[go: up one dir, main page]

US20130254854A1 - Individual and institution virtualization mechanisms - Google Patents

Individual and institution virtualization mechanisms Download PDF

Info

Publication number
US20130254854A1
US20130254854A1 US13/731,645 US201213731645A US2013254854A1 US 20130254854 A1 US20130254854 A1 US 20130254854A1 US 201213731645 A US201213731645 A US 201213731645A US 2013254854 A1 US2013254854 A1 US 2013254854A1
Authority
US
United States
Prior art keywords
entity
virtualization
virtual
real
information
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Abandoned
Application number
US13/731,645
Inventor
Madhav Moganti
Mayuresh Pandit
Anish Sankalia
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Alcatel Lucent SAS
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Individual filed Critical Individual
Priority to US13/731,645 priority Critical patent/US20130254854A1/en
Assigned to ALCATEL-LUCENT USA INC. reassignment ALCATEL-LUCENT USA INC. ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: MOGANTI, MADHAV, PANDIT, MAYURESH, SANKALIA, ANISH
Assigned to CREDIT SUISSE AG reassignment CREDIT SUISSE AG SECURITY INTEREST Assignors: ALCATEL-LUCENT USA INC.
Publication of US20130254854A1 publication Critical patent/US20130254854A1/en
Assigned to ALCATEL LUCENT reassignment ALCATEL LUCENT ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: ALCATEL-LUCENT USA INC.
Assigned to ALCATEL-LUCENT USA INC. reassignment ALCATEL-LUCENT USA INC. RELEASE OF SECURITY INTEREST Assignors: CREDIT SUISSE AG
Abandoned legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities

