially devoid of any form of centralized exchange except for one or more administration nodes for performing some specific network administration functions such as subscriber sign-up and payment for communication network usage. In the decentralised structure, most routine functions, for example placing a telephone call, are handled entirely by end-user devices operable to communicate substantially directly to each other or via some form of local exchange such as an optical metro ring or distributed relay nodes on the public Internet.
In a system according to the present invention, the system indicated generally by 10 in Figure 1, a first end-user (FEU) 20 of the system 10 desiring to send a message to a second end-user (SEU) 30 thereof adopts a method of communication as follows:
(a) the first end-user 20 locates the second end-user 30; such location is executed by
way of peer-to-peer technologies, for example using a "Global Index" (Gl)
proprietary peer-to-peer technology which will be described later and/or
contemporary "Distributed Hash Table" technology, arranged to provide node look
up functionality;
(b) the first end-user 20 receives information regarding the address of the second
end-user 30 and also details of one or more communication path-ways 50, 60
which may be used for making a connection from the first end-user 20 to the
second end-user 30; and
(c) the first end-user 10 then follows a protocol to establish the one or more
communication pathways 50, 60 to the second end-user 30.
In the Gl peer-to-peer technology, there is provided a network of participating nodes interlinked through a distributed communication network. The participating nodes are allocated to be either interfacing nodes or storage nodes. Preferably, the number of storage nodes is arranged to be considerably less than the number of interfacing nodes, for example 100 times more interfacing nodes than storage nodes. Moreover, the storage nodes are responsible for storing data records whereas the interfacing nodes are responsible for processing queries and sending requests to the storage nodes for sending data records therefrom in response to the queries. Moreover, the interfacing nodes are also responsible for receiving data records to be stored and determining one or more appropriate groups of storage nodes to receive the data records for storage therein. The storage nodes are arranged in groups known as slots wherein association of a given storage node with a particular slot is dependent upon address data held in each of the storage nodes. The Gl technology is described in a patent application approximately contemporary with the present patent application, the contents of the Gl technology patent application herewith being incorporated by reference for purposes of describing the telephone system of the present invention.
In the system 10, there is a considerable requirement for subscriber authentication, access control and accounting. Using major system functions of the system 10 is only possible if one or more end-users thereof have paid or otherwise have authorized access to such functions. In a contemporary conventional telephone system, end-user access to one or more major system functions is checked by a central office thereof in a manner of centralised control. In contradistinction, in the system 10, access is checked by end-user devices using public-key cryptography. In such cryptography, each end-user, also referred to as subscriber, has associated therewith a cryptography key pair which is created by the end-user's device. Upon subscriber sign-up or payment, a central office of
the system 10 issues to the subscriber a digital certificate, such certificate also being referred to as a User Identity Certificate (UIC), whereby the central office certifies that the owner of this key pair is an authorised subscriber.
In step (c) of the aforementioned method, when the first end-user 20 communicates with other subscriber devices, namely the second end-user 30, the first end-user 20 provides the certificate, namely the aforementioned UIC, as a proof of subscription. In the system 10, end-user devices are arranged to refuse to mutually communicate where there exists an absence of such proof of subscription. Moreover, using public-key cryptography, end-user devices of the system 10 are arranged to be operable to verify each other's certificates (UlC's) without needing to communicate with the aforesaid central office of the system 10 responsible for issuing certificates (UlC's). The system 10 thus functions in a de-centralized manner on account of the end-users 20, 30 not needing to communicate with the central office of the system 10 when establishing a communication route between the end-users 20, 30.
When a subscribing device of the system, for example the first end-user 20, has located a recipient, for example the second end-user 30, they will subsequent need to mutually communicate. Such communication is preferably by a direct route, for example along the path-way 60 illustrated in Figure 1. However, for example for reasons of spatial separation and/or terrain, such a direct route is not always technically feasible; for example, if communication is desired from the first end-user 20 to the second end-user 30 via the public Internet, such communication is not feasible when the second end-user 30 has a private address that is not accessible from outside a local network of the system 10. In a situation where direct communication is not feasible, the system 10 is operable to route communication via one or more peer nodes in its peer-to-peer structure 80 to assist the first and second end-users 20, 30 to mutually communicate. These one or more peer nodes are preferably implemented by subscriber devices that need not necessarily belong to the first and second end-users 20, 30 involved in making a telephone call therebetween. Thus, for example, in such a scenario where direct connection is not feasible, a subscriber communicates to another device that is directly accessible, and this other device communicates directly with the final recipient.
Architectural aspects of the system 10 will now be described in further detail. The peer-to-peer structure 80 is subdivided into two sections as illustrated in Figure 2, namely central servers (CS) 100 on the one hand and a peer-to-peer network (P2PN) 110 on the other hand.
The central servers 100 are preferably operated by the proprietor of the structure 80. These servers 100 are arranged to execute one or more of the following tasks:
(i) providing an end-user accounts database for recording end-users' accounting
details;
(ii) providing a synchronizing time reference for the structure 80; (iii) providing globally-configurable settings for the system 10; (iv) providing peer discovery during bootstrap of the structure 80 and handling new
end-user registration; (v) electronically signing critical information pertinent to the system 10, for example
signing end-user identities as described in the foregoing, for example the
aforementioned User Identity Certificates (UlC's), using digital signatures using
secret cryptographic keys known only to the proprietor of the system 10; (vi) providing add-on services from one or more of the proprietor's infrastructure,
rented infrastructure and outsourced infrastructure; and (vii) monitoring operation of the central servers 100 and the network 110 for ensuring
