Patent Application
20070036296
The present invention relates generally to communications, and more particularly to methods and systems for securely providing and retaining phone numbers.
The classic technique for providing a phone number is for a first party to provide a second party with the phone number of the first party. This can be accomplished verbally, such that the second party enters the phone number of the first party in a phone list or phone book that maintains a party's name and associated phone number or numbers. Recently, phone numbers can be entered into an electronic phone list retained in a party's telephone, cellular phone, video phone, computer or satellite phone. Therefore, a first party providing a phone number to a second party is subjected to security issues in which an undesirable party can access the electronic phone list of the second party by reviewing the second party's electronic phone list, for example, in the event the phone is accessible, lost or stolen. Additionally, security issues can occur as a result of an undesirable party hacking into the electronic phone list to obtain the first party's name and phone number.
Recent advances in phone features allow the first party to electronically transmit the phone number to the second party. For example, many phone users subscribe to a “Caller ID” feature where, during the ringing interval, the recipient of the call is shown the phone number and name of the caller. Therefore, if the recipient is not available to answer a call, the caller's phone number and name are retained in a received call list, such that the caller can select the phone number at a later time to return the call. This again has security issues such that the caller may not want the recipient to retain the caller's phone number. Additionally, an undesirable party may access the received call list and gain access to the caller's phone number and name. Therefore, another feature is available in which a user can choose to have their phone number remain private, in which a recipient does not have access to the caller's phone number or name in the call received list. However, an issue still exists in which a first party wishes for a second party to call the first party without retaining the first party's phone number in an electronic list.
In one aspect of the invention, a method is provided for securely providing and retaining phone numbers. The method comprises encrypting a phone number associated with a party, and adding the encrypted phone number and party name associated with the party to an electronic phone list.
In another aspect of the present invention, a telecommunication system is provided having a first telecommunication unit with an electronic phone list and a second first telecommunication unit having an associated party name and associated phone number. The second telecommunication unit provides the first telecommunication unit with the associated party name and an encrypted version of the associated phone number. The first telecommunication unit adds the associated party name and encrypted version of the associated phone number to the electronic phone list.
In yet another aspect of the present invention, a telecommunication unit is provided. The telecommunication unit comprises an encryption and decryption component operative to encrypt and decrypt phone numbers associated with respective party names and a process controller. The process controller is operative to add a received party name and associated encrypted phone number to an electronic phone list and employ the encryption and decryption component to decrypt the encrypted phone number in response to a selection of the associated party name from the electronic phone list, place a call to the associated phone number and erase the decrypted version of the associated phone number from memory.
Methods and systems are provided for securely providing and retaining phone numbers. A party name is provided and an associated phone number, which is encrypted employing an encryption algorithm. The party name is added to an electronic phone list, while the associated telephone number is retained in an encrypted state. A user can select the caller name from the electronic phone list for placing a call. The associated phone number is then decrypted, and the call made employing a decrypted version of the phone number. The decrypted version of the phone number can then be removed or erased from memory. Therefore, the decrypted version of the telephone number is not available for viewing by the user or accessible to an undesirable party that may acquire access to the electronic phone list.
The first TCU 12 and the second TCU 32 also include an encryption/decryption component or algorithm 20 for encrypting and decrypting phone numbers. The encryption/decryption component or algorithm 20 can employ one of many different cryptographic technqiques, such as a secured hash algorithm (sha-1), public/private key encryption (e.g., Pretty Good Privacy (PGP) techniques, Public Key Cryptography Standard (PKCS)), digital signature algorithms (DSA), secret key encryption techniques (e.g., data encryption standard (DES), International Data Encryption Algorithm (IDEA)) or a combination of these techniques.
The encryption/decryption component 20 can be employed for encrypting phone numbers manually entered into the TCU 12 or 32 by a user via the input device 18. For example, a telephone number can be provided verbally to a user and entered into a user's electronic phone list by the user along with a party's name, in which the user's TCU encrypts the phone number prior to storing in a memory of the user's TCU and adds the party's name to the electronic phone list. This prevents other from accessing the phone number via the electronic phone list if the TCU is lost or stolen or accessed via an electronic link. A user can select the party's name from the electronic phone list for placing a call. The associated phone number is then decrypted by the encryption/decryption algorithm, and the call made employing the decrypted phone number. The decrypted version of the phone number can then be removed or erased from the memory of the calling TCU.