Definitions

  • This disclosure relates generally to communications and, more specifically but not exclusively, to security of communications.
  • an apparatus in one embodiment, includes a processor and a memory communicatively connected to the processor.
  • the memory is configured to store a mapping of a real identity of an entity to a virtual identity of the entity, where the real identity includes real information associated with the entity, the virtual identity includes virtual information associated with the entity, and the entity includes a user or an institution.
  • the processor is configured to receive a communication for the entity where the communication for the entity includes at least a portion of the real information associated with the entity, and process the communication for the entity using at least a portion of the virtual information from the virtual identity of the entity.
  • a computer-readable storage medium stores instructions which, when executed by a computer, cause the computer to perform a method.
  • the method includes maintaining a mapping of a real identity of an entity to a virtual identity of the entity, where the real identity includes real information associated with the entity, the virtual identity includes virtual information associated with the entity, and the entity includes a user or an institution.
  • the method includes receiving a communication for the entity where the communication for the entity includes at least a portion of the real information associated with the entity.
  • the method includes and processing the communication for the entity using at least a portion of the virtual information from the virtual identity of the entity.
  • a method includes using a processor and a memory for performing steps.
  • the steps include maintaining a mapping of a real identity of an entity to a virtual identity of the entity, where the real identity includes real information associated with the entity, the virtual identity includes virtual information associated with the entity, and the entity includes a user or an institution.
  • the steps include receiving a communication for the entity where the communication for the entity includes at least a portion of the real information associated with the entity.
  • the steps include processing the communication for the entity using at least a portion of the virtual information from the virtual identity of the entity.
  • FIG. 1 depicts an exemplary environment configured to support individual virtualization or institution virtualization
  • FIG. 2 depicts exemplary mappings of real information and virtual information for use in entity virtualization
  • FIG. 3 depicts an exemplary system illustrating use of virtualization mapping information to provide secure communications
  • FIG. 4 depicts an exemplary embodiment of ENUM virtualization in which user ENUM virtualization is supported
  • FIG. 5 depicts an exemplary embodiment of ENUM virtualization in which user ENUM virtualization is supported
  • FIG. 6 depicts an exemplary embodiment of ENUM virtualization in which infrastructure ENUM virtualization is supported
  • FIG. 7 depicts an exemplary embodiment of ENUM virtualization in which private ENUM virtualization is supported
  • FIG. 8 depicts an exemplary embodiment of ENUM virtualization in which enterprise ENUM virtualization is supported
  • FIG. 9 depicts an exemplary embodiment of ENUM virtualization in which vCard ENUM virtualization is supported
  • FIG. 10 depicts an exemplary embodiment of ENUM virtualization in which Calling Name (CNAM) ENUM virtualization is supported;
  • CNAM Calling Name
  • FIG. 11 depicts an exemplary embodiment of user virtualization for an online transaction.
  • FIG. 12 depicts a high-level block diagram of a computer suitable for use in performing functions described herein.
  • the virtualization capabilities may include one or more an individual virtualization capability for virtualizing one or more aspects of an individual, an institution virtualization capability for virtualizing one or more aspects of an institution, or the like.
  • the virtualization for an individual or an institution may be provided using mappings of real information to virtual information.
  • the virtualization for an individual or an institution may be used to support secure communications by the individual or an institution (e.g., electronic communications, non-electronic communications, or the like).
  • the virtualization for an individual or an institution may include various types of E.164 Number Mapping (ENUM) virtualization, such as user ENUM virtualization, infrastructure ENUM virtualization, private ENUM virtualization, enterprise ENUM virtualization, vCard ENUM virtualization, Calling Name (CNAM) ENUM virtualization, and the like.
  • ENUM E.164 Number Mapping
  • the virtualization for an individual or an institution may include virtualization for online transactions in a manner that hides real information associated with the individual or an institution (e.g., name, mailing address, or the like) from the online vendor.
  • the virtualization for an individual or an institution may include other types of virtualization.
  • Various embodiments of virtualization capabilities for individuals and institutions may be better understood by way of reference to the description which follows.
  • FIG. 1 depicts an exemplary environment configured to support individual virtualization or institution virtualization.
  • environment 100 includes a virtualization entity 110 configured to provide virtualization functions for individuals (represented by an individual 120 ) or one or more institutions (represented by an institution 130 ).
  • the virtualization entity 110 provides virtualization functions, which may be performed for individuals (illustratively, individual 120 ) or institutions (illustratively, institutions 130 ).
  • the virtualization entity 110 may be any type of entity which may provide virtualization functions for an individual or an institution.
  • virtualization entity 110 may be a federated entity, a virtualization service provider, or the like.
  • virtualization entity 110 may be a federated entity, a virtualization service provider, a group within or otherwise affiliated with the institution, or the like.
  • virtualization entity 110 may be a federated entity, a virtualization service provider, or the like.
  • the individual 120 represents any individual for which virtualization functions may be provided.
  • Various types of information may be virtualized for the individual 120 , including one or more of an identity of the individual (e.g., the name of the individual, the gender of the individual, the age of the individual, or the like), one or more physical addresses of the individual (e.g., home address, mailing address, or the like), device information (e.g., device identifier, device type, device manufacturer, device version number, or the like) for one or more user devices of the individual (e.g., a computer, a smart phone, a modem, a set top box, a television, a gaming console, or the like), one or more network addresses of the individual (e.g., one or more e-mail addresses, one or more domain addresses, one or more Internet Protocol (IP) addresses, E.164 Number Mapping (ENUM) information, or the like), or the like, as well as various combinations thereof.
  • IP Internet Protocol
  • ENUM E.164 Number Mapping
  • virtualizations may be maintained for groups of people (e.g., members of a family or the like). It will be appreciated that, although omitted for purposes of clarity, the individual 120 may use one or more user devices to communicate with virtualization entity 110 (e.g., to provide real information to virtualization entity 110 and receive virtual information generated by virtualization entity 110 based on the real information).
  • the propagation of real information from individual 120 to virtualization entity 110 (e.g., from a user device of the individual 120 ) and propagation of associated virtual information from virtualization entity 110 to individual 120 (e.g., to a user device of the individual 120 ) is depicted in FIG. 1 .
  • An individual also may be referred to herein as a user.
  • the institution 130 represents any type of institution for which virtualization functions may be provided.
  • institution 130 may be a corporation, an educational institution, an organization, or the like.
  • Various types of information may be virtualized for the institution 130 , including one or more of the identity of the institution (e.g., the name of the institution, an institution type of the institution, or the like) one or more physical addresses of the institution (e.g., one or more office address locations, one or more mailing addresses, or the like), information about the organizational structure of the institution (e.g., names of groups within the institution, information associated with matrices of relationships between individuals of the institution, or the like), information associated with physical resources/assets of the institution, information associated with virtual resources/assets of the institution, proprietary information of the institution (e.g., technology areas, product areas, product names, or the like) or the like, as well as various combinations thereof.
  • the identity of the institution e.g., the name of the institution, an institution type of the institution, or the like
  • information that may be virtualized for institution 130 may include, for each of one or more individuals associated with institution 130 , any of the information described as capable of being virtualized for an individual (or any other type(s) of information which may be associated with an individual in conjunction with his or her role in the institution (e.g., an employee identifier of an employee at a corporation, information associated with a virtual space provided for use by the individual in performing functions on behalf of the institution, or the like)).
  • the institution 130 may use one or more devices to communicate with virtualization entity 110 (e.g., to provide real information to virtualization entity 110 and receive virtual information generated by virtualization entity 110 based on the real information).
  • FIG. 1 The propagation of real information from institution 130 (e.g., from one or more devices of or associated with institution 130 ) to virtualization entity 110 and propagation of associated virtual information from virtualization entity 110 to institution 130 (e.g., to one or more devices of or associated with institution 130 ) is depicted in FIG. 1 .
  • An institution may be considered to include one or more users which may perform functions on behalf of the institution.
  • virtual information for a user or institution may be referred to as a virtual profile of the user or the institution, a virtual definition for the user or the institution, or the like.
  • virtual information for a user or an institution may be static in that the virtual information may be defined and used multiple times.
  • the virtual information may be renewed periodically (e.g., by the associated user or institution).
  • the virtualization entity 110 may monitor a timer associated with the virtual information of a user or an entity and either renew the virtual information based on a determination that an indication of renewal of the virtual information is received before expiration of the timer or invalidate the virtual information based on a determination that an indication of a renewal of the virtual information is not received before expiration of the timer.
  • the timer may be set by the user or institution.
  • the renewal may be initiated by the user or institution.
  • the virtual information for a user or an institution may be updated.
  • the virtual information may be updated by a user or institution or automatically (e.g., based on detection of needs of the user or institution, based on detection of one or more trigger conditions, or the like).
  • virtual information for a user or an institution may be dynamic in that the virtual information may be defined (e.g., generated, modified, or the like) each time that the virtual information is used by the user or entity. For example, each time a sender has something to send to a receiver, a new virtual name may be generated for the sender. For example, each time a user places an order, a new virtual address may be generated for the user.
  • a virtual definition may have one or more triggers associated therewith.
  • the virtual triggers may trigger expiration of an existing virtual definition, generation of a new virtual definition, or the like, as well as various combinations thereof.
  • the triggers may include one or more of a temporal trigger, an event-based trigger, a context-based trigger, a location-based trigger, or the like, as well as various combinations thereof.
  • the user or institution associated with the virtual definition may be provided with a capability to modify such triggers on demand. For example, a virtual name may expire when a particular time is reached. For example, a new virtual address may be generated when a particular location is reached.
  • the triggers may be maintained and monitored by virtualization entity 110 .
  • the real information associated with virtual information for a user or institution may be modified.
  • This enables the user or institution to update real information (e.g., real name after marriage or divorce, real address after moving, temporary change of home address to vacation address, addition of a new address for a new office location of an institution, or the like) without requiring generation of new virtual information or even modification of existing virtual information (although it will be appreciated that, alternatively or additionally, some or all of the existing virtual information also may be updated or new virtual information may be generated).
  • the updating of real information may be initiated by the associated user or institution, initiated automatically based on detection of one or more conditions (e.g., based on an event, a context, a location, or the like), or the like.
  • the virtual information associated with the receiver may be obtained by the sender from virtualization entity 110 and only that receiver will be able to translate the virtual information of the receiver back to the real information for the receiver at the virtualization entity 110 via presentation of its credentials.
  • a user or an institution may apply virtualization multiple times to an entity or its virtual entity. This process may be generated automatically based on one or more profiles initiated or created by a user on demand.
  • virtualization functions may be provided for any suitable type of entity or group of entities having associated therewith real information for which associated virtual information may be assigned and used in order to provide security for the entity or group of entities. Accordingly, the various references herein to individual virtualization (or user virtualization) or institution virtualization may be read more generally as references to entity virtualization.
  • virtualization mapping information for an entity includes a single set of virtualization mapping information including a mapping of one set of real information to one set of virtual information
  • virtualization mapping information for an entity include any suitable number of sets of virtualization mapping information where each set of virtualization mapping information may include one or more mappings of one or more sets of real information to one or more sets of virtual information.
  • the different sets of virtualization mapping information or the different mappings between real information and virtual information may be based on one or more factors.
  • the different factors may include different types of information associated with the entity, use under different conditions (e.g., for different devices used by a user, for different types of communication by a user, for different times at which a user communicates, or the like), or the like, as well as various combinations thereof).
  • a given entity may have two sets of virtualization mapping information assigned thereto, including: (1) a first set of virtualization mapping information including a single mapping of real information to virtual information may be used for private communications by the entity and (2) a second set of virtualization mapping information including two mappings of real information of the entity to two different sets of virtual information for the entity may be used for public communications by the entity where the first mapping of real information to a first set of virtual information may be used for communications by the entity via a computer and the second mapping of real information to a second set of virtual information may be used for communications by the entity via a smart phone.
  • a given entity may have three sets of virtualization mapping information assigned thereto, including: (1) a first set of virtualization mapping information including three mappings of real information of the entity to three different sets of virtual information for the entity may be used for data-based communications by the entity where the first mapping of real information to a first set of virtual information may be used for e-mail communications by the entity, the second mapping of real information to a second set of virtual information may be used for instant messaging by the entity, and the third mapping of real information to a third set of virtual information may be used for online purchased made by the entity, (2) a second set of virtualization mapping information including a single mapping of real information to virtual information may be used for voice-based communications by the entity, and (3) a third set of virtualization mapping information including a single mapping of real information to virtual information may be used for other types of communications which may be performed by the entity.
  • the multiple sets of virtualization mapping information for an entity may have various temporal associations (e.g., co-existing, existing at different times where the entity modifies the virtualization mapping information over time for enhanced security, or the like, as well as various combinations thereof). It will be appreciated that the foregoing examples are merely a few of the various ways in which virtual information may be mapped to real information of an entity for use in securing communications by the entity. An exemplary embodiment depicting mappings of real information and virtual information for an entity is depicted and described with respect to FIG. 2 .
  • FIG. 2 depicts exemplary mappings of real information and virtual information for use in entity virtualization.
  • an entity 201 has three sets of virtualization mapping information 210 1 - 210 3 (collectively, sets of virtualization mapping information 210 associated therewith.
  • the first set of virtualization mapping information 210 1 includes a mapping of a set of real information 211 1 to a set of virtual information 212 1 for use in public communications by the entity 201 .
  • the second set of virtualization mapping information 210 2 includes a mapping of a set of real information 211 2 to three sets of virtual information 212 2A - 212 2C over time for use in private communications by the entity 201 .
  • the third set of virtualization mapping information 210 3 includes a mapping of a set of real information 211 3 to three sets of virtual information 212 3A - 212 3C over time for use in third-party communications by the entity 201 .
  • the sets of real information 211 1 , 211 2 , and 211 3 may be referred to collectively herein as sets of real information 211 and, similarly, the sets of virtual information 212 1 , 212 2A - 212 2C , and 212 3A - 212 3C may be referred to collectively herein as sets of virtual information 212 .
  • each of the sets of virtualization mapping information 210 (1) the set of real information 211 includes the following real information: Name, Address, Domain, ENUM, vCard, and, other types of real information as represented by ⁇ Others>, and (2) the set of virtual information 212 includes the following virtual information that is mapped to the real information: vName, vAddress, vDomain, vENUM, vvCard, and other types of virtual information as represented by ⁇ Others>.
  • the virtualization entity 110 provides virtualization functions for individuals or institutions, including generation of mappings of real information and virtual information for use in individual virtualization or institution virtualization.
  • the virtualization entity 110 includes a virtualization management system 112 and a virtualization mappings database 114 .
  • the virtualization management system 112 is configured to provide various virtualization functions as depicted and described herein.
  • the virtualization mappings database 114 is configured to maintain virtualization mapping information that is generated by virtualization management system 112 .
  • the virtualization management system 112 may be configured to receive and process requests for assignment of virtual information based on real information.
  • the virtualization management system 112 receives a virtual information assignment request from an entity (e.g., from individual 120 or institution 130 ).
  • the virtual information assignment request is a request by the entity for the virtualization management system 112 to assign virtual information corresponding to associated real information of the entity.
  • the real information may be provided to the virtualization management system 112 at any suitable time (e.g., prior to sending of the request or as part of the request).
  • the virtualization management system 112 generates virtual information for the real information.
  • the virtualization management system 112 provides virtualization mapping information including a mapping of the virtual information to the real information.
  • the virtualization management system 112 may maintain the virtualization mapping information locally within the virtualization entity 110 (illustratively, using virtual mappings database 114 ), propagate the virtualization mapping information toward the requesting entity (as depicted in FIG. 1 for both individual 120 and institution 130 ), or the like, as well as various combinations thereof.
  • the virtualization management system 112 may be configured to provide virtualization mapping information of an entity to one or more devices adapted to use the virtualization mapping information in order to provide virtualization functions for the entity.
  • virtualization management system 112 may be configured to provide virtualization mapping information of an entity to a device for use by the device in performing virtualization conversions from real information to virtual information or from virtual information to real information (where it will be appreciated that the virtualization mapping information may be provided to the device for storage at the device for later use by the device in performing virtualization conversions or may be provided to the device on demand in response to a request from the device when the device needs to perform a virtualization conversion).
  • An exemplary embodiment is depicted and described with respect to FIG. 3 .
  • the virtualization management system 112 may be configured to provide various other virtualization functions as depicted and described herein.
  • FIG. 3 depicts an exemplary system illustrating use of virtualization mapping information to provide secure communications.
  • system 300 includes virtualization entity 110 , a pair of communication endpoints 310 (including a communication source 310 A and a communication destination 310 Z ), and a pair of virtualization endpoints 320 (including a virtualization source 320 A and a virtualization destination 320 Z ), and a communication network 330 .
  • the virtualization endpoints 320 are configured to communicate with virtualization entity 110 and with each other via the communication network 330 .
  • the communication endpoints 310 are endpoints of a communication transaction to be secured using virtual information of an entity.
  • the communication source 310 A may be a user device or a network device and, similarly, the communication destination 310 Z may be a user device or a network device.
  • user devices may include desktop computers, laptop computers, tablet computers, landline telephones, cellular phones, smart phones, or the like.
  • network devices may include servers, databases, virtual machines, or the like.
  • the communication endpoints 310 each may be user devices (e.g., a smart phone and a landline phone, a pair of smartphones or the like).
  • the communication endpoints 310 each may be user devices (e.g., a pair of computers, a computer and a smart phone, or the like.
  • the communication source 310 A may be a user device and the communication destination 310 Z may be a web server.
  • the communication source 310 A may be a network device and the communication destination 310 Z may be a user device.
  • the virtualization endpoints 320 are configured to secure a communication transaction between communication source 310 A and communication destination 310 Z (or at least a portion of the path between communication source 310 A and communication destination 310 Z , depending on deployment of the virtualization endpoints 320 ).
  • the virtualization endpoints 320 secure the communication transaction between communication source 310 A and communication destination 310 Z by using virtual information in place of real information for the communication transaction between the virtualization endpoints 320 .
  • the virtualization source 320 A is configured to receive an original (unsecured) communication transaction from communication source 310 A .
  • the virtualization source 320 A is configured to modify the unsecured communication transaction by removing real information and including virtual information associated with the real information, thereby providing a secured communication transaction.
  • the virtualization source 320 A receives the virtual information from virtualization entity 110 .
  • the virtualization source 320 A may receive the virtual information from the virtualization entity 110 prior to the time at which the communication transaction is executed and store the virtual information locally (e.g., using a virtualization source database 321 A ) such that the virtualization source 320 A may retrieve the virtual information locally at the time of the communication transaction and modify the communication transaction to include the virtual information.
  • the virtualization source 320 A may be configured to request and receive the virtual information from virtualization entity 110 based on detection of the communication transaction and then modify the communication transaction to include virtual information.
  • the virtualization source 320 A is configured to propagate the communication transaction toward the virtualization destination 320 Z .
  • the virtualization destination 320 Z is configured to receive a secured communication transaction from virtualization source 320 A .
  • the virtualization destination 320 Z is configured to modify the secured communication transaction by remove the virtual information added to the unsecured communication transaction by virtualization source 320 A and adding the real information removed from the unsecured communication transaction by virtualization source 320 A , thereby recovering the original (unsecured) communication transaction.
  • the virtualization destination 320 Z like the virtualization source 320 A , receives the virtual information from virtualization entity 110 .
  • the virtualization destination 320 Z may receive the virtual information from the virtualization entity 110 prior to the time at which the communication transaction is executed and store the virtual information locally (e.g., using a virtualization destination database 321 Z ) such that the virtualization destination 320 Z may retrieve the virtual information locally at the time of the communication transaction and modify the communication transaction to remove the virtual information (and, optionally, to include associated real information).
  • the virtualization destination 320 Z may be configured to request and receive the virtual information from virtualization entity 110 based on detection of the communication transaction and then modify the communication transaction to remove the virtual information (and, optionally, to include associated real information).
  • the virtualization source 320 A is configured to propagate the communication transaction toward the communication destination 310 Z .
  • the virtualization endpoints 320 may use virtual information that includes one or both of virtual information associated with an entity that is using communication source 310 A and virtual information associated with an entity that is using communication destination 320 A (although, in at least some embodiments, it is more likely that virtualization endpoints 320 will use virtual information that is associated with an entity using communication source 310 A when the communication transaction is being provided in a direction from the communication source 310 A toward the communication destination 310 Z .
  • the virtualization endpoints 320 each may be deployed at any suitable location between communication source 310 A and communication destination 310 Z (e.g., within a local network with which the communication endpoint 310 is associated, within a communication network of a communications service provider, or the like). It will be appreciated that, although not depicted and described with respect to FIG. 3 , a virtualization endpoint 320 also may be included within its associated communication endpoint 310 (e.g., as a secure communication agent or module within a user device or network device).
  • virtualization capabilities may be used to provide ENUM virtualization.
  • Exemplary embodiments of ENUM virtualization are depicted and described with respect to FIGS. 4-11 .
  • FIG. 4 depicts an exemplary embodiment of ENUM virtualization in which user ENUM virtualization is supported.
  • communication system 400 includes a first SIP client 410 A associated with a first SIP Proxy 420 A and a second SIP client 410 B associated with a second SIP Proxy 420 B .
  • the communication system 400 also includes: (1) an ENUM/DNS server 430 associated with first SIP Proxy 420 A , and a first Virtualization Server 450 A associated with ENUM/DNS server 430 and (2) a second Virtualization Server 450 B associated with second SIP Proxy 420 B .
  • the first SIP Proxy 420 A and second SIP Proxy 420 B are configured to communicate via a communication network (e.g., the Internet).
  • communication system 400 includes various types of real and virtual information.
  • the second SIP client 410 B has a telephone number (e.g., x-xxx-xxx-xxxx) associated therewith.