desired modes of operation thereof.
The add-on services referred in (vi) above relate to one or more of:
(1) "Public Switched Telephone Network" (PSTN) and/or "plain old telephone
system" (POTS) connectivity, to "Voice over Internet Protocol " (VoIP) traffic
termination and reverse thereof, for example from POTS to the proprietor's
system 10;
(2) handling "Instant Message" (IM) to "Short Message Service" (SMS) connectivity;
and
(3) handling end-user conferencing, voicemail and similar activities couplable to
back-end servers included within the central servers 100.
The peer-to-peer network 110 preferably comprises end-user computing devices arranged to execute thereon software provided by the proprietor of the system 10. The network 110 is also preferably based on a version of the aforementioned Gl protocol customized by the proprietor of the system 10. The network 110 is operable to perform functions preferably including one or more of:
(a) administering end-user buddy lists;
(b) handling end-user preferences, for example buddy online/offline notification;
(c) providing end-user identification by way of one or more of the following: node
identification (ID), username, end-user profile data;
(d) maintaining basic statistics, for example a number of end-users currently actively
communicating within the system 10; and
(e) maintaining firewall and/or "Network Address Translation" (NAT) traversal via
random peer nodes within the network 110 functioning as ad hoc proxies
supporting communication therethrough.
In (c) above pertaining to the peer-to-peer network 110, the username is effectively useable as a "telephone number" within the system 10. Moreover, the end-user profile data relates to data records if provided by the end-users, such records including one or more of: real name (e.g. Roger Smith, Annie Hansen), spatial location (e.g. Washington > USA; Copenhagen, Denmark), date of birth and e-mail address.
The inventors have appreciated that operation of the system 10 is dependent on security provided by, for example, the use of public key encryption therein. In devising the system 10, the inventors have further anticipated that a peer-to-peer IM/VolP system is inherently
i less secure than POTS or any comparable telephone system reliant on one or more central servers; as in the foregoing, abbreviations IM, VoIP and POTS refer to "Instant Messaging", "Voice over Internet Protocol" and "Plain Old Telephone System" respectively. In the system 10, the inventors have arranged for the use of contemporary Rivest-Shamir-Adelman (RSA) public key encryption and associated digital signatures to
; cater for most basic security requirements within the system 10. However, it will be appreciated that other types of public-private key encryption are susceptible to being employed in the system 10.
Upon an end-user, for example one of the end-users 20, 30, seeking registration at the i central servers 100, the end-user proceeds to generate a RSA encryption key pair, namely complementary private and public keys wherein said private key is not derivable from said public key and vice versa. The end-user's public key appears in the User Identity Certificate (UIC) provided to the end-user, whereas the private key is stored locally at the end-users premises.
During a call set-up from the first end-user 20 to the second end-user 30, similarly during an Instant Message (IM) sending, prior to commencing communication, both end-users 20, 30 present their User Identity Certificate (UIC), or Temporary Identification Number (TIN) where the system 10 is set up to accept these, as appropriate to the other; if they
i have a user name, they present their UIC. If a UIC is presented from a primary one of the end-users 20, 30 to a secondary one thereof, the secondary end-user verifies the signature provided by the primary end-user, such verification not requiring any contact with the central servers 100. Moreover, the secondary end-user verifies that the primary end-user has the corresponding secret key by issuing a challenge data packet for the
i primary end-user's public key and checks that the primary end-user is capable of decrypting it. After completion of such activities, the primary end-user is in a position to safely believe that the primary end-user legitimately has the username it claims to hold.
When calls are made within the system 10, additional checking is required because calls
i require payment unless permission for a limited trial period has been granted. In the
system 10, it is difficult to monitor in a secure manner duration of calls or number of calls
made; in this respect, the inventors have appreciated that it is advantageous to employ a time-based subscription as a basis of billing/invoicing within the system 10. Thus, in order to implement such time-based subscription, User Identity Certificate (DIG) privileges are checked and non-trial calls are not communicated through the peer-to-peer network 110 if neither of the end-users 20, 30 in the above example has a User Identity Certificate (UIC) with non-expired subscription privileges. In other words, a call will propagate through the peer-to-peer network 110 if one or more of the end-users 20, 30 has a valid subscription or trial.
To keep their subscriptions from expiring, end-users of the system 10 are obliged to renew their User Identity Certificate (UIC) periodically for instance by paying a fee for a coming month/year; it will be appreciated that other payment periods are possible or that UlCs may be extended based on other criteria than payment. Upon receipt of renewal payments, the central servers 100 are operable to issue new UlC's in response in the earlier end-users' names, the new UlC's having associated new subscription privilege expiry details. When credit/debit card billing/invoicing has been authorised by one or more of the end-users of the system 10, billing/invoicing is susceptible to being performed automatically by the central servers 100 without the need for associated end-user intervention.
Thus, in the system 10, a preferred method of payment for calls made is by flat-fee monthly or yearly subscription entitling the user to an unlimited number of calls in the system 10. Such a billing/invoicing arrangement is acceptable in the system 10 from a business perspective because calls made do not incur operating expenses to the proprietor of the system 10 as central exchange resources are substantially not utilized when making such calls. In contradistinction, calls to or from POTS/PSTN incur real per-minute operating costs and are therefore appropriately charged separately and distinctly from calls made according to the invention in the system 10.
When the peer-to-peer structure 80 is implemented in the manner of the aforementioned Gl protocol, the end-users 20, 30 in Figure 1 together with other end-users not shown, the central servers 100 and the peer-to-peer network 110 are effectively participating nodes. In such a configuration, each end-user advertises its presence to Gl storage nodes by periodically sending thereto its information about its identity or Temporary Identification Number (TIN) when the system 10 is configured to accept such TIN'S. When one or more end-users make Gl queries, for example akin to telephone directory enquiries, the storage nodes are responsive to send such stored User Identity Certificates (UIC) or Temporary Identification Numbers (TIN) as data packets in response to such queries.