The telephone number can be transmitted over the voice communication network 30 or over a wireless transceiver link 22 (separate from the voice communication network 30) in an encrypted form, such that prevention of the intercepting of the phone numbers by others is facilitated. The wireless transceiver link 22 can be, for example, a short range wireless link, such as a wireless transmission conforming to the Bluetooth standard or IEEE 802.11 standard protocol. The encrypted phone number can be embedded in a message transmitted by the party providing the phone number. The message can include the party's name, which can be an actual name, an alias or a service, a command for adding the party's name to an electronic phone list, and optionally a password protected public key that can be employed by the TCU for decrypting the encrypted phone number. The password can be provided verbally or in a subsequent message to the TCU. The party's name can be displayed in an electronic phone list, such as a calls received phone list or added to the electronic phone book of the TCU. A time limit period can be included in the message specifying a time period in which the recipient can retain the phone number of the party. Alternatively, a subsequent command can be issued by the party to request that the party's phone number be removed from a recipient's electronic phone list, thus allowing the party to control the length of time that the user can call the party via the provided phone number and party's name.
The program memory 54 can include read only memory (ROM) for executing programs associated with the operation of the TCU 50 and the automatic encyption and decryption of phone numbers, and random access memory (RAM) for the temporary storage of decrypted phone numbers, communication parameters, public keys and other temporary variables. The TCU 50 also includes a flash memory 56 for retaining electronic phone lists, such as electronic phone books, calls received, calls dialed, and associated variables, such as party's names, phone numbers, encrypted phone numbers, private keys and public keys that do not have associated temporary time periods. The flash memory 56 provides read and write capabilites, while retaining information that is needed in the event of a power down of the TCU 50.
The TCU 50 includes a display controller 60 operative for controlling the displaying of menus and functions on a display 66 based on commands or instructions provided via the input device 52 and the process controller 62. The TCU 50 is operative for displaying electronic phone lists on the display, such as an electronic phone book, a calls received phone list and a calls dialed phone list. The displayed electronic phone lists can include parties' names with associated encrypted phone numbers. The TCU 50 can receive encrypted phone numbers associated with other parties via messages received by the transceiver 68 over a communication network, transmitted wirelessly and received through an antenna 72 via a wireless transceiver 70, or input manually into the input device 52 and encrypted via the encrypt/decrypt component or algorithm 64. The TCU 50 can also provide its encrypted phone number via messages transmitted through the transceiver 68 over a communication network, or transmitted wirelessly through the antenna 72 via the wireless transceiver 70. The TCU 50 also includes a timer 58 that can be employed to set a time period based on an instruction received by a party that the party's number is only to be retained for a specified period of time to allow for a call back within a given time frame. It is to be appreciated that a time of the timer can be stored in memory at a beginning of a specified time period and used with the timer to determine expiration of the specified time period.
The party name 106 can be an entity or service name, an entity's function (e.g., phone support), or a person's name or an alias associated with a person or entity. The encrypted phone number 108 can be encrypted employing one or more of a variety of cryptographic techniques, for example, a secured hash algorithm, public/private key encryption, digital signature algorithms, secret key encryption techniques, etc. The message 100 optionally can include a password protected key portion 110 in which an encrypted public key is provided in the message that can only be opened by the recipient TCU employing an associated password. The encrypted phone number can be encrypted employing an associated private key matching the public key, and decrypted at the recipient TCU employing the public key. The password can be provided to a user of the recipient TCU verbally or in a subsequent message or also encrypted employing an encryption algorithm associated with exchanging passwords.
In view of the foregoing structural and functional features described above, a methodology in accordance with various aspects of the present invention will be better appreciated with reference to
At 340, the methodology determines if the recipient TCU has received a password protected key, as part of the received message or another received message. If the recipient TCU has received a password protected key (YES), then the password associated with the password protected key is entered into the recipient TCU, for example, manually or through receipt of another message by the recipient TCU. The methodology then proceeds to 360. If the recipient TCU has not received a password protected key (NO), the methodology proceeds directly to 360.
At 360, the methodology determines if any electronic entries are to be deleted from the electronic phone list. For example, an entry may be deleted after a specified time period associated with the entry has expired. Alternatively, an entry may be deleted upon receipt of a removal request command received from a party instructing the recipient TCU to delete the entry. If any electronic entries are to be deleted from the electronic phone list (YES), the methodology proceeds to 370. At 370, the identified party name and phone number is deleted from the electronic phone list. The methodology then proceeds to 380. If electronic entries are not to be deleted from the electronic phone list (NO), the methodology proceeds directly to 380. At 380, the methodology determines if a new add command has been received. If a new add command has not been received (NO), the methodology returns to 360 to determine if any entries are to be deleted. If a new add command has been received (YES), the methodology returns to 310 to add the party's name and encrypted phone number to the electronic phone list of the recipient TCU.
What has been described above includes exemplary implementations of the present invention. It is, of course, not possible to describe every conceivable combination of components or methodologies for purposes of describing the present invention, but one of ordinary skill in the art will recognize that many further combinations and permutations of the present invention are possible. Accordingly, the present invention is intended to embrace all such alterations, modifications, and variations that fall within the spirit and scope of the appended claims.