  • the second SIP client 410 B also has a real SIP name and a real SIP domain (e.g., sip:name@domain.com) associated therewith.
  • the ENUM/DNS server 430 stores a mapping of the telephone number of second SIP client 410 B to the real SIP name and real SIP domain of second SIP client 410 B .
  • the first Virtualization Server 450 A and second Virtualization Server 450 B each have access to virtualization mapping information for second SIP client 410 B that includes a mapping of the real SIP name and real SIP domain of second SIP client 410 B to a virtual SIP name and a virtual SIP domain (e.g., sip:v-name@v-domain) assigned for the second SIP client 410 B .
  • virtualization mapping information for second SIP client 410 B that includes a mapping of the real SIP name and real SIP domain of second SIP client 410 B to a virtual SIP name and a virtual SIP domain (e.g., sip:v-name@v-domain) assigned for the second SIP client 410 B .
  • the communication system 400 is configured to support user ENUM virtualization.
  • the communication system 400 is configured to support a user ENUM/SIP call flow (in which the ENUM query is initiated by first SIP client 410 A ) adapted to provide user ENUM virtualization.
  • a caller associated with first SIP client 410 A dials the telephone number associated with the second SIP client 410 B , and a message is routed from first SIP client 410 A to first SIP Proxy 420 A .
  • first SIP Proxy 420 A (e.g., operating as a proxy UAC for the first SIP client 510 A ) queries the ENUM/DNS server 430 for the location of the second SIP client 410 B based on the telephone number associated with the second SIP client 410 B .
  • the ENUM/DNS server 430 returns a NAPTR record (including a virtual SIP URL, e.g., sip:v-name@v-domain.com) to the first SIP Proxy 420 A , where the ENUM/DNS server 430 generates the NAPTR record by using the telephone number associated with the second SIP client 410 B to retrieve the real SIP URL associated with the second SIP client 410 B via an ENUM/DNS lookup at ENUM/DNS server 430 , querying the first Virtualization Server 450 A using the real SIP URL associated with the second SIP client 410 B to obtain the virtual SIP URL that is mapped to the real SIP URL for the second SIP client 410 B , and including the virtual SIP URL associated with the second SIP client 410 B (rather than the real SIP URL associated with the second SIP client 410 B ) in the NAPTR record.
  • a virtual SIP URL e.g., sip:v-name@v-domain.com
  • first SIP Proxy 420 A (e.g., operating as a proxy UAC for the first SIP client 510 A ) initiates connection of the call to second client device 410 B using the virtual SIP URL by propagating a SIP call request message (which includes the virtual SIP URL) from first SIP Proxy 420 A to second SIP Proxy 420 B .
  • the second SIP Proxy 520 B queries the second Virtualization Server 450 B associated with second SIP Proxy 420 B using the virtual SIP URL associated with second client device 510 B to obtain the real SIP URL associated with the second client device 410 B .
  • the second Virtualization Server 450 B associated with the second SIP Proxy 420 B returns a NAPTR record (including the real SIP URL, e.g., sip:name@domain.com) to second SIP Proxy 420 B , where the second Virtualization Server 450 B generates the NAPTR record by using the virtual SIP URL as a key into virtualization mapping information associated with the second SIP client 410 B in order to obtain the real SIP URL associated with the second SIP client 410 B .
  • the second SIP Proxy 420 B sends a call setup message to second SIP client 410 B using the real SIP URL. In this manner, the real SIP URL of second SIP client 410 B is hidden for the length of the communication path between first SIP proxy 420 A and second SIP Proxy 420 B .
  • FIG. 5 depicts an exemplary embodiment of ENUM virtualization in which user ENUM virtualization is supported.
  • communication system 500 includes a first SIP client 510 A associated with a first SIP Proxy 520 A and a second SIP client 510 B associated with a second SIP Proxy 520 B .
  • the communication system 500 also includes: (1) an ENUM/DNS server 530 associated with first SIP Proxy 520 A , an ENUM database 540 associated with ENUM/DNS server 530 , and a first Virtualization Server 550 A associated with ENUM/DNS server 530 and (2) a second Virtualization Server 550 B associated with second SIP Proxy 520 B .
  • the first SIP Proxy 520 A and second SIP Proxy 520 B are configured to communicate via a communication network (e.g., the Internet).
  • communication system 500 includes various types of real and virtual information.
  • the second SIP client 510 B has a telephone number (e.g., x-xxx-xxx-xxxx) associated therewith.
  • the second SIP client 510 B also has a real SIP name and a real SIP domain (e.g., sip:name@domain.com) associated therewith.
  • the ENUM/DNS server 530 stores a mapping of the telephone number of second SIP client 510 B to the real SIP name and real SIP domain of second SIP client 510 B .
  • the first Virtualization Server 550 A and second Virtualization Server 550 B each have access to virtualization mapping information for second SIP client 510 B that includes a mapping of the real SIP name and real SIP domain of second SIP client 510 B to a virtual SIP name and a virtual SIP domain (e.g., sip:v-name@v-domain) assigned for the second SIP client 510 B .
  • virtualization mapping information for second SIP client 510 B that includes a mapping of the real SIP name and real SIP domain of second SIP client 510 B to a virtual SIP name and a virtual SIP domain (e.g., sip:v-name@v-domain) assigned for the second SIP client 510 B .
  • the communication system 500 is configured to support user ENUM virtualization.
  • the communication system 500 is configured to support a user ENUM/SIP call flow (in which the ENUM query is initiated by first SIP client 510 A ) adapted to provide user ENUM virtualization.
  • a caller associated with first SIP client 510 A dials the telephone number associated with the second SIP client 510 B .
  • first SIP client 510 A e.g., a UAC of first SIP client 510 A
  • the ENUM/DNS server 530 returns a NAPTR record (including a virtual SIP URL, e.g., sip:v-name@v-domain.com) to the first SIP client 510 A , where the ENUM/DNS server 530 generates the NAPTR record by using the telephone number associated with the second SIP client 510 B to retrieve the real SIP URL associated with the second SIP client 510 B via an ENUM/DNS lookup at ENUM/DNS server 530 , querying the first Virtualization Server 550 A using the real SIP URL associated with the second SIP client 510 B to obtain the virtual SIP URL that is mapped to the real SIP URL for the second SIP client 510 B , and including the virtual SIP URL associated with the second SIP client 510 B (rather than the real SIP URL associated with the second SIP client 510 B ) in the NAPTR record.
  • a virtual SIP URL e.g., sip:v-name@v-domain.com
  • the first SIP client 510 A (e.g., a UAC of the first SIP client 510 A ) initiates a call to second client device 510 B using the virtual SIP URL.
  • the SIP call request message is propagated from first SIP client 510 A to first SIP Proxy 520 A and from SIP Proxy 520 A to second SIP Proxy 520 B .
  • the second SIP Proxy 520 B queries the second Virtualization Server 550 B associated with second SIP Proxy 520 B using the virtual SIP URL associated with second client device 510 B to obtain the real SIP URL associated with second client device 510 B .
  • the second Virtualization Server 550 B associated with second SIP Proxy 520 B returns a NAPTR record (including the real SIP URL, e.g., sip:name@domain.com) to second SIP Proxy 520 B , where the second Virtualization Server 550 B generates the NAPTR record by using the virtual SIP URL as a key into virtualization mapping information associated with the second SIP client 510 B in order to obtain the real SIP URL associated with the second SIP client 510 B .
  • the second SIP Proxy 520 B sends a call setup message to second SIP client 510 B using the real SIP URL. In this manner, the real SIP URL of second SIP client 510 B is hidden for the length of the communication path between first SIP client 510 A and second SIP Proxy 520 B .
  • FIG. 6 depicts an exemplary embodiment of ENUM virtualization in which infrastructure ENUM virtualization is supported.
  • communication system 600 includes a first SIP client 610 A (denoted as SIP client A) associated with a first carrier network 620 A (denoted as carrier A) and a second SIP client 610 B (denoted as SIP client B) associated with a second carrier network 620 B (denoted as Carrier B).
  • the communication system 600 also includes: (1) a first Virtualization Server 650 A associated with first carrier network 620 A ; (2) a second Virtualization Server 650 B associated with second carrier network 620 B , and (3) an ENUM/DNS server 630 , associated with first carrier network 620 A and second carrier network 620 B , an Infrastructure ENUM (I-ENUM) database 640 associated with ENUM/DNS server 630 I , and a third Virtualization Server 650 I associated with ENUM/DNS server 630 I .
  • I-ENUM Infrastructure ENUM
  • the first carrier network 620 A includes a SIP PBX 621 (to which the first SIP client 610 A is connected) configured to communicate at least with ENUM/DNS server 630 I .
  • the second carrier network 720 B includes a SIP Proxy 622 .
  • the first carrier network 620 A and second carrier network 620 B include pluralities of interconnected communication elements 623 supporting communication between first SIP client 610 A and second SIP client 610 B (as well as between various other elements depicted and described with respect to FIG. 6 ).
  • a communication path 660 between first SIP client 610 A and second SIP client 610 B includes SIP PBX 621 and SIP Proxy 622 .
  • the communication system 600 is configured to support I-ENUM virtualization.
  • one or more service providers may selectively announce to one or more other service providers a set of interconnection points for service termination.
  • the interconnection points may be virtualized using a federated Virtualization Service at the I-ENUM location.
  • the virtualization of interconnection points in this manner may be used to ensure that only the source carrier and the destination carrier are able to know the origination and destination of the I-ENUM.
  • I-ENUM virtualization may be provided by (1) having a service provider announce, in some I-ENUM DNS domain, the virtualized E.164 number block for which the service provider is the service provider of record, (2) having the service provider populate its DNS zone with a description(s) of the services that the service provider is willing to terminate, and (3) having the service provider nominate the IP interconnection points (e.g., URIs or the like) that perform service termination in the network of the terminating service provider.
  • IP interconnection points e.g., URIs or the like
  • I-ENUM virtualization may utilize virtualization technology that is the same as or at least similar to virtualization technology utilized for user ENUM virtualization (e.g., as depicted and described with respect to FIG. 5 ); however, in I-ENUM virtualization the service providers are attempting to undertake the virtualized discovery and termination operation relative to the terminating service provider (rather than relative to the end user as in user ENUM virtualization). Thus, in at least some embodiments of I-ENUM virtualization, the operations that are performed are similar to operations performed for user ENUM virtualization, but translated into a service provider context.
  • such operations may include identifying the service being requested, (2) performing a lookup for the called virtualized E.164 number in the I-ENUM DNS domain, selecting the virtualized URI of the terminating carrier for a compatible terminating service entry that is published against an enclosing virtualized number block entry, and completing the call request using the virtualized service interconnection point.
  • FIG. 7 depicts an exemplary embodiment of ENUM virtualization in which private ENUM virtualization is supported.
  • communication system 700 includes a first SIP client 710 A (denoted as SIP client A) associated with a first carrier network 720 A (denoted as carrier A) and a second SIP client 710 B (denoted as SIP client B) associated with a second carrier network 720 B (denoted as Carrier B).
  • first SIP client 710 A denoted as SIP client A
  • second SIP client 710 B denoted as SIP client B
  • the communication system 700 also includes: (1) a first ENUM/DNS server 730 A associated with first carrier network 720 A , a first Private ENUM (P-ENUM) database 740 A associated with first ENUM/DNS server 730 A , and a first Virtualization Server 750 A associated with first ENUM/DNS server 730 A ; (2) a second ENUM/DNS server 730 B associated with second carrier network 720 B , a second Private ENUM (P-ENUM) database 740 B associated with second ENUM/DNS server 730 B , and a second Virtualization Server 750 B associated with second ENUM/DNS server 730 B ; and (3) a third ENUM/DNS server 730 , associated with first carrier network 720 A and second carrier network 720 B , an Infrastructure ENUM (I-ENUM) database 740 , associated with third ENUM/DNS server 730 I , and a third Virtualization Server 750 I associated with third ENUM/DNS server 730 I .
  • I-ENUM Infrastructure EN
  • the first carrier network 720 A includes a SIP PBX 721 (to which the first SIP client 710 A is connected) configured to communicate at least with first ENUM/DNS server 730 A and third ENUM/DNS server 730 I .
  • the second carrier network 720 B includes a SIP Proxy 722 configured to communicate at least with second ENUM/DNS server 730 B .
  • the first carrier network 720 A and second carrier network 720 B include pluralities of interconnected communication elements 723 supporting communication between first SIP client 710 A and second SIP client 710 B (as well as between various other elements depicted and described with respect to FIG. 7 ).
  • a communication path 760 between first SIP client 710 A and second SIP client 710 B includes SIP PBX 721 and SIP Proxy 722 .
  • the communication system 700 is configured to support private ENUM virtualization.
  • I-ENUM virtualization identifies the service provider of record where the business relationship between service providers is securely encapsulated via virtualization. However, if there is no business relationship between service providers, then direct interconnection is not possible where the service providers use virtualized private ENUMS.
  • private ENUM virtualization may be used translate a virtualized E.164 number into a virtualized URI, and I-ENUM virtualization may then be used to interconnect the virtualized private ENUMs.
  • FIG. 8 depicts an exemplary embodiment of ENUM virtualization in which enterprise ENUM virtualization is supported.
  • communication system 800 includes three SIP clients 810 as follows: (1) a first SIP client 810 A1 (denoted as SIP client A 1 ) and a second SIP client 810 A2 (denoted as SIP client A 2 ) associated with a first carrier network 820 A (denoted as carrier A) and (2) a third SIP client 810 B (denoted as SIP client B) associated with a second carrier network 820 B (denoted as Carrier B).
  • the communication system 900 also includes an ENUM/DNS server 830 , an ENUM database 840 associated with ENUM/DNS server 830 , and a Virtualization Server 850 associated with ENUM/DNS server 830 .
  • the first carrier network 820 A includes a SIP PBX 821 (to which the first SIP client 810 A1 is connected) configured to communicate at least with the ENUM/DNS server 830 .
  • the second carrier network 820 B includes a SIP Proxy 822 configured to communicate at least with third SIP client 810 B and ENUM/DNS server 830 .
  • the first carrier network 820 A and second carrier network 820 B include pluralities of interconnected communication elements 823 supporting communication between the SIP clients 810 (as well as between various other elements depicted and described with respect to FIG. 8 ).
  • the communication system 800 is configured to support various forms of enterprise ENUM virtualization.
  • communication system 800 is configured to support private ENUM virtualization within the enterprise context (e.g., supporting internal translation from E.164 to SIP URI). This is denoted in FIG. 8 by element number 891 .
  • private ENUM virtualization may be better understood by way of reference to FIG. 7 .
  • communication system 800 is configured to support I-ENUM virtualization within the enterprise context (e.g., supporting internal translation from E.164 to SIP URI). This is denoted in FIG. 8 by element number 892 .
  • I-ENUM virtualization may be better understood by way of reference to FIG. 6 .
  • communication system 1000 is configured to support public ENUM virtualization within the enterprise context (e.g., supporting internal translation from E.164 to SIP URI). This is denoted in FIG. 8 by element number 893 .
  • the communication system 800 may be configured to support various other forms of enterprise ENUM virtualization.
  • FIG. 9 depicts an exemplary embodiment of ENUM virtualization in which vCard ENUM virtualization is supported.
  • communication system 900 includes a first SIP client 910 A (denoted as SIP client A) associated with a first carrier network 920 A (denoted as carrier A) and a second SIP client 910 B (denoted as SIP client B) associated with a second carrier network 920 B (denoted as Carrier B).
  • the communication system 900 also includes an ENUM/DNS server 930 , a Private ENUM (P-ENUM) database 940 associated with ENUM/DNS server 930 , and a Virtualization Server 950 associated with ENUM/DNS server 930 .
  • the communication system 900 also includes a vCard server 960 , a vCard database 970 associated with vCard server 960 , and a Virtualization Server 980 associated with vCard server 960 .
  • the first carrier network 920 A includes a SIP PBX 921 (to which the first SIP client 910 A is connected).
  • the second carrier network 920 B includes a SIP Proxy 922 configured to communicate at least with second SIP client 910 B , ENUM/DNS server 930 , and vCard server 960 .
  • the first carrier network 920 A and second carrier network 920 B include pluralities of interconnected communication elements 923 supporting communication between first SIP client 910 A and second SIP client 910 B (as well as between various other elements depicted and described with respect to FIG. 9 ).
  • a communication path 990 between first SIP client 910 A and second SIP client 910 B includes SIP PBX 921 and SIP Proxy 922 .
  • the communication system 900 is configured to support vCard ENUM virtualization.
  • vCard ENUM virtualization may be better understood by way of reference to FIG. 5 .
  • FIG. 10 depicts an exemplary embodiment of ENUM virtualization in which Calling Name (CNAM) ENUM virtualization is supported.
  • CNAM Calling Name
  • a communication system 1000 includes a first SIP client 1010 A (denoted as SIP client A) associated with a first carrier network 1020 A (denoted as carrier A) and a second SIP client 1010 B (denoted as SIP client B) associated with a second carrier network 1020 B (denoted as Carrier B).
  • the communication system 1000 also includes an ENUM/DNS server 1030 , a Private ENUM (P-ENUM) database 1040 associated with ENUM/DNS server 1030 , and a Virtualization Server 1050 associated with ENUM/DNS server 1030 .
  • P-ENUM Private ENUM
  • the first carrier network 1020 A includes a SIP PBX 1021 (to which the first SIP client 1010 A is connected).
  • the second carrier network 1020 B includes a SIP Proxy 1022 configured to communicate at least with second SIP client 1010 B and ENUM/DNS server 1030 .
  • the first carrier network 1020 A and second carrier network 1020 B include pluralities of interconnected communication elements 1023 supporting communication between first SIP client 1010 A and second SIP client 1010 B (as well as between various other elements depicted and described with respect to FIG. 9 ).
  • a communication path 1060 between first SIP client 1010 A and second SIP client 1010 B includes SIP PBX 1021 and SIP Proxy 1022 .
  • the communication system 1000 is configured to support CNAM ENUM virtualization.
  • the communication system 1000 is configured to support a query on the originating E.164 number of the first SIP client 1010 A in order to determine the Calling Name (CNAM) of the user associated with first SIP client 1010 A .
  • the second SIP client 1010 B generates a query request.
  • the second SIP client 1010 B sends a query request to SIP Proxy 1022 .
  • the SIP Proxy 1022 propagates the query request to ENUM/DNS server 130 .
  • the ENUM/DNS server 130 propagates the query request to Virtualization Server 1050 .
  • the Virtualization Server 1050 determines the CNAM of the user associated with first SIP client 1010 A .
  • the Virtualization Server 1050 generates a query response including the CNAM of the user associated with first SIP client 1010 A .
  • the Virtualization Server 1050 propagates the query response to the ENUM/DNS server 130 .
  • the ENUM/DNS server 1030 propagates the query response to the SIP Proxy 1022 .
  • the SIP Proxy 1022 propagates the query response to the second SIP client 1010 B .
  • ENUM virtualization may be used to provide security for one or more of access (e.g., secure public DNS, secure private DNS, or the like), content (e.g., user URI, interconnection URI, or the like), control of content (e.g., secure user opt-in and control, secure carrier control, or the like), routing decisions (e.g., secure originating user, terminating user, carrier, or the like), or the like, as well as various combinations thereof.
  • access e.g., secure public DNS, secure private DNS, or the like
  • content e.g., user URI, interconnection URI, or the like
  • control of content e.g., secure user opt-in and control, secure carrier control, or the like
  • routing decisions e.g., secure originating user, terminating user, carrier, or the like, or the like, as well as various combinations thereof.
  • virtualization capabilities may be used to provide online retail virtualization. Exemplary embodiments of online retail virtualization are depicted and described with respect to FIGS. 11-12 .
  • FIG. 11 depicts an exemplary embodiment of user virtualization for an online transaction.
  • a communication system 1100 includes a user device 1110 , online transaction server 1120 , a parcel processing center 1130 , a virtualization entity 1140 , and a communication network 1150 .
  • the user device 1110 , the online transaction server 1120 , the parcel processing center 1130 , and the virtualization entity 1140 each are configured to communicate with the communication network 1150 .
  • the user device 1110 is a communication device of a user 1102 , where the user has a real name and a real address (e.g., home address, mailing address, or the like, which, illustratively, is associated with a location 1103 ) associated therewith.
  • the user device 1110 is configured to enable the user to browse for products and services online and to place orders for products and services online (illustratively, from online transaction server 1120 ).
  • user device 1110 may be a desktop computer, a laptop computer, a tablet computer, a smartphone, or the like.
  • the online transaction server 1120 is operated by an entity.
  • the online transaction server 1120 hosts a website via which users may browse products offered by the entity and place orders for products offered by the entity.
  • the parcel processing center 1130 is operated by a parcel carrier which is capable of delivering parcels.
  • the parcel processing center 1130 may include one or more network-based systems which may be configured to perform functions such as managing parcel deliveries, enabling third parties to track parcel deliveries, obtaining virtualization mapping information from virtual entity 1140 , or the like, as well as various combinations thereof.
  • the virtualization entity 1140 is configured to assign and maintain virtualization mapping information for individuals and institutions.
  • the virtualization mapping information for user 1102 includes: (1) a mapping of a real name of the user 1102 to a virtual name for the user 1102 (e.g., a fake name, a numeric or alphanumeric identifier, or the like) and (2) a mapping of a real address of the user 1102 (associated with location 1103 ) to a virtual address for the user 1102 (e.g., a fake address, a numeric or alphanumeric identifier, or the like).
  • the virtualization entity 1140 may be implemented as depicted and described with respect to virtualization entity 110 of FIG. 1 .
  • the operation of the system 1100 in providing user virtualization for an online transaction may be better understood by considering an example in which user 1102 of user device 1110 orders a product from the entity that is operating online transaction server 1120 and the product is delivered to the user 1102 , at location 1103 , by the parcel carrier that is operating parcel processing center 1130 .
  • the user 1102 uses the user device 1110 to access a website hosted by online transaction server 1120 .
  • the user 1102 browses for various products available via the website.
  • the user 1102 decides to order one of the products listed on the website, and begins a checkout process.
  • the virtual information for the user 1102 (e.g., the virtual name and virtual address of the user 1102 ) are provided to online transaction server 1120 .
  • the virtual name and virtual address of the user may be entered by the user 1102 during the checkout process, may be automatically entered by user device 1110 during the checkout process, may be added to the order by the user device 1110 after the checkout process is complete but before the order is propagated toward online transaction server 1120 (e.g., where the user 1102 enters the real name and real address of the user 1102 during checkout, and the real information of the user 1102 is replaced by the corresponding virtual information of the user 1102 before the order is propagated toward online transaction server 1120 ).
  • the entity which is operating the online transaction server 1120 receives and processes the order for the product, packages the product for shipping (including specification of the virtual name and virtual address of the user 1102 , as provided in the order received from user device 1110 , for use in delivering the product to the user 1102 ), and provides the product to the parcel processing center 1130 .
  • the parcel processing center 1130 uses virtualization mapping information associated with the user 1102 to determine the real name and real address of the user 1102 based on the virtual name and virtual address of the user 1102 that is received from the entity that is operating online transaction server 1120 .
  • the parcel processing center 1130 may perform the reverse mapping from the virtual information of the user 1102 to the real information of the user 1102 locally (e.g., where the parcel processing center 1130 previously received virtualization mapping information for the user 1102 from the virtualization entity 1140 ) or by initiating a request to the virtualization entity 1140 (e.g., a request for the virtualization mapping information for the user 1102 so that the parcel processing center 1130 can determine the real information based on the virtual information, a request for the real information for the user 1102 where the parcel processing center 1130 sends the virtual information for the user 1102 to the virtualization entity 1140 such that virtualization entity 1140 may determine the real information associated with the virtual information and may return the real information to the parcel processing center 1130 , or the like).
  • a request for the virtualization mapping information for the user 1102 so that the parcel processing center 1130 can determine the real information based on the virtual information
  • the parcel processing center 1130 sends the virtual information for the user 1102 to the virtualization entity 1140 such that virtualization entity
  • the parcel carrier which is operating parcel processing center 1130 may then deliver the product to the user 1102 at the location 1103 based on the real name and real address of the user 1102 (where, it will be appreciated, the real address of the user 1102 specifies the location 1103 ). In this manner, use of the virtual information of the user 1102 rather than the real information of the user 1102 prevents the entity which is operating online transaction server 1120 , as well as any entity which may have access to communications between user device 1110 and online transaction server 1120 , from gaining access to the real information of the user 1102 . This provides significant protection for the real information of the user 1102 .
  • virtualization may be provided for a group of individuals (e.g., member of a family, a group of friends, or the like).
  • group of institutions e.g., a group of companies, a group of educational institutions, or the like.
  • FIG. 12 depicts a high-level block diagram of a computer suitable for use in performing functions described herein.
  • computer 1200 includes a processor element 1202 (e.g., a central processing unit (CPU) and/or other suitable processor(s)) and a memory 1204 (e.g., random access memory (RAM), read only memory (ROM), and the like).
  • processor element 1202 e.g., a central processing unit (CPU) and/or other suitable processor(s)
  • memory 1204 e.g., random access memory (RAM), read only memory (ROM), and the like.
  • the computer 1200 also may include a cooperating module/process 1205 .
  • the cooperating process 1205 can be loaded into memory 1204 and executed by the processor 1202 to implement functions as discussed herein.
  • cooperating process 1205 (including associated data structures) can be stored on a computer readable storage medium, e.g., RAM memory, magnetic or optical drive or diskette, and the like.
  • the computer 1200 also may include one or more input/output devices 1206 (e.g., a user input device (such as a keyboard, a keypad, a mouse, and the like), a user output device (such as a display, a speaker, and the like), an input port, an output port, a receiver, a transmitter, and storage devices (e.g., a tape drive, a floppy drive, a hard disk drive, a compact disk drive, and the like)).
  • a user input device such as a keyboard, a keypad, a mouse, and the like
  • a user output device such as a display, a speaker, and the like
  • an input port such as a display, a speaker, and the like
  • an output port such as a receiver, a transmitter
  • storage devices e.g., a tape drive, a floppy drive, a hard disk drive, a compact disk drive, and the like
  • computer 1200 depicted in FIG. 12 provides a general architecture and functionality suitable for implementing functional elements described herein and/or portions of functional elements described herein.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Telephonic Communication Services (AREA)