In the case of UlC's, corresponding data packets despatched by the Gl storage nodes are received at end-users which sign off the data packets with their end-user private keys;
one or more querying end-users are thereby capable of verifying authenticity of the data packets received thereat, for example in response to making an enquiry, using a corresponding public key. Such an arrangement is advantageous because it is substantially capable of guaranteeing that no-one is able to fake User Identity Certificate (DIG) end-user directory entries. The rationale of such an approach is that a participating node who owns a User Identity Certificate (UIC) is operable, for example when advertising its presence, to send its private-key-signed data packets corresponding to its UIC to one or more storage nodes and another participating node if required. The signed UIC received from one or more of the storage nodes and stored therein for subsequent release is verifiable at an enquiring participating node by using a corresponding public key. Such an arrangement is capable of circumventing tampering with UIC and even faked UlC's.
The system 10 is further provided with a free-trial facility, such a facility being of commercial advantage for purposes of attracting new end-users to the system 10. Preferably, such a free-trial facility pertains to XT free days or, alternatively or additionally, X2 free calls For such free-trial days or calls, the central servers 100 are required to provide explicit permission for each free call made. Preferably, all permissions given or requested are recorded in a database of the system 10, for example for heuristic fraud detection purposes as described later. If the end-user has already used up free days and/or free calls allocated thereto, permission is not granted from the central servers 100 and the end-user is subsequently requested to pay if it still desires to make calls within the system 10.
The system 10 is capable of being operated concurrently within, or in combination with, a conventional telephone system, for example a conventional telephone system capable of implementing the Internet.
The aforementioned free-trial permission scheme is intended by the inventors only to pertain to the system 10. For conventional paid subscription calls undertaken in connection with the system 10, a normal conventional subscription regime applies and per-call permissions are neither requested nor recorded. For PSTN calls, a free-trial scheme does not pertain although it is potentially capable of being provided in connection with the system 10.
For each free-call permission request received in the system 10, the central servers 100 are operable to record at least one of the following parameters with regard to a call:
(a) calling end-user's identity in the form of a username or Temporary Identification
Number (TIN);
(b) calling end-user's computer identification (ID);
(c) calling end-user's Internet Protocol (IP) address;
(d) called end-user's identity in the form of a username or TIN;
(e) called end-user's computer ID;
(f) called end-user's IP address;
(g) time and date of the call;
(h) whether or not permission was granted for the call.
Thus, in the system 10, a "trial user" explicit status is not accommodated; preferably, there is merely a need for an end-user to make some free calls from a defined starting date D. Any end-user is entitled to make free calls if its first free calls were less than X, days ago (or the end-user has not yet exercised a free-call option within the system 10). Alternatively, the system 10 may be set up in such a way as to allow a free-trial period to consist of X number of free calls as opposed to X days.
Hacked version of system 10 software enables fraudulent end-users to omit free-trial permission asking and permission checking provisions employed within the system 10. However, on account of the system 10 implementing both calling end-user and called end-user permission checking, such hacking only enables fraudulent end-users to call other fraudulent end-users free of charge; in other words, pirated fraudulent end-user software is only capable of providing very limited benefit when employed on the system 10. In many cases, such limited fraudulent use of the system 10 can be accommodated without significant financial loss to the proprietor of the system 10.
The inventors have appreciated that a major opportunity of fraud exists in the system 10 when a hacker attempts to fake a username or computer ID and repetitively starts new free trials. Such a major opportunity of fraud requires the hacker to omit from system 10 compatible software all local shareware-type checks. In order to counteract such fraud, the central servers 100 are programmed to perform heuristic fraud detection to identify repetitive fraud patterns. For example, the central servers 100 are operable to detect a fraudulent end-user seeking free-call provisions Z times and then subsequently seeking with the same IP address and new computer ID for new free-call permission to call the same people. Since explicit permission for free calls in the system 10 is required from the central servers 100, there is considerable information available within the system 10 for input to such heuristics fraud detection software executing within the system 10. However, the inventors are aware that such heuristics fraud detection is unlikely to detect all cases of hacking occurring within the system 10.
It will be appreciated that embodiments of the invention described above are susceptible to being modified without departing from the scope of the invention.
In the foregoing, the system 10 is described as being able to support the use of Temporary Identification Numbers (TINs). However, the system 10 is capable of being
modified so that TINs are not utilized therein, such that user names and associated User Identity Certificates (DIC's) with associated time-limited substantially cost-free privileges are employed for free-trial purposes. If required, the system 10 is even susceptible to being configured so that free-trial usage as described earlier is not provided to end-users; alternatively, other arrangements for free trials can be utilized, for example reimbursement of initial paid subscription fee.
The system 10 is preferably implemented, at least in part, using software executable on computing hardware. Such software can be distributed to users via a communication network such as the Internet and/or via the software stored on a suitable data carrier such as a CD ROM supplied to users.
In the foregoing description of embodiments of the invention relating to the telephone system 10, it will be appreciated that the invention is relevant to telecommunications systems in general and the term "telephone" should therefore be construed accordingly. Specifically, other forms of communication susceptible to being performed with the system include video calls, conference calls and text messaging.
In the foregoing, terms such as "contain", "include", comprise", "have", "has", "is", "are", "incorporate" and "encompass" are intended to be construed as being non-exclusive, namely other items not disclosed are also potentially present.

