K - System and Method to Authorize Conference Call Participants In A Heterogeneous Environment

K - System and Method to Authorize Conference Call Participants In A Heterogeneous Environment

Joining a conference call could be cumbersome at times, and existing systems has security concerns.

A typical phone conference host has a participant passcode and all participants must input that passcode after they dial into a "call-in" number in order to be authorized to

join the conference call. There are several security problems within this procedure:

• The same participant passcode is often reused for multiple conference calls

• Different meeting hosts have different participant passcodes. It is impossible to memorize every passcode; looking up the passcode for each meeting is cumbersome and inefficient

• In many systems, participants dialed into a conference call can remain on the line after the current call is completed, and listen to the next call. There is no easy way to selectively disconnect certain participants. There are some existing mechanisms to handle this situation, for example, knowing the number of individuals calling in could help this situation. However, it is often impossible to know the number of call participants. There are also conference call registration services, where the individual's information will be verified, but this is not an automated system.

To handle the security issue, some phone conference systems generate new participant passcodes for every meeting, and the host "conferences-in" the non-trusted participants by calling those participants individually.

Prior art includes:

• Centrally initialize conference call. [1] This patent does not handle the security issues involved when initiating calls from the central server to the participants.

• Verifying authenticity of conference call invitees. [2] The disclosed invention employs the simple and traditional mechanism (passcode) for participant authentication without requiring special or high-tech equipment. The invention also enhances the passcode mechanism and provides additional security.

• Selective conference call disconnects. [3] The disclosed invention allows the secure identification and authorization of a call-in participant and invention can use the identification to disconnect, keep, or reconnect a participant into different conference calls.

In a novel system where each conference call participant will have their own passcode, the conference call can be initiated either from the participants or from a centralized server to the participants. This system is secure only if all participants trust the conference call server, such as employees from the same company. In a non-trusted environment, such as one with employees from multiple companies using different conference call systems, a user's own passcode cannot be used across th...