Abstract

A virtualization capability is adapted support virtualization for an individual or an institution. The virtualization for an individual or an institution may be provided using mappings of real information to virtual information. The virtualization for an individual or an institution may be used to support secure communications by the individual or an institution (e.g., electronic communications, non-electronic communications, or the like). The virtualization for an individual or an institution may include various types of E.164 Number Mapping (ENUM) virtualization, such as user ENUM virtualization, infrastructure ENUM virtualization, private ENUM virtualization, enterprise ENUM virtualization, and the like. The virtualization for an individual or an institution may include virtualization for online transactions in a manner that hides real information associated with the individual or an institution (e.g., name, mailing address, or the like) from the online vendor. The virtualization for an individual or an institution may include other types of virtualization.

Description

    CROSS REFERENCE TO RELATED APPLICATION
  • This application claims the benefit of U.S. Provisional Patent Application Ser. No. 61/614,345, entitled “NEW SECURE COMMUNICATION MECHANISMS AND CAPABILITIES,” filed Mar. 22, 2012, which is hereby incorporated herein by reference in its entirety.
    • TECHNICAL FIELD
  • This disclosure relates generally to communications and, more specifically but not exclusively, to security of communications.
    • BACKGROUND
  • In many cases, the line between corporate communications and personal communications is becoming blurred. The introduction of certain practices, such as bring your own device (BYOD) or bring your own PC (BYOPC), is putting corporate information at risk. Similarly, technologies such as “big data mining” are putting corporate information at risk. Additionally, there also are instances of corporate information or intentions being shared by corporate users, knowingly or unknowingly, in a manner that enables such information or intentions to be passed on to or obtained by competitors or malicious entities (e.g., via social media websites, public forums, cloud platforms, and the like). While most corporations employ security mechanisms within their corporate networks, such mechanisms do not always adequately secure communications of the corporate users of the corporate networks, which may include both corporate communications and personal communications by the corporate users. Furthermore, many such security issues also exist for communications by users of non-corporate entities, personal communications by individuals, and so forth.
    • SUMMARY OF EMBODIMENTS
  • Various deficiencies in the prior art are addressed by embodiments for providing virtualization.
  • In one embodiment, an apparatus includes a processor and a memory communicatively connected to the processor. The memory is configured to store a mapping of a real identity of an entity to a virtual identity of the entity, where the real identity includes real information associated with the entity, the virtual identity includes virtual information associated with the entity, and the entity includes a user or an institution. The processor is configured to receive a communication for the entity where the communication for the entity includes at least a portion of the real information associated with the entity, and process the communication for the entity using at least a portion of the virtual information from the virtual identity of the entity.
  • In one embodiment, a computer-readable storage medium stores instructions which, when executed by a computer, cause the computer to perform a method. The method includes maintaining a mapping of a real identity of an entity to a virtual identity of the entity, where the real identity includes real information associated with the entity, the virtual identity includes virtual information associated with the entity, and the entity includes a user or an institution. The method includes receiving a communication for the entity where the communication for the entity includes at least a portion of the real information associated with the entity. The method includes and processing the communication for the entity using at least a portion of the virtual information from the virtual identity of the entity.
  • In one embodiment, a method includes using a processor and a memory for performing steps. The steps include maintaining a mapping of a real identity of an entity to a virtual identity of the entity, where the real identity includes real information associated with the entity, the virtual identity includes virtual information associated with the entity, and the entity includes a user or an institution. The steps include receiving a communication for the entity where the communication for the entity includes at least a portion of the real information associated with the entity. The steps include processing the communication for the entity using at least a portion of the virtual information from the virtual identity of the entity.
    • BRIEF DESCRIPTION OF THE DRAWINGS
  • The teachings herein can be readily understood by considering the following detailed description in conjunction with the accompanying drawings, in which:
  • FIG. 1 depicts an exemplary environment configured to support individual virtualization or institution virtualization;
  • FIG. 2 depicts exemplary mappings of real information and virtual information for use in entity virtualization;
  • FIG. 3 depicts an exemplary system illustrating use of virtualization mapping information to provide secure communications;
  • FIG. 4 depicts an exemplary embodiment of ENUM virtualization in which user ENUM virtualization is supported;
  • FIG. 5 depicts an exemplary embodiment of ENUM virtualization in which user ENUM virtualization is supported;
  • FIG. 6 depicts an exemplary embodiment of ENUM virtualization in which infrastructure ENUM virtualization is supported;
  • FIG. 7 depicts an exemplary embodiment of ENUM virtualization in which private ENUM virtualization is supported;
  • FIG. 8 depicts an exemplary embodiment of ENUM virtualization in which enterprise ENUM virtualization is supported;
  • FIG. 9 depicts an exemplary embodiment of ENUM virtualization in which vCard ENUM virtualization is supported;
  • FIG. 10 depicts an exemplary embodiment of ENUM virtualization in which Calling Name (CNAM) ENUM virtualization is supported;
  • FIG. 11 depicts an exemplary embodiment of user virtualization for an online transaction; and
  • FIG. 12 depicts a high-level block diagram of a computer suitable for use in performing functions described herein.
    •
  • To facilitate understanding, identical reference numerals have been used, where possible, to designate identical elements that are common to the figures.
    • DETAILED DESCRIPTION OF EMBODIMENTS
  • In general, virtualization capabilities are depicted and described herein, although various other capabilities also may be presented herein. The virtualization capabilities may include one or more an individual virtualization capability for virtualizing one or more aspects of an individual, an institution virtualization capability for virtualizing one or more aspects of an institution, or the like. The virtualization for an individual or an institution may be provided using mappings of real information to virtual information. The virtualization for an individual or an institution may be used to support secure communications by the individual or an institution (e.g., electronic communications, non-electronic communications, or the like). The virtualization for an individual or an institution may include various types of E.164 Number Mapping (ENUM) virtualization, such as user ENUM virtualization, infrastructure ENUM virtualization, private ENUM virtualization, enterprise ENUM virtualization, vCard ENUM virtualization, Calling Name (CNAM) ENUM virtualization, and the like. The virtualization for an individual or an institution may include virtualization for online transactions in a manner that hides real information associated with the individual or an institution (e.g., name, mailing address, or the like) from the online vendor. The virtualization for an individual or an institution may include other types of virtualization. Various embodiments of virtualization capabilities for individuals and institutions may be better understood by way of reference to the description which follows.
  • FIG. 1 depicts an exemplary environment configured to support individual virtualization or institution virtualization.
  • As depicted in FIG. 1, environment 100 includes a virtualization entity 110 configured to provide virtualization functions for individuals (represented by an individual 120) or one or more institutions (represented by an institution 130).
  • The virtualization entity 110 provides virtualization functions, which may be performed for individuals (illustratively, individual 120) or institutions (illustratively, institutions 130). The virtualization entity 110 may be any type of entity which may provide virtualization functions for an individual or an institution. In the case of an individual such as individual 120, for example, virtualization entity 110 may be a federated entity, a virtualization service provider, or the like. In the case of an institution such as institution 130, for example, virtualization entity 110 may be a federated entity, a virtualization service provider, a group within or otherwise affiliated with the institution, or the like. In the case of a combination of individuals and institutions, for example, virtualization entity 110 may be a federated entity, a virtualization service provider, or the like.
  • The individual 120 represents any individual for which virtualization functions may be provided. Various types of information may be virtualized for the individual 120, including one or more of an identity of the individual (e.g., the name of the individual, the gender of the individual, the age of the individual, or the like), one or more physical addresses of the individual (e.g., home address, mailing address, or the like), device information (e.g., device identifier, device type, device manufacturer, device version number, or the like) for one or more user devices of the individual (e.g., a computer, a smart phone, a modem, a set top box, a television, a gaming console, or the like), one or more network addresses of the individual (e.g., one or more e-mail addresses, one or more domain addresses, one or more Internet Protocol (IP) addresses, E.164 Number Mapping (ENUM) information, or the like), or the like, as well as various combinations thereof. It will be appreciated that although primarily depicted and described with respect to virtualization at the individual level, virtualizations may be maintained for groups of people (e.g., members of a family or the like). It will be appreciated that, although omitted for purposes of clarity, the individual 120 may use one or more user devices to communicate with virtualization entity 110 (e.g., to provide real information to virtualization entity 110 and receive virtual information generated by virtualization entity 110 based on the real information). The propagation of real information from individual 120 to virtualization entity 110 (e.g., from a user device of the individual 120) and propagation of associated virtual information from virtualization entity 110 to individual 120 (e.g., to a user device of the individual 120) is depicted in FIG. 1. An individual also may be referred to herein as a user.
  • The institution 130 represents any type of institution for which virtualization functions may be provided. For example, institution 130 may be a corporation, an educational institution, an organization, or the like. Various types of information may be virtualized for the institution 130, including one or more of the identity of the institution (e.g., the name of the institution, an institution type of the institution, or the like) one or more physical addresses of the institution (e.g., one or more office address locations, one or more mailing addresses, or the like), information about the organizational structure of the institution (e.g., names of groups within the institution, information associated with matrices of relationships between individuals of the institution, or the like), information associated with physical resources/assets of the institution, information associated with virtual resources/assets of the institution, proprietary information of the institution (e.g., technology areas, product areas, product names, or the like) or the like, as well as various combinations thereof. Additionally, information that may be virtualized for institution 130 may include, for each of one or more individuals associated with institution 130, any of the information described as capable of being virtualized for an individual (or any other type(s) of information which may be associated with an individual in conjunction with his or her role in the institution (e.g., an employee identifier of an employee at a corporation, information associated with a virtual space provided for use by the individual in performing functions on behalf of the institution, or the like)). It will be appreciated that, although omitted for purposes of clarity, the institution 130 may use one or more devices to communicate with virtualization entity 110 (e.g., to provide real information to virtualization entity 110 and receive virtual information generated by virtualization entity 110 based on the real information). The propagation of real information from institution 130 (e.g., from one or more devices of or associated with institution 130) to virtualization entity 110 and propagation of associated virtual information from virtualization entity 110 to institution 130 (e.g., to one or more devices of or associated with institution 130) is depicted in FIG. 1. An institution may be considered to include one or more users which may perform functions on behalf of the institution.
  • In at least some embodiment, virtual information for a user or institution may be referred to as a virtual profile of the user or the institution, a virtual definition for the user or the institution, or the like.
  • In at least some embodiments, virtual information for a user or an institution may be static in that the virtual information may be defined and used multiple times.
  • In at least some embodiments, the virtual information may be renewed periodically (e.g., by the associated user or institution). In at least some embodiments, the virtualization entity 110 may monitor a timer associated with the virtual information of a user or an entity and either renew the virtual information based on a determination that an indication of renewal of the virtual information is received before expiration of the timer or invalidate the virtual information based on a determination that an indication of a renewal of the virtual information is not received before expiration of the timer. The timer may be set by the user or institution. The renewal may be initiated by the user or institution.
  • In at least some embodiments, the virtual information for a user or an institution may be updated. The virtual information may be updated by a user or institution or automatically (e.g., based on detection of needs of the user or institution, based on detection of one or more trigger conditions, or the like).
  • In at least some embodiments, virtual information for a user or an institution may be dynamic in that the virtual information may be defined (e.g., generated, modified, or the like) each time that the virtual information is used by the user or entity. For example, each time a sender has something to send to a receiver, a new virtual name may be generated for the sender. For example, each time a user places an order, a new virtual address may be generated for the user.
  • In at least some embodiments, a virtual definition may have one or more triggers associated therewith. The virtual triggers may trigger expiration of an existing virtual definition, generation of a new virtual definition, or the like, as well as various combinations thereof. The triggers may include one or more of a temporal trigger, an event-based trigger, a context-based trigger, a location-based trigger, or the like, as well as various combinations thereof. The user or institution associated with the virtual definition may be provided with a capability to modify such triggers on demand. For example, a virtual name may expire when a particular time is reached. For example, a new virtual address may be generated when a particular location is reached. The triggers may be maintained and monitored by virtualization entity 110.
  • In at least some embodiments, the real information associated with virtual information for a user or institution may be modified. This enables the user or institution to update real information (e.g., real name after marriage or divorce, real address after moving, temporary change of home address to vacation address, addition of a new address for a new office location of an institution, or the like) without requiring generation of new virtual information or even modification of existing virtual information (although it will be appreciated that, alternatively or additionally, some or all of the existing virtual information also may be updated or new virtual information may be generated). The updating of real information may be initiated by the associated user or institution, initiated automatically based on detection of one or more conditions (e.g., based on an event, a context, a location, or the like), or the like.
  • In at least some embodiments, in which a sender and receiver communicate or otherwise interact in some manner, the virtual information associated with the receiver may be obtained by the sender from virtualization entity 110 and only that receiver will be able to translate the virtual information of the receiver back to the real information for the receiver at the virtualization entity 110 via presentation of its credentials.
  • In at least some embodiments, a user or an institution may apply virtualization multiple times to an entity or its virtual entity. This process may be generated automatically based on one or more profiles initiated or created by a user on demand.
  • It will be appreciated that, although primarily depicted and described herein with respect to providing virtualization functions for individuals and/or institutions, virtualization functions may be provided for any suitable type of entity or group of entities having associated therewith real information for which associated virtual information may be assigned and used in order to provide security for the entity or group of entities. Accordingly, the various references herein to individual virtualization (or user virtualization) or institution virtualization may be read more generally as references to entity virtualization.
  • It will be appreciated that, although primarily depicted and described with respect to embodiments in which virtualization mapping information for an entity includes a single set of virtualization mapping information including a mapping of one set of real information to one set of virtual information, virtualization mapping information for an entity include any suitable number of sets of virtualization mapping information where each set of virtualization mapping information may include one or more mappings of one or more sets of real information to one or more sets of virtual information. The different sets of virtualization mapping information or the different mappings between real information and virtual information may be based on one or more factors. For example, the different factors may include different types of information associated with the entity, use under different conditions (e.g., for different devices used by a user, for different types of communication by a user, for different times at which a user communicates, or the like), or the like, as well as various combinations thereof). For example, a given entity may have two sets of virtualization mapping information assigned thereto, including: (1) a first set of virtualization mapping information including a single mapping of real information to virtual information may be used for private communications by the entity and (2) a second set of virtualization mapping information including two mappings of real information of the entity to two different sets of virtual information for the entity may be used for public communications by the entity where the first mapping of real information to a first set of virtual information may be used for communications by the entity via a computer and the second mapping of real information to a second set of virtual information may be used for communications by the entity via a smart phone. For example, a given entity may have three sets of virtualization mapping information assigned thereto, including: (1) a first set of virtualization mapping information including three mappings of real information of the entity to three different sets of virtual information for the entity may be used for data-based communications by the entity where the first mapping of real information to a first set of virtual information may be used for e-mail communications by the entity, the second mapping of real information to a second set of virtual information may be used for instant messaging by the entity, and the third mapping of real information to a third set of virtual information may be used for online purchased made by the entity, (2) a second set of virtualization mapping information including a single mapping of real information to virtual information may be used for voice-based communications by the entity, and (3) a third set of virtualization mapping information including a single mapping of real information to virtual information may be used for other types of communications which may be performed by the entity. It will be appreciated that the multiple sets of virtualization mapping information for an entity may have various temporal associations (e.g., co-existing, existing at different times where the entity modifies the virtualization mapping information over time for enhanced security, or the like, as well as various combinations thereof). It will be appreciated that the foregoing examples are merely a few of the various ways in which virtual information may be mapped to real information of an entity for use in securing communications by the entity. An exemplary embodiment depicting mappings of real information and virtual information for an entity is depicted and described with respect to FIG. 2.
  • FIG. 2 depicts exemplary mappings of real information and virtual information for use in entity virtualization. As depicted in FIG. 2, an entity 201 has three sets of virtualization mapping information 210 1-210 3 (collectively, sets of virtualization mapping information 210 associated therewith. The first set of virtualization mapping information 210 1 includes a mapping of a set of real information 211 1 to a set of virtual information 212 1 for use in public communications by the entity 201. The second set of virtualization mapping information 210 2 includes a mapping of a set of real information 211 2 to three sets of virtual information 212 2A-212 2C over time for use in private communications by the entity 201. The third set of virtualization mapping information 210 3 includes a mapping of a set of real information 211 3 to three sets of virtual information 212 3A-212 3C over time for use in third-party communications by the entity 201. The sets of real information 211 1, 211 2, and 211 3 may be referred to collectively herein as sets of real information 211 and, similarly, the sets of virtual information 212 1, 212 2A-212 2C, and 212 3A-212 3C may be referred to collectively herein as sets of virtual information 212. In each of the sets of virtualization mapping information 210: (1) the set of real information 211 includes the following real information: Name, Address, Domain, ENUM, vCard, and, other types of real information as represented by <Others>, and (2) the set of virtual information 212 includes the following virtual information that is mapped to the real information: vName, vAddress, vDomain, vENUM, vvCard, and other types of virtual information as represented by <Others>.
  • Returning now to FIG. 1, it will be appreciated that, as described herein, the virtualization entity 110 provides virtualization functions for individuals or institutions, including generation of mappings of real information and virtual information for use in individual virtualization or institution virtualization.
  • The virtualization entity 110 includes a virtualization management system 112 and a virtualization mappings database 114. The virtualization management system 112 is configured to provide various virtualization functions as depicted and described herein. The virtualization mappings database 114 is configured to maintain virtualization mapping information that is generated by virtualization management system 112.
  • The virtualization management system 112 may be configured to receive and process requests for assignment of virtual information based on real information. The virtualization management system 112 receives a virtual information assignment request from an entity (e.g., from individual 120 or institution 130). The virtual information assignment request is a request by the entity for the virtualization management system 112 to assign virtual information corresponding to associated real information of the entity. The real information may be provided to the virtualization management system 112 at any suitable time (e.g., prior to sending of the request or as part of the request). The virtualization management system 112 generates virtual information for the real information. The virtualization management system 112 provides virtualization mapping information including a mapping of the virtual information to the real information. The virtualization management system 112 may maintain the virtualization mapping information locally within the virtualization entity 110 (illustratively, using virtual mappings database 114), propagate the virtualization mapping information toward the requesting entity (as depicted in FIG. 1 for both individual 120 and institution 130), or the like, as well as various combinations thereof.
  • The virtualization management system 112 may be configured to provide virtualization mapping information of an entity to one or more devices adapted to use the virtualization mapping information in order to provide virtualization functions for the entity. For example, virtualization management system 112 may be configured to provide virtualization mapping information of an entity to a device for use by the device in performing virtualization conversions from real information to virtual information or from virtual information to real information (where it will be appreciated that the virtualization mapping information may be provided to the device for storage at the device for later use by the device in performing virtualization conversions or may be provided to the device on demand in response to a request from the device when the device needs to perform a virtualization conversion). An exemplary embodiment is depicted and described with respect to FIG. 3.
  • The virtualization management system 112 may be configured to provide various other virtualization functions as depicted and described herein.
  • FIG. 3 depicts an exemplary system illustrating use of virtualization mapping information to provide secure communications.
  • As depicted in FIG. 3, system 300 includes virtualization entity 110, a pair of communication endpoints 310 (including a communication source 310 A and a communication destination 310 Z), and a pair of virtualization endpoints 320 (including a virtualization source 320 A and a virtualization destination 320 Z), and a communication network 330. The virtualization endpoints 320 are configured to communicate with virtualization entity 110 and with each other via the communication network 330.
  • The communication endpoints 310 are endpoints of a communication transaction to be secured using virtual information of an entity. The communication source 310 A may be a user device or a network device and, similarly, the communication destination 310 Z may be a user device or a network device. It will be appreciated that user devices may include desktop computers, laptop computers, tablet computers, landline telephones, cellular phones, smart phones, or the like. It will be appreciated that network devices may include servers, databases, virtual machines, or the like. For example, for a case in which the communication transaction is a voice call, the communication endpoints 310 each may be user devices (e.g., a smart phone and a landline phone, a pair of smartphones or the like). For example, for the case in which the communication transaction is an email, the communication endpoints 310 each may be user devices (e.g., a pair of computers, a computer and a smart phone, or the like. For example, for the case in which the communication transaction is a web browsing session, the communication source 310 A may be a user device and the communication destination 310 Z may be a web server. For example, for the case in which the communication transaction is a network data push, the communication source 310 A may be a network device and the communication destination 310 Z may be a user device.
  • The virtualization endpoints 320 are configured to secure a communication transaction between communication source 310 A and communication destination 310 Z (or at least a portion of the path between communication source 310 A and communication destination 310 Z, depending on deployment of the virtualization endpoints 320). The virtualization endpoints 320 secure the communication transaction between communication source 310 A and communication destination 310 Z by using virtual information in place of real information for the communication transaction between the virtualization endpoints 320.
  • The virtualization source 320 A is configured to receive an original (unsecured) communication transaction from communication source 310 A. The virtualization source 320 A is configured to modify the unsecured communication transaction by removing real information and including virtual information associated with the real information, thereby providing a secured communication transaction. The virtualization source 320 A receives the virtual information from virtualization entity 110. The virtualization source 320 A may receive the virtual information from the virtualization entity 110 prior to the time at which the communication transaction is executed and store the virtual information locally (e.g., using a virtualization source database 321 A) such that the virtualization source 320 A may retrieve the virtual information locally at the time of the communication transaction and modify the communication transaction to include the virtual information. The virtualization source 320 A may be configured to request and receive the virtual information from virtualization entity 110 based on detection of the communication transaction and then modify the communication transaction to include virtual information.
  • The virtualization source 320 A is configured to propagate the communication transaction toward the virtualization destination 320 Z.
  • The virtualization destination 320 Z is configured to receive a secured communication transaction from virtualization source 320 A. The virtualization destination 320 Z is configured to modify the secured communication transaction by remove the virtual information added to the unsecured communication transaction by virtualization source 320 A and adding the real information removed from the unsecured communication transaction by virtualization source 320 A, thereby recovering the original (unsecured) communication transaction. The virtualization destination 320 Z, like the virtualization source 320 A, receives the virtual information from virtualization entity 110. The virtualization destination 320 Z may receive the virtual information from the virtualization entity 110 prior to the time at which the communication transaction is executed and store the virtual information locally (e.g., using a virtualization destination database 321 Z) such that the virtualization destination 320 Z may retrieve the virtual information locally at the time of the communication transaction and modify the communication transaction to remove the virtual information (and, optionally, to include associated real information). The virtualization destination 320 Z may be configured to request and receive the virtual information from virtualization entity 110 based on detection of the communication transaction and then modify the communication transaction to remove the virtual information (and, optionally, to include associated real information). The virtualization source 320 A is configured to propagate the communication transaction toward the communication destination 310 Z.
  • The virtualization endpoints 320 may use virtual information that includes one or both of virtual information associated with an entity that is using communication source 310 A and virtual information associated with an entity that is using communication destination 320 A (although, in at least some embodiments, it is more likely that virtualization endpoints 320 will use virtual information that is associated with an entity using communication source 310 A when the communication transaction is being provided in a direction from the communication source 310 A toward the communication destination 310 Z.
  • The virtualization endpoints 320 each may be deployed at any suitable location between communication source 310 A and communication destination 310 Z (e.g., within a local network with which the communication endpoint 310 is associated, within a communication network of a communications service provider, or the like). It will be appreciated that, although not depicted and described with respect to FIG. 3, a virtualization endpoint 320 also may be included within its associated communication endpoint 310 (e.g., as a secure communication agent or module within a user device or network device).
  • In at least some embodiments, virtualization capabilities may be used to provide ENUM virtualization. Exemplary embodiments of ENUM virtualization are depicted and described with respect to FIGS. 4-11.
  • FIG. 4 depicts an exemplary embodiment of ENUM virtualization in which user ENUM virtualization is supported.
  • As depicted in FIG. 4, communication system 400 includes a first SIP client 410 A associated with a first SIP Proxy 420 A and a second SIP client 410 B associated with a second SIP Proxy 420 B. The communication system 400 also includes: (1) an ENUM/DNS server 430 associated with first SIP Proxy 420 A, and a first Virtualization Server 450 A associated with ENUM/DNS server 430 and (2) a second Virtualization Server 450 B associated with second SIP Proxy 420 B. The first SIP Proxy 420 A and second SIP Proxy 420 B are configured to communicate via a communication network (e.g., the Internet).
  • As further depicted in FIG. 4, communication system 400 includes various types of real and virtual information. The second SIP client 410 B has a telephone number (e.g., x-xxx-xxx-xxxx) associated therewith. The second SIP client 410 B also has a real SIP name and a real SIP domain (e.g., sip:name@domain.com) associated therewith. The ENUM/DNS server 430 stores a mapping of the telephone number of second SIP client 410 B to the real SIP name and real SIP domain of second SIP client 410 B. The first Virtualization Server 450 A and second Virtualization Server 450 B each have access to virtualization mapping information for second SIP client 410 B that includes a mapping of the real SIP name and real SIP domain of second SIP client 410 B to a virtual SIP name and a virtual SIP domain (e.g., sip:v-name@v-domain) assigned for the second SIP client 410 B.
  • The communication system 400 is configured to support user ENUM virtualization. The communication system 400 is configured to support a user ENUM/SIP call flow (in which the ENUM query is initiated by first SIP client 410 A) adapted to provide user ENUM virtualization. At step 461, a caller associated with first SIP client 410 A dials the telephone number associated with the second SIP client 410 B, and a message is routed from first SIP client 410 A to first SIP Proxy 420 A. At step 462, first SIP Proxy 420 A (e.g., operating as a proxy UAC for the first SIP client 510 A) queries the ENUM/DNS server 430 for the location of the second SIP client 410 B based on the telephone number associated with the second SIP client 410 B. At step 463, the ENUM/DNS server 430 returns a NAPTR record (including a virtual SIP URL, e.g., sip:v-name@v-domain.com) to the first SIP Proxy 420 A, where the ENUM/DNS server 430 generates the NAPTR record by using the telephone number associated with the second SIP client 410 B to retrieve the real SIP URL associated with the second SIP client 410 B via an ENUM/DNS lookup at ENUM/DNS server 430, querying the first Virtualization Server 450 A using the real SIP URL associated with the second SIP client 410 B to obtain the virtual SIP URL that is mapped to the real SIP URL for the second SIP client 410 B, and including the virtual SIP URL associated with the second SIP client 410 B (rather than the real SIP URL associated with the second SIP client 410 B) in the NAPTR record. At step 464, first SIP Proxy 420 A (e.g., operating as a proxy UAC for the first SIP client 510 A) initiates connection of the call to second client device 410 B using the virtual SIP URL by propagating a SIP call request message (which includes the virtual SIP URL) from first SIP Proxy 420 A to second SIP Proxy 420 B. At step 465, the second SIP Proxy 520 B queries the second Virtualization Server 450 B associated with second SIP Proxy 420 B using the virtual SIP URL associated with second client device 510 B to obtain the real SIP URL associated with the second client device 410 B. At step 466, the second Virtualization Server 450 B associated with the second SIP Proxy 420 B returns a NAPTR record (including the real SIP URL, e.g., sip:name@domain.com) to second SIP Proxy 420 B, where the second Virtualization Server 450 B generates the NAPTR record by using the virtual SIP URL as a key into virtualization mapping information associated with the second SIP client 410 B in order to obtain the real SIP URL associated with the second SIP client 410 B. At step 467, the second SIP Proxy 420 B sends a call setup message to second SIP client 410 B using the real SIP URL. In this manner, the real SIP URL of second SIP client 410 B is hidden for the length of the communication path between first SIP proxy 420 A and second SIP Proxy 420 B.
  • FIG. 5 depicts an exemplary embodiment of ENUM virtualization in which user ENUM virtualization is supported.
  • As depicted in FIG. 5, communication system 500 includes a first SIP client 510 A associated with a first SIP Proxy 520 A and a second SIP client 510 B associated with a second SIP Proxy 520 B. The communication system 500 also includes: (1) an ENUM/DNS server 530 associated with first SIP Proxy 520 A, an ENUM database 540 associated with ENUM/DNS server 530, and a first Virtualization Server 550 A associated with ENUM/DNS server 530 and (2) a second Virtualization Server 550 B associated with second SIP Proxy 520 B. The first SIP Proxy 520 A and second SIP Proxy 520 B are configured to communicate via a communication network (e.g., the Internet).
  • As further depicted in FIG. 5, communication system 500 includes various types of real and virtual information. The second SIP client 510 B has a telephone number (e.g., x-xxx-xxx-xxxx) associated therewith. The second SIP client 510 B also has a real SIP name and a real SIP domain (e.g., sip:name@domain.com) associated therewith. The ENUM/DNS server 530 stores a mapping of the telephone number of second SIP client 510 B to the real SIP name and real SIP domain of second SIP client 510 B. The first Virtualization Server 550 A and second Virtualization Server 550 B each have access to virtualization mapping information for second SIP client 510 B that includes a mapping of the real SIP name and real SIP domain of second SIP client 510 B to a virtual SIP name and a virtual SIP domain (e.g., sip:v-name@v-domain) assigned for the second SIP client 510 B.
  • The communication system 500 is configured to support user ENUM virtualization. The communication system 500 is configured to support a user ENUM/SIP call flow (in which the ENUM query is initiated by first SIP client 510 A) adapted to provide user ENUM virtualization. At step 561, a caller associated with first SIP client 510 A dials the telephone number associated with the second SIP client 510 B. At step 562, first SIP client 510 A (e.g., a UAC of first SIP client 510 A) queries the ENUM/DNS server 530 for the location of the second SIP client 510 B based on the telephone number associated with the second SIP client 510 B. At step 563, the ENUM/DNS server 530 returns a NAPTR record (including a virtual SIP URL, e.g., sip:v-name@v-domain.com) to the first SIP client 510 A, where the ENUM/DNS server 530 generates the NAPTR record by using the telephone number associated with the second SIP client 510 B to retrieve the real SIP URL associated with the second SIP client 510 B via an ENUM/DNS lookup at ENUM/DNS server 530, querying the first Virtualization Server 550 A using the real SIP URL associated with the second SIP client 510 B to obtain the virtual SIP URL that is mapped to the real SIP URL for the second SIP client 510 B, and including the virtual SIP URL associated with the second SIP client 510 B (rather than the real SIP URL associated with the second SIP client 510 B) in the NAPTR record. At step 564, the first SIP client 510 A (e.g., a UAC of the first SIP client 510 A) initiates a call to second client device 510 B using the virtual SIP URL. The SIP call request message is propagated from first SIP client 510 A to first SIP Proxy 520 A and from SIP Proxy 520 A to second SIP Proxy 520 B. At step 565, the second SIP Proxy 520 B queries the second Virtualization Server 550 B associated with second SIP Proxy 520 B using the virtual SIP URL associated with second client device 510 B to obtain the real SIP URL associated with second client device 510 B. At step 566, the second Virtualization Server 550 B associated with second SIP Proxy 520 B returns a NAPTR record (including the real SIP URL, e.g., sip:name@domain.com) to second SIP Proxy 520 B, where the second Virtualization Server 550 B generates the NAPTR record by using the virtual SIP URL as a key into virtualization mapping information associated with the second SIP client 510 B in order to obtain the real SIP URL associated with the second SIP client 510 B. At step 567, the second SIP Proxy 520 B sends a call setup message to second SIP client 510 B using the real SIP URL. In this manner, the real SIP URL of second SIP client 510 B is hidden for the length of the communication path between first SIP client 510 A and second SIP Proxy 520 B.
  • FIG. 6 depicts an exemplary embodiment of ENUM virtualization in which infrastructure ENUM virtualization is supported.
  • As depicted in FIG. 6, communication system 600 includes a first SIP client 610 A (denoted as SIP client A) associated with a first carrier network 620 A (denoted as carrier A) and a second SIP client 610 B (denoted as SIP client B) associated with a second carrier network 620 B (denoted as Carrier B). The communication system 600 also includes: (1) a first Virtualization Server 650 A associated with first carrier network 620 A; (2) a second Virtualization Server 650 B associated with second carrier network 620 B, and (3) an ENUM/DNS server 630, associated with first carrier network 620 A and second carrier network 620 B, an Infrastructure ENUM (I-ENUM) database 640 associated with ENUM/DNS server 630 I, and a third Virtualization Server 650 I associated with ENUM/DNS server 630 I.
  • The first carrier network 620 A includes a SIP PBX 621 (to which the first SIP client 610 A is connected) configured to communicate at least with ENUM/DNS server 630 I. The second carrier network 720 B includes a SIP Proxy 622. The first carrier network 620 A and second carrier network 620 B include pluralities of interconnected communication elements 623 supporting communication between first SIP client 610 A and second SIP client 610 B (as well as between various other elements depicted and described with respect to FIG. 6). As depicted in FIG. 6, a communication path 660 between first SIP client 610 A and second SIP client 610 B includes SIP PBX 621 and SIP Proxy 622.
  • The communication system 600 is configured to support I-ENUM virtualization.