WE CLAIM :
1. A peer-to-peer telephone system (10) comprising a plurality of end-users
(20, 30) and a communication structure (80) through which one or more end-
users (20, 30) are couplable for communication purposes, characterised in
that:
(a) the communication structure (80) is substantially de-centralized with regard to communication route switching therein for connecting said one or more end-users (20, 30);
(b) said one or more end-users (20, 30) are operable to establish their own communication routes through the structure (80) based on verification of one or more authorisation certificates to acquire access to the structure (80); and
(c) said structure (80) incorporates administrating means (100) for issuing said one or more certificates to said one or more end-users (20, 30).

2. A system (10) as claimed in Claim 1, wherein the administrating means (100) is operable to administer at least one of end-user sign-up and end-user payment for access to the communication structure (80).
3. A system (10) as claimed in Claim 1 or 2, wherein the administrating means (100) is operable to generate one or more private-public key pairs, the administrating means (100) being operable to maintain said one or more private keys secret and to distribute said one or more corresponding public keys within the system (10) for certificate authentication purposes.
4. A system (10) as claimed in Claim 3, wherein the administrating means (1r00) is operable to generate private-public key pairs using a Rivest-Shamir-Adelman (RSA) method.
5. A system (10) as claimed in Claim 1, 2, 3 or 4, wherein the structure (80) incorporates a peer-to-peer communication network (110) through which the

end-users (20, 30) are mutually connectable.
6. A system (10) as claimed in Claim 5, wherein the peer-to-peer network (110) is implemented as a combination of interfacing nodes and storage nodes, said storage nodes being configured in one or more slots for database access purposes.
7. A system (10) as claimed in any one of the previous claims, wherein the administrating means (100) is arranged to perform one or more of:

(a) providing an end-user (20, 30) accounts database;
(b) providing a synchronizing time reference for the communication structure (80);
(c) providing globally-configurable settings for the system (10);
(d) providing peer discovery during bootstrap of the structure (80);
(e) handling new end-user (20, 30) registration; and
(f) monitoring operation of the structure (80) for controlling desired modes of operation thereof.

8. A system (10) as claimed in any one of the preceding claims, wherein a plurality of end-users are operable to mutually exchange their authorisation certificates prior to commencing communication therebetween where at least one of said certificates is identified to be authentic.
9. A system (10) as claimed in any one of the preceding claims, wherein the structure (80) is arranged to support end-user free-trial use of the system (10), such free-trial use being subject to administration from the administrating means (10) by repeated issuing of authorisations.
10. A system (10) as claimed in any one of the preceding claims, wherein the administrating means (100) is operable to invoice one or more end-users (20, 30) on a flat-fee rate substantially irrespective of use of the system (10) exercised by said one or more end-users (20, 30).