  • In at least some embodiments of I-ENUM virtualization, one or more service providers may selectively announce to one or more other service providers a set of interconnection points for service termination. The interconnection points may be virtualized using a federated Virtualization Service at the I-ENUM location. The virtualization of interconnection points in this manner may be used to ensure that only the source carrier and the destination carrier are able to know the origination and destination of the I-ENUM.
  • In at least some embodiments, I-ENUM virtualization may be provided by (1) having a service provider announce, in some I-ENUM DNS domain, the virtualized E.164 number block for which the service provider is the service provider of record, (2) having the service provider populate its DNS zone with a description(s) of the services that the service provider is willing to terminate, and (3) having the service provider nominate the IP interconnection points (e.g., URIs or the like) that perform service termination in the network of the terminating service provider.
  • It will be appreciated that I-ENUM virtualization may utilize virtualization technology that is the same as or at least similar to virtualization technology utilized for user ENUM virtualization (e.g., as depicted and described with respect to FIG. 5); however, in I-ENUM virtualization the service providers are attempting to undertake the virtualized discovery and termination operation relative to the terminating service provider (rather than relative to the end user as in user ENUM virtualization). Thus, in at least some embodiments of I-ENUM virtualization, the operations that are performed are similar to operations performed for user ENUM virtualization, but translated into a service provider context. In at least some embodiments, for example, such operations may include identifying the service being requested, (2) performing a lookup for the called virtualized E.164 number in the I-ENUM DNS domain, selecting the virtualized URI of the terminating carrier for a compatible terminating service entry that is published against an enclosing virtualized number block entry, and completing the call request using the virtualized service interconnection point.
  • FIG. 7 depicts an exemplary embodiment of ENUM virtualization in which private ENUM virtualization is supported.
  • As depicted in FIG. 7, communication system 700 includes a first SIP client 710 A (denoted as SIP client A) associated with a first carrier network 720 A (denoted as carrier A) and a second SIP client 710 B (denoted as SIP client B) associated with a second carrier network 720 B (denoted as Carrier B). The communication system 700 also includes: (1) a first ENUM/DNS server 730 A associated with first carrier network 720 A, a first Private ENUM (P-ENUM) database 740 A associated with first ENUM/DNS server 730 A, and a first Virtualization Server 750 A associated with first ENUM/DNS server 730 A; (2) a second ENUM/DNS server 730 B associated with second carrier network 720 B, a second Private ENUM (P-ENUM) database 740 B associated with second ENUM/DNS server 730 B, and a second Virtualization Server 750 B associated with second ENUM/DNS server 730 B; and (3) a third ENUM/DNS server 730, associated with first carrier network 720 A and second carrier network 720 B, an Infrastructure ENUM (I-ENUM) database 740, associated with third ENUM/DNS server 730 I, and a third Virtualization Server 750 I associated with third ENUM/DNS server 730 I.
  • The first carrier network 720 A includes a SIP PBX 721 (to which the first SIP client 710 A is connected) configured to communicate at least with first ENUM/DNS server 730 A and third ENUM/DNS server 730 I. The second carrier network 720 B includes a SIP Proxy 722 configured to communicate at least with second ENUM/DNS server 730 B. The first carrier network 720 A and second carrier network 720 B include pluralities of interconnected communication elements 723 supporting communication between first SIP client 710 A and second SIP client 710 B (as well as between various other elements depicted and described with respect to FIG. 7). As depicted in FIG. 7, a communication path 760 between first SIP client 710 A and second SIP client 710 B includes SIP PBX 721 and SIP Proxy 722.
  • The communication system 700 is configured to support private ENUM virtualization. As depicted and described with respect to FIG. 6, I-ENUM virtualization identifies the service provider of record where the business relationship between service providers is securely encapsulated via virtualization. However, if there is no business relationship between service providers, then direct interconnection is not possible where the service providers use virtualized private ENUMS. Thus, in at least some embodiments, private ENUM virtualization may be used translate a virtualized E.164 number into a virtualized URI, and I-ENUM virtualization may then be used to interconnect the virtualized private ENUMs.
  • FIG. 8 depicts an exemplary embodiment of ENUM virtualization in which enterprise ENUM virtualization is supported.
  • As depicted in FIG. 8, communication system 800 includes three SIP clients 810 as follows: (1) a first SIP client 810 A1 (denoted as SIP client A1) and a second SIP client 810 A2 (denoted as SIP client A2) associated with a first carrier network 820 A (denoted as carrier A) and (2) a third SIP client 810 B (denoted as SIP client B) associated with a second carrier network 820 B (denoted as Carrier B). The communication system 900 also includes an ENUM/DNS server 830, an ENUM database 840 associated with ENUM/DNS server 830, and a Virtualization Server 850 associated with ENUM/DNS server 830.
  • The first carrier network 820 A includes a SIP PBX 821 (to which the first SIP client 810 A1 is connected) configured to communicate at least with the ENUM/DNS server 830. The second carrier network 820 B includes a SIP Proxy 822 configured to communicate at least with third SIP client 810 B and ENUM/DNS server 830. The first carrier network 820 A and second carrier network 820 B include pluralities of interconnected communication elements 823 supporting communication between the SIP clients 810 (as well as between various other elements depicted and described with respect to FIG. 8).
  • The communication system 800 is configured to support various forms of enterprise ENUM virtualization.
  • In at least some embodiments, communication system 800 is configured to support private ENUM virtualization within the enterprise context (e.g., supporting internal translation from E.164 to SIP URI). This is denoted in FIG. 8 by element number 891. The use of private ENUM virtualization may be better understood by way of reference to FIG. 7.
  • In at least some embodiments, communication system 800 is configured to support I-ENUM virtualization within the enterprise context (e.g., supporting internal translation from E.164 to SIP URI). This is denoted in FIG. 8 by element number 892. The use of I-ENUM virtualization may be better understood by way of reference to FIG. 6.
  • In at least some embodiments, communication system 1000 is configured to support public ENUM virtualization within the enterprise context (e.g., supporting internal translation from E.164 to SIP URI). This is denoted in FIG. 8 by element number 893.
  • The communication system 800 may be configured to support various other forms of enterprise ENUM virtualization.
  • FIG. 9 depicts an exemplary embodiment of ENUM virtualization in which vCard ENUM virtualization is supported.
  • As depicted in FIG. 9, communication system 900 includes a first SIP client 910 A (denoted as SIP client A) associated with a first carrier network 920 A (denoted as carrier A) and a second SIP client 910 B (denoted as SIP client B) associated with a second carrier network 920 B (denoted as Carrier B). The communication system 900 also includes an ENUM/DNS server 930, a Private ENUM (P-ENUM) database 940 associated with ENUM/DNS server 930, and a Virtualization Server 950 associated with ENUM/DNS server 930. The communication system 900 also includes a vCard server 960, a vCard database 970 associated with vCard server 960, and a Virtualization Server 980 associated with vCard server 960.
  • The first carrier network 920 A includes a SIP PBX 921 (to which the first SIP client 910 A is connected). The second carrier network 920 B includes a SIP Proxy 922 configured to communicate at least with second SIP client 910 B, ENUM/DNS server 930, and vCard server 960. The first carrier network 920 A and second carrier network 920 B include pluralities of interconnected communication elements 923 supporting communication between first SIP client 910 A and second SIP client 910 B (as well as between various other elements depicted and described with respect to FIG. 9). As depicted in FIG. 10, a communication path 990 between first SIP client 910 A and second SIP client 910 B includes SIP PBX 921 and SIP Proxy 922.
  • The communication system 900 is configured to support vCard ENUM virtualization. The use of vCard ENUM virtualization may be better understood by way of reference to FIG. 5.
  • FIG. 10 depicts an exemplary embodiment of ENUM virtualization in which Calling Name (CNAM) ENUM virtualization is supported.
  • As depicted in FIG. 10, a communication system 1000 includes a first SIP client 1010 A (denoted as SIP client A) associated with a first carrier network 1020 A (denoted as carrier A) and a second SIP client 1010 B (denoted as SIP client B) associated with a second carrier network 1020 B (denoted as Carrier B). The communication system 1000 also includes an ENUM/DNS server 1030, a Private ENUM (P-ENUM) database 1040 associated with ENUM/DNS server 1030, and a Virtualization Server 1050 associated with ENUM/DNS server 1030.
  • The first carrier network 1020 A includes a SIP PBX 1021 (to which the first SIP client 1010 A is connected). The second carrier network 1020 B includes a SIP Proxy 1022 configured to communicate at least with second SIP client 1010 B and ENUM/DNS server 1030. The first carrier network 1020 A and second carrier network 1020 B include pluralities of interconnected communication elements 1023 supporting communication between first SIP client 1010 A and second SIP client 1010 B (as well as between various other elements depicted and described with respect to FIG. 9). As depicted in FIG. 9, a communication path 1060 between first SIP client 1010 A and second SIP client 1010 B includes SIP PBX 1021 and SIP Proxy 1022.
  • The communication system 1000 is configured to support CNAM ENUM virtualization. The communication system 1000 is configured to support a query on the originating E.164 number of the first SIP client 1010 A in order to determine the Calling Name (CNAM) of the user associated with first SIP client 1010 A. The second SIP client 1010 B generates a query request. The second SIP client 1010 B sends a query request to SIP Proxy 1022. The SIP Proxy 1022 propagates the query request to ENUM/DNS server 130. The ENUM/DNS server 130 propagates the query request to Virtualization Server 1050. The Virtualization Server 1050 determines the CNAM of the user associated with first SIP client 1010 A. The Virtualization Server 1050 generates a query response including the CNAM of the user associated with first SIP client 1010 A. The Virtualization Server 1050 propagates the query response to the ENUM/DNS server 130. The ENUM/DNS server 1030 propagates the query response to the SIP Proxy 1022. The SIP Proxy 1022 propagates the query response to the second SIP client 1010 B.
  • As will be appreciated at least from the various ENUM virtualization embodiments depicted and described with respect to FIGS. 4-10, ENUM virtualization may be used to provide security for one or more of access (e.g., secure public DNS, secure private DNS, or the like), content (e.g., user URI, interconnection URI, or the like), control of content (e.g., secure user opt-in and control, secure carrier control, or the like), routing decisions (e.g., secure originating user, terminating user, carrier, or the like), or the like, as well as various combinations thereof.
  • In at least some embodiments, virtualization capabilities may be used to provide online retail virtualization. Exemplary embodiments of online retail virtualization are depicted and described with respect to FIGS. 11-12.
  • FIG. 11 depicts an exemplary embodiment of user virtualization for an online transaction.
  • As depicted in FIG. 11, a communication system 1100 includes a user device 1110, online transaction server 1120, a parcel processing center 1130, a virtualization entity 1140, and a communication network 1150. The user device 1110, the online transaction server 1120, the parcel processing center 1130, and the virtualization entity 1140 each are configured to communicate with the communication network 1150.
  • The user device 1110 is a communication device of a user 1102, where the user has a real name and a real address (e.g., home address, mailing address, or the like, which, illustratively, is associated with a location 1103) associated therewith. The user device 1110 is configured to enable the user to browse for products and services online and to place orders for products and services online (illustratively, from online transaction server 1120). For example, user device 1110 may be a desktop computer, a laptop computer, a tablet computer, a smartphone, or the like.
  • The online transaction server 1120 is operated by an entity. The online transaction server 1120 hosts a website via which users may browse products offered by the entity and place orders for products offered by the entity.
  • The parcel processing center 1130 is operated by a parcel carrier which is capable of delivering parcels. The parcel processing center 1130 may include one or more network-based systems which may be configured to perform functions such as managing parcel deliveries, enabling third parties to track parcel deliveries, obtaining virtualization mapping information from virtual entity 1140, or the like, as well as various combinations thereof.
  • The virtualization entity 1140 is configured to assign and maintain virtualization mapping information for individuals and institutions. The virtualization mapping information for user 1102 includes: (1) a mapping of a real name of the user 1102 to a virtual name for the user 1102 (e.g., a fake name, a numeric or alphanumeric identifier, or the like) and (2) a mapping of a real address of the user 1102 (associated with location 1103) to a virtual address for the user 1102 (e.g., a fake address, a numeric or alphanumeric identifier, or the like). For example, the virtualization entity 1140 may be implemented as depicted and described with respect to virtualization entity 110 of FIG. 1.
  • The operation of the system 1100 in providing user virtualization for an online transaction may be better understood by considering an example in which user 1102 of user device 1110 orders a product from the entity that is operating online transaction server 1120 and the product is delivered to the user 1102, at location 1103, by the parcel carrier that is operating parcel processing center 1130. The user 1102 uses the user device 1110 to access a website hosted by online transaction server 1120. The user 1102 browses for various products available via the website. The user 1102 decides to order one of the products listed on the website, and begins a checkout process. During the checkout process, rather than providing the real information for the user 1102 (e.g., the real name and real address of the user 1102), the virtual information for the user 1102 (e.g., the virtual name and virtual address of the user 1102) are provided to online transaction server 1120. The virtual name and virtual address of the user may be entered by the user 1102 during the checkout process, may be automatically entered by user device 1110 during the checkout process, may be added to the order by the user device 1110 after the checkout process is complete but before the order is propagated toward online transaction server 1120 (e.g., where the user 1102 enters the real name and real address of the user 1102 during checkout, and the real information of the user 1102 is replaced by the corresponding virtual information of the user 1102 before the order is propagated toward online transaction server 1120). The entity which is operating the online transaction server 1120 receives and processes the order for the product, packages the product for shipping (including specification of the virtual name and virtual address of the user 1102, as provided in the order received from user device 1110, for use in delivering the product to the user 1102), and provides the product to the parcel processing center 1130. The parcel processing center 1130 uses virtualization mapping information associated with the user 1102 to determine the real name and real address of the user 1102 based on the virtual name and virtual address of the user 1102 that is received from the entity that is operating online transaction server 1120. The parcel processing center 1130 may perform the reverse mapping from the virtual information of the user 1102 to the real information of the user 1102 locally (e.g., where the parcel processing center 1130 previously received virtualization mapping information for the user 1102 from the virtualization entity 1140) or by initiating a request to the virtualization entity 1140 (e.g., a request for the virtualization mapping information for the user 1102 so that the parcel processing center 1130 can determine the real information based on the virtual information, a request for the real information for the user 1102 where the parcel processing center 1130 sends the virtual information for the user 1102 to the virtualization entity 1140 such that virtualization entity 1140 may determine the real information associated with the virtual information and may return the real information to the parcel processing center 1130, or the like). The parcel carrier which is operating parcel processing center 1130 may then deliver the product to the user 1102 at the location 1103 based on the real name and real address of the user 1102 (where, it will be appreciated, the real address of the user 1102 specifies the location 1103). In this manner, use of the virtual information of the user 1102 rather than the real information of the user 1102 prevents the entity which is operating online transaction server 1120, as well as any entity which may have access to communications between user device 1110 and online transaction server 1120, from gaining access to the real information of the user 1102. This provides significant protection for the real information of the user 1102.
  • It will be appreciated that, although primarily depicted and described individually, the various security mechanisms depicted and described herein also may be used in various combinations.
  • It will be appreciated that, although primarily depicted and described within the context of providing virtualization for a single individual, virtualization may be provided for a group of individuals (e.g., member of a family, a group of friends, or the like). Similarly, It will be appreciated that, although primarily depicted and described within the context of providing virtualization for a single institution, virtualization may be provided for a group of institutions (e.g., a group of companies, a group of educational institutions, or the like).
  • FIG. 12 depicts a high-level block diagram of a computer suitable for use in performing functions described herein.
  • As depicted in FIG. 12, computer 1200 includes a processor element 1202 (e.g., a central processing unit (CPU) and/or other suitable processor(s)) and a memory 1204 (e.g., random access memory (RAM), read only memory (ROM), and the like).
  • The computer 1200 also may include a cooperating module/process 1205. In one embodiment, the cooperating process 1205 can be loaded into memory 1204 and executed by the processor 1202 to implement functions as discussed herein. Thus, cooperating process 1205 (including associated data structures) can be stored on a computer readable storage medium, e.g., RAM memory, magnetic or optical drive or diskette, and the like.
  • The computer 1200 also may include one or more input/output devices 1206 (e.g., a user input device (such as a keyboard, a keypad, a mouse, and the like), a user output device (such as a display, a speaker, and the like), an input port, an output port, a receiver, a transmitter, and storage devices (e.g., a tape drive, a floppy drive, a hard disk drive, a compact disk drive, and the like)).
  • It will be appreciated that computer 1200 depicted in FIG. 12 provides a general architecture and functionality suitable for implementing functional elements described herein and/or portions of functional elements described herein.
  • It will be appreciated that the functions depicted and described herein may be implemented in hardware or a combination of software and hardware, e.g., using a general purpose computer, via execution of software on a general purpose computer so as to provide a special purpose computer, using one or more application specific integrated circuits (ASICs) or any other hardware equivalents, or the like, as well as various combinations thereof.
  • It will be appreciated that at least some of the method steps discussed herein may be implemented within hardware, for example, as circuitry that cooperates with the processor to perform various method steps. Portions of the functions/elements described herein may be implemented as a computer program product wherein computer instructions, when processed by a computer, adapt the operation of the computer such that the methods or techniques described herein are invoked or otherwise provided. Instructions for invoking the inventive methods may be stored in fixed or removable media, transmitted via a data stream in a broadcast or other signal bearing medium, or stored within a memory within a computing device operating according to the instructions.
  • It will be appreciated that the term “or” as used herein refers to a non-exclusive “or,” unless otherwise indicated (e.g., “or else” or “or in the alternative”).
  • It will be appreciated that, while the foregoing is directed to various embodiments of features present herein, other and further embodiments may be devised without departing from the basic scope thereof.

Claims (20)

What is claimed is:
1. An apparatus, comprising:
a memory configured to store a mapping of a real identity of an entity to a virtual identity of the entity, wherein the real identity comprises real information associated with the entity and the virtual identity comprises virtual information associated with the entity, wherein the entity comprises an individual or an institution; and
a processor communicatively connected to the memory, the processor configured to:
receive a communication for the entity, the communication for the entity comprising at least a portion of the real information associated with the entity; and
process the communication for the entity using at least a portion of the virtual information from the virtual identity of the entity.
2. The apparatus of claim 1, wherein the processor is configured to:
receive new real information associated with the entity; and
update at least a portion of the real information based on the new real information.
3. The apparatus of claim 1, wherein the processor is configured to:
receive new virtual information associated with the entity; and
update at least a portion of the virtual information based on the new virtual information.
4. The apparatus of claim 1, wherein the processor is configured to:
receive a request for generation of new virtual information associated with the entity;
generate the new virtual information for the entity; and
update at least a portion of the virtual information based on the new virtual information.
5. The apparatus of claim 1, wherein the processor is configured to:
monitor a timer associated with the virtual information; and
invalidate at least a portion of the virtual information based on a determination that an indication of a renewal of the virtual information is not received before expiration of the timer.
6. The apparatus of claim 1, wherein the processor is configured to:
generate or modify at least a portion of the virtual information dynamically based on receipt of the communication for the entity.
7. The apparatus of claim 1, wherein the processor is configured to:
generate, modify, or invalidate at least a portion of the virtual information based on detection of at least one trigger condition associated with the virtual information.
8. The apparatus of claim 7, wherein the at least one trigger condition comprises at least one of a temporal trigger, an event-based trigger, a context-based trigger, or a location-based trigger.
9. The apparatus of claim 1, wherein the processor is configured to:
propagate at least a portion of the real information or at least a portion of the virtual information toward a device based on validation of credentials received from the device.
10. The apparatus of claim 1, wherein the mapping is a first mapping of a first real identity of the entity to a first virtual identity of the entity, wherein the processor is configured to:
generate a second mapping of the first real identity of the entity or a second real identity of the entity to a second virtual identity of the entity.
11. The apparatus of claim 1, wherein the mapping is a first mapping of the real identity of the entity to a first virtual identity of the entity, wherein the memory is configured to store a second mapping of the real identity of the entity to a second virtual identity of the entity, wherein the processor is configured to:
select the first mapping for use in processing the communication for the entity based on at least a portion of the real information included in the communication for the entity.
12. The apparatus of claim 1, wherein the real information comprises at least one of a real name of the entity, a real address of the entity, a real domain of the entity, a real ENUM identifier associated with the entity, or a real vCard associated with the entity.
13. The apparatus of claim 1, wherein the virtual information comprises at least one of a virtual name of the entity, a virtual address of the entity, a virtual domain of the entity, a virtual ENUM identifier associated with the entity, or a virtual vCard associated with the entity.
14. The apparatus of claim 1, wherein the communication comprises an order, wherein the real information included in the communication comprises a real name and a real mailing address, wherein the virtual information used for processing the communication comprises a virtual name and a virtual mailing address.
15. The apparatus of claim 1, wherein the communication is an ENUM-based communication, wherein the real information included in the communication comprises a real ENUM identifier, wherein the virtual information used for processing the communication comprises a virtual ENUM identifier.
16. The apparatus of claim 15, wherein the ENUM-based communication is associated with at least one of user ENUM virtualization, infrastructure ENUM virtualization, private ENUM virtualization, enterprise ENUM virtualization, vCard ENUM virtualization, or Calling Name (CNAM) ENUM virtualization.
17. The apparatus of claim 15, wherein the processor is configured to:
identify a service associated with the communication of the entity;
perform a lookup for a called virtualized E.164 number in an ENUM Domain Name Server (DNS) domain;
select a virtualized Uniform Resource Identifier (URI) of a terminating carrier for a compatible terminating service entry that is published against an enclosing virtualized number block entry; and
initiate completion of the call request based on a virtualized service interconnection point.
18. The apparatus of claim 1, wherein the communication comprises a vCard-based communication, wherein the real information included in the communication comprises a real vCard of the individual, wherein the virtual information used for processing the communication comprises a virtual vCard of the individual.
19. A computer-readable storage medium storing instructions which, when executed by a computer, cause the computer to perform a method, the method comprising:
maintaining a mapping of a real identity of an entity to a virtual identity of the entity, wherein the real identity comprises real information associated with the entity and the virtual identity comprises virtual information associated with the entity, wherein the entity comprises an individual or an institution;
receiving a communication for the entity, the communication for the entity comprising at least a portion of the real information associated with the entity; and
processing the communication for the entity using at least a portion of the virtual information from the virtual identity of the entity.
20. A method, comprising:
using a processor and a memory for:
maintaining a mapping of a real identity of an entity to a virtual identity of the entity, wherein the real identity comprises real information associated with the entity and the virtual identity comprises virtual information associated with the entity, wherein the entity comprises an individual or an institution;
receiving a communication for the entity, the communication for the entity comprising at least a portion of the real information associated with the entity; and
processing the communication for the entity using at least a portion of the virtual information from the virtual identity of the entity.
US13/731,645 2012-03-22 2012-12-31 Individual and institution virtualization mechanisms Abandoned US20130254854A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
US13/731,645 US20130254854A1 (en) 2012-03-22 2012-12-31 Individual and institution virtualization mechanisms

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US201261614345P 2012-03-22 2012-03-22
US13/731,645 US20130254854A1 (en) 2012-03-22 2012-12-31 Individual and institution virtualization mechanisms

Publications (1)

Publication Number Publication Date
US20130254854A1 true US20130254854A1 (en) 2013-09-26

Family

ID=49213398

Family Applications (3)

Application Number Title Priority Date Filing Date
US13/427,668 Abandoned US20130254830A1 (en) 2012-03-22 2012-03-22 Apparatus and method for assuring communications of corporate users
US13/731,597 Expired - Fee Related US9621407B2 (en) 2012-03-22 2012-12-31 Apparatus and method for pattern hiding and traffic hopping
US13/731,645 Abandoned US20130254854A1 (en) 2012-03-22 2012-12-31 Individual and institution virtualization mechanisms

Family Applications Before (2)

Application Number Title Priority Date Filing Date
US13/427,668 Abandoned US20130254830A1 (en) 2012-03-22 2012-03-22 Apparatus and method for assuring communications of corporate users
US13/731,597 Expired - Fee Related US9621407B2 (en) 2012-03-22 2012-12-31 Apparatus and method for pattern hiding and traffic hopping

Country Status (1)

Country Link
US (3) US20130254830A1 (en)

Cited By (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20130295899A1 (en) * 2012-05-07 2013-11-07 Philip Lowman System and Method for Provision of a Second Line Service to a Telecommunications Device
US20150271731A1 (en) * 2008-06-05 2015-09-24 George Backhaus System and method for provision of a second line service to a telecommunications device using mixed relationship numbers
US20160021248A1 (en) * 2008-06-05 2016-01-21 George Backhaus System and method for providing a pre-populated second line service to a telecommunications device
US20160212614A1 (en) * 2012-05-07 2016-07-21 Movius Interactive Corporation Provision of additional network addressable numbers on single mobile device
US9851999B2 (en) 2015-07-30 2017-12-26 At&T Intellectual Property I, L.P. Methods, systems, and computer readable storage devices for handling virtualization of a physical telephone number mapping service
US9866521B2 (en) 2015-07-30 2018-01-09 At&T Intellectual Property L.L.P. Methods, systems, and computer readable storage devices for determining whether to forward requests from a physical telephone number mapping service server to a virtual telephone number mapping service server
US9888127B2 (en) * 2015-07-30 2018-02-06 At&T Intellectual Property I, L.P. Methods, systems, and computer readable storage devices for adjusting the use of virtual resources providing communication services based on load
US20180309732A1 (en) * 2015-10-21 2018-10-25 K Cloud Co., Ltd. System and method for securely printing mail by using virtual address
CN109040034A (en) * 2018-07-19 2018-12-18 国政通科技有限公司 Subscriber identity information processing method and processing device based on virtual information
US10245233B2 (en) 2015-02-25 2019-04-02 Technische Universiteit Delft Controlled release from particles encapsulated by molecular layer deposition
US10277736B2 (en) 2015-07-30 2019-04-30 At&T Intellectual Property I, L.P. Methods, systems, and computer readable storage devices for determining whether to handle a request for communication services by a physical telephone number mapping service or a virtual telephone number mapping service
US11429182B2 (en) * 2020-05-18 2022-08-30 Capital One Services, Llc Augmented reality virtual number generation

Families Citing this family (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2014003794A1 (en) * 2012-06-29 2014-01-03 Hewlett-Packard Development Company, L.P. Obscuring internet tendencies
CN103731342A (en) * 2014-01-25 2014-04-16 青岛英特沃克网络科技有限公司 Instant message based workflow management system and management method
DE102015104159B4 (en) * 2015-03-19 2018-05-09 Forensik.It Gmbh Selection between a real and a virtual user-specific data record for a data communication
US10083322B2 (en) * 2015-07-30 2018-09-25 International Business Machines Corporation Obscuring user web usage patterns
US9882865B1 (en) * 2016-07-01 2018-01-30 Pinger, Inc. Multiple phone numbers for mobile device
US10565266B2 (en) * 2016-09-29 2020-02-18 Konica Minolta Laboratory U.S.A., Inc. Method and system for multiple profile creation to mitigate profiling
US10237410B1 (en) 2017-04-28 2019-03-19 Pinger, Inc. Handling declined calls for alternate phone number on mobile device
US12199985B2 (en) * 2018-11-27 2025-01-14 Salesforce, Inc. Multi-modal user authorization in group-based communication systems
US11412013B2 (en) * 2019-08-07 2022-08-09 Jpmorgan Chase Bank, N.A. System and method for implementing video soft phone applications
US11290560B2 (en) * 2019-09-30 2022-03-29 Slack Technologies, Llc Group-based communication apparatus, method, and computer program product configured to manage draft messages in a group-based communication system
KR102479456B1 (en) * 2020-03-31 2022-12-21 엘지전자 주식회사 Security policy processing method and terminal for V2X
US11836443B2 (en) * 2022-01-25 2023-12-05 Microsoft Technology Licensing, Llc Populating contact information within an electronic message based on contact relationship information

Citations (25)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6061789A (en) * 1996-01-12 2000-05-09 International Business Machines Corporation Secure anonymous information exchange in a network
US20030229717A1 (en) * 2002-05-28 2003-12-11 Teague Alan H. Automated management and control of contact aliases
US20050182968A1 (en) * 2002-01-24 2005-08-18 David Izatt Intelligent firewall
US20060182103A1 (en) * 2005-02-16 2006-08-17 Phantom Technologies, Llc. System and method for routing network messages
US20060227959A1 (en) * 2005-04-12 2006-10-12 Don Mitchell Temporary enum gateway
US20070106612A1 (en) * 2004-02-26 2007-05-10 Payment Pathways, Inc. Methods and systems for identity authentication
US20080115223A1 (en) * 2006-10-31 2008-05-15 Novell, Inc. Techniques for variable security access information
US20080208611A1 (en) * 2007-02-26 2008-08-28 Krooss Kevin W Addressing method for freight, cargo and mail
US20090024636A1 (en) * 2000-03-23 2009-01-22 Dekel Shiloh Method and system for securing user identities and creating virtual users to enhance privacy on a communication network
US20090150488A1 (en) * 2007-12-07 2009-06-11 Martin-Cocher Gaelle System and method for managing multiple external identities of users with local or network based address book
US20090210714A1 (en) * 2008-01-23 2009-08-20 Sultan Haider Method for electronically signing electronic documents and method for verifying an electronic signature
US20100095337A1 (en) * 2006-01-27 2010-04-15 Robin Dua Method and system for accessing media content via the internet
US20100153285A1 (en) * 2008-06-19 2010-06-17 Anderson Mark R Integration of news into direct social communications and interactions
US20100287286A1 (en) * 2009-05-07 2010-11-11 Bustamente Michael G System and Method for Providing Sequenced Anonymous Communication Sessions Over a Network
US20100299603A1 (en) * 2009-05-22 2010-11-25 Bernard Farkas User-Customized Subject-Categorized Website Entertainment Database
US20110019661A1 (en) * 2009-07-27 2011-01-27 At&T Knowledge Ventures, L.P. Method and apparatus resolving enum data collisions
US20110216762A1 (en) * 2009-01-16 2011-09-08 Petrus Wilhelmus Adrianus Jacobus Maria Nas Methods, systems, and computer readable media for providing e.164 number mapping (enum) translation at a bearer independent call control (bicc) and/or session intiation protocol (sip) router
US20110302244A1 (en) * 2010-06-06 2011-12-08 Mccann Thomas M Methods, systems, and computer readable media for obscuring diameter node information in a communication network
US20120195235A1 (en) * 2011-02-01 2012-08-02 Telelfonaktiebolaget Lm Ericsson (Publ) Method and apparatus for specifying a user's preferred spoken language for network communication services
US20120254326A1 (en) * 2011-03-31 2012-10-04 Saravanan Bellan Method and system for advanced alias domain routing
US20120317205A1 (en) * 2011-06-10 2012-12-13 Microsoft Corporation Anonymous location-based notification
US20120330993A1 (en) * 2011-06-21 2012-12-27 International Business Machines Corporation Contact recommendation system for a user communication
US20130129066A1 (en) * 2011-11-21 2013-05-23 Cellco Partnership D/B/A Verizon Wireless System for and method of providing lata information in response to a lnp query
US8468348B1 (en) * 2009-09-01 2013-06-18 Amazon Technologies, Inc. Closed loop communication
US20140253674A1 (en) * 2011-10-21 2014-09-11 Telefonaktiebolaget L M Ericsson (Publ) Real-time communications methods providing pause and resume and related devices

Family Cites Families (22)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5961593A (en) * 1997-01-22 1999-10-05 Lucent Technologies, Inc. System and method for providing anonymous personalized browsing by a proxy system in a network
CA2225227A1 (en) * 1997-12-18 1999-06-18 Michael Coveley Intelligent communication and applications server
WO1999066385A2 (en) * 1998-06-19 1999-12-23 Sun Microsystems, Inc. Scalable proxy servers with plug in filters
US7630986B1 (en) * 1999-10-27 2009-12-08 Pinpoint, Incorporated Secure data interchange
CA2319871A1 (en) * 2000-09-15 2002-03-15 John Edward Anthony Chesko Internet privacy system
US20040139204A1 (en) * 2001-04-23 2004-07-15 Siegried Ergezinger Architecture for providing services in the internet
US20030084165A1 (en) * 2001-10-12 2003-05-01 Openwave Systems Inc. User-centric session management for client-server interaction using multiple applications and devices
JP2005506637A (en) * 2001-10-23 2005-03-03 コーニンクレッカ フィリップス エレクトロニクス エヌ ヴィ Anonymous network access method and client
US6990590B2 (en) * 2002-01-10 2006-01-24 International Business Machines Corporation Strategic internet persona assumption
US8065317B2 (en) * 2003-01-06 2011-11-22 International Business Machines Corporation User-centric service providing device and service providing method
US7448080B2 (en) * 2003-06-30 2008-11-04 Nokia, Inc. Method for implementing secure corporate communication
AU2003265197A1 (en) * 2003-09-30 2005-04-14 Telefonaktiebolaget Lm Ericsson (Publ) Means and method for generating a unique user's identity for use between different domains
EP1675327B1 (en) * 2003-10-17 2013-01-02 Nippon Telegraph And Telephone Corporation Mail distribution system, mail distribution method, and mail distribution program
EP1767031B1 (en) * 2004-05-24 2009-12-09 Computer Associates Think, Inc. System and method for automatically configuring a mobile device
EP1883042A1 (en) * 2006-07-20 2008-01-30 Research In Motion Limited System and method for electronic file transmission
US8472972B2 (en) * 2007-11-21 2013-06-25 International Business Machines Corporation Device, system, and method of physical context based wireless communication
US8302161B2 (en) * 2008-02-25 2012-10-30 Emc Corporation Techniques for anonymous internet access
US8856269B2 (en) * 2009-02-20 2014-10-07 Ca, Inc. System and method for identifying a masked IP address
US8528066B2 (en) * 2009-08-25 2013-09-03 Microsoft Corporation Methods and apparatus for enabling context sharing
WO2012012334A2 (en) * 2010-07-19 2012-01-26 Movik Networks Content pre-fetching and cdn assist methods in a wireless mobile network
US10185814B2 (en) * 2011-09-07 2019-01-22 Elwha Llc Computational systems and methods for verifying personal information during transactions
US8756651B2 (en) * 2011-09-27 2014-06-17 Amazon Technologies, Inc. Policy compliance-based secure data access

Patent Citations (26)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6061789A (en) * 1996-01-12 2000-05-09 International Business Machines Corporation Secure anonymous information exchange in a network
US20120101911A1 (en) * 2000-03-23 2012-04-26 Dekel Shiloh Method and system for securing user identities and creating virtual users to enhance privacy on a communication network
US20090024636A1 (en) * 2000-03-23 2009-01-22 Dekel Shiloh Method and system for securing user identities and creating virtual users to enhance privacy on a communication network
US20050182968A1 (en) * 2002-01-24 2005-08-18 David Izatt Intelligent firewall
US20030229717A1 (en) * 2002-05-28 2003-12-11 Teague Alan H. Automated management and control of contact aliases
US20070106612A1 (en) * 2004-02-26 2007-05-10 Payment Pathways, Inc. Methods and systems for identity authentication
US20060182103A1 (en) * 2005-02-16 2006-08-17 Phantom Technologies, Llc. System and method for routing network messages
US20060227959A1 (en) * 2005-04-12 2006-10-12 Don Mitchell Temporary enum gateway
US20100095337A1 (en) * 2006-01-27 2010-04-15 Robin Dua Method and system for accessing media content via the internet
US20080115223A1 (en) * 2006-10-31 2008-05-15 Novell, Inc. Techniques for variable security access information
US20080208611A1 (en) * 2007-02-26 2008-08-28 Krooss Kevin W Addressing method for freight, cargo and mail
US20090150488A1 (en) * 2007-12-07 2009-06-11 Martin-Cocher Gaelle System and method for managing multiple external identities of users with local or network based address book
US20090210714A1 (en) * 2008-01-23 2009-08-20 Sultan Haider Method for electronically signing electronic documents and method for verifying an electronic signature
US20100153285A1 (en) * 2008-06-19 2010-06-17 Anderson Mark R Integration of news into direct social communications and interactions
US20110216762A1 (en) * 2009-01-16 2011-09-08 Petrus Wilhelmus Adrianus Jacobus Maria Nas Methods, systems, and computer readable media for providing e.164 number mapping (enum) translation at a bearer independent call control (bicc) and/or session intiation protocol (sip) router
US20100287286A1 (en) * 2009-05-07 2010-11-11 Bustamente Michael G System and Method for Providing Sequenced Anonymous Communication Sessions Over a Network
US20100299603A1 (en) * 2009-05-22 2010-11-25 Bernard Farkas User-Customized Subject-Categorized Website Entertainment Database
US20110019661A1 (en) * 2009-07-27 2011-01-27 At&T Knowledge Ventures, L.P. Method and apparatus resolving enum data collisions
US8468348B1 (en) * 2009-09-01 2013-06-18 Amazon Technologies, Inc. Closed loop communication
US20110302244A1 (en) * 2010-06-06 2011-12-08 Mccann Thomas M Methods, systems, and computer readable media for obscuring diameter node information in a communication network
US20120195235A1 (en) * 2011-02-01 2012-08-02 Telelfonaktiebolaget Lm Ericsson (Publ) Method and apparatus for specifying a user's preferred spoken language for network communication services
US20120254326A1 (en) * 2011-03-31 2012-10-04 Saravanan Bellan Method and system for advanced alias domain routing
US20120317205A1 (en) * 2011-06-10 2012-12-13 Microsoft Corporation Anonymous location-based notification
US20120330993A1 (en) * 2011-06-21 2012-12-27 International Business Machines Corporation Contact recommendation system for a user communication
US20140253674A1 (en) * 2011-10-21 2014-09-11 Telefonaktiebolaget L M Ericsson (Publ) Real-time communications methods providing pause and resume and related devices
US20130129066A1 (en) * 2011-11-21 2013-05-23 Cellco Partnership D/B/A Verizon Wireless System for and method of providing lata information in response to a lnp query

Cited By (21)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9967797B2 (en) * 2008-06-05 2018-05-08 Movius Interactive Corp System and method for provision of a second line service to a telecommunications device using mixed relationship numbers
US20150271731A1 (en) * 2008-06-05 2015-09-24 George Backhaus System and method for provision of a second line service to a telecommunications device using mixed relationship numbers
US20160021248A1 (en) * 2008-06-05 2016-01-21 George Backhaus System and method for providing a pre-populated second line service to a telecommunications device
US11082548B2 (en) * 2008-06-05 2021-08-03 Movius Interactive Corporation System and method for providing a pre-populated second line service to a telecommunications device
US20160212269A1 (en) * 2012-05-07 2016-07-21 Movius Interactive Corporation Telecommunications device enabled with multiple network recognizable numbers
US9979827B2 (en) * 2012-05-07 2018-05-22 Movius Interactive Corp Telecommunications device enabled with multiple network recognizable numbers
US9332408B2 (en) * 2012-05-07 2016-05-03 Movius Interactive Corporation System and method for provision of a second line service to a telecommunications device
US20130295899A1 (en) * 2012-05-07 2013-11-07 Philip Lowman System and Method for Provision of a Second Line Service to a Telecommunications Device
US9961522B2 (en) * 2012-05-07 2018-05-01 Movius Interactive Corporation Provision of additional network addressable numbers on single mobile device
US20160212614A1 (en) * 2012-05-07 2016-07-21 Movius Interactive Corporation Provision of additional network addressable numbers on single mobile device
US10245233B2 (en) 2015-02-25 2019-04-02 Technische Universiteit Delft Controlled release from particles encapsulated by molecular layer deposition
US10523822B2 (en) 2015-07-30 2019-12-31 At&T Intellectual Property I, L.P. Methods, systems, and computer readable storage devices for adjusting the use of virtual resources providing communication services based on load
US9888127B2 (en) * 2015-07-30 2018-02-06 At&T Intellectual Property I, L.P. Methods, systems, and computer readable storage devices for adjusting the use of virtual resources providing communication services based on load
US10277736B2 (en) 2015-07-30 2019-04-30 At&T Intellectual Property I, L.P. Methods, systems, and computer readable storage devices for determining whether to handle a request for communication services by a physical telephone number mapping service or a virtual telephone number mapping service
US10498884B2 (en) 2015-07-30 2019-12-03 At&T Intellectual Property I, L.P. Methods, systems, and computer readable storage devices for determining whether to handle a request for communication services by a physical telephone number mapping service or a virtual telephone number mapping service
US9866521B2 (en) 2015-07-30 2018-01-09 At&T Intellectual Property L.L.P. Methods, systems, and computer readable storage devices for determining whether to forward requests from a physical telephone number mapping service server to a virtual telephone number mapping service server
US9851999B2 (en) 2015-07-30 2017-12-26 At&T Intellectual Property I, L.P. Methods, systems, and computer readable storage devices for handling virtualization of a physical telephone number mapping service
US20180309732A1 (en) * 2015-10-21 2018-10-25 K Cloud Co., Ltd. System and method for securely printing mail by using virtual address
CN109040034A (en) * 2018-07-19 2018-12-18 国政通科技有限公司 Subscriber identity information processing method and processing device based on virtual information
US11429182B2 (en) * 2020-05-18 2022-08-30 Capital One Services, Llc Augmented reality virtual number generation
US12118135B2 (en) 2020-05-18 2024-10-15 Capital One Services, Llc Augmented reality virtual number generation

Also Published As

Publication number Publication date
US9621407B2 (en) 2017-04-11
US20130254364A1 (en) 2013-09-26
US20130254830A1 (en) 2013-09-26

Similar Documents

Publication Publication Date Title
US20130254854A1 (en) Individual and institution virtualization mechanisms
EP3228069B1 (en) Stack fusion architecture including distributed software clusters to enable software communication services
US7675903B2 (en) Dynamic contact list management system and method
US9779231B2 (en) Distribution of ephemeral extension to communication sessions
US20070073888A1 (en) System and method to control transactions on communication channels based on universal identifiers
US20100138559A1 (en) Systems and methods for direction of communication traffic
KR101352647B1 (en) Pluggable contact resolution
US8914510B2 (en) Methods, systems, and computer program products for enhancing internet security for network subscribers
JP2019506692A (en) Method, apparatus and computer program for processing data and zone file of hierarchical domain name system
US20150106528A1 (en) Communication of data of a web real-time communication via a carrier-grade environment
JP2011120213A (en) Method and system for real time display of caller&#39;s location, profile, and trust relationship
KR20120040231A (en) A method and system for interworking between instant messaging service and short message service
US20120300768A1 (en) Providing telecommunication services based on an e.164 number mapping (enum) request
US9894057B2 (en) Method and system for managing secure custom domains
US20150065087A1 (en) Security recommendations for providing information in a communication system
US9654518B2 (en) Stack fusion software communication service
RU2589359C2 (en) Multimodal telephone calls
US20150170236A1 (en) System and method for authenticating an agent
US7729342B1 (en) Privacy preservation for voice over internet protocol calling
EP2647179B1 (en) Service access apparatus, method, computer program and computer program product for selective initiation of communication
US8732314B2 (en) Generation of contact information based on associating browsed content to user actions
US20110191857A1 (en) Method for masking data
US20130111042A1 (en) Route lookup resolution
KR101340591B1 (en) Method