11. A system (10) as claimed in any one of the preceding claims arranged to be configurable to operate concurrently with POTS and/or PSTN.
12. A system (10) as claimed in any one of the preceding claims, wherein the administrating means (100) is implemented by way of one or more central computer servers.
13. A system (10) as claimed in any one of the preceding claims, wherein the administrating means (100) is operable to apply an heuristics fraud detection analysis of end-user registration and system (10) usage data for detecting fraudulent access to the system (10) by end-users (20, 30).
14. A system as claimed in claim 1, wherein the communication route is for a call.
15. A system as claimed in claim 1, wherein the communication route is for VOIP communication.
16. A system as claimed in claim 1, in which an end user identification in the form of a user name is used as a telephone number to establish a call through the communication structure.
17. A system as claimed in claim 14, wherein the call is one of a telephone call, a video call and a conference call.
18. A system as claimed in claim 1 wherein the communication route is established for text messaging.

Documents:

357-DELNP-2006-Abstract-(19-11-2008).pdf

357-DELNP-2006-Abstract-(20-05-2009).pdf

357-delnp-2006-abstract.pdf

357-DELNP-2006-Claims-(04-03-2009).pdf

357-DELNP-2006-Claims-(19-11-2008).pdf

357-DELNP-2006-Claims-(20-05-2009).pdf

357-delnp-2006-claims.pdf

357-delnp-2006-Correspondence Others-(23-07-2012).pdf

357-DELNP-2006-Correspondence-Others-(04-03-2009).pdf

357-DELNP-2006-Correspondence-Others-(19-11-2008).pdf

357-delnp-2006-Correspondence-Others-(22-10-2012).pdf

357-delnp-2006-correspondence-others-1.pdf

357-delnp-2006-correspondence-others.pdf

357-delnp-2006-description (complete).pdf

357-DELNP-2006-Drawings-(19-11-2008).pdf

357-delnp-2006-drawings.pdf

357-DELNP-2006-Form-1-(20-05-2009).pdf

357-delnp-2006-form-1.pdf

357-delnp-2006-form-13-(04-03-2009).pdf

357-delnp-2006-form-18.pdf

357-DELNP-2006-Form-2-(20-05-2009).pdf

357-delnp-2006-form-2.pdf

357-delnp-2006-form-3.pdf

357-delnp-2006-form-5.pdf

357-delnp-2006-GPA-(23-07-2012).pdf

357-delnp-2006-gpa.pdf

357-delnp-2006-pct-304.pdf

357-delnp-2006-pct-306.pdf

357-delnp-2006-pct-409.pdf

357-delnp-2006-pct-416.pdf

abstract.jpg

« Previous Patent

Next Patent »

Patent Number

234703

Indian Patent Application Number

357/DELNP/2006

PG Journal Number

26/2009

Publication Date

26-Jun-2009

Grant Date

12-Jun-2009

Date of Filing

19-Jan-2006

Name of Patentee

SKYPE LIMITED

Applicant Address

18 DEERPARK DRIVE CASTLEKNOCK, DUBLIN 15, REPUBLIC OF IRELAND

Inventors:

#	Inventor's Name	Inventor's Address
1	HEINLA , AHTI	JUHKENTALI 8-5, EE10132 TALLINN, ESTONIA
2	KASESALU , PRIIT	MAHTRA 25-57, EE13811 TALLINN ESTONIA

PCT International Classification Number

H04M 7/00

PCT International Application Number

PCT/IB2004/002282

PCT International Filing date

2004-07-14

PCT Conventions:

#	PCT Application Number	Date of Convention	Priority Country
1	60/487,242	2003-07-16	U.S.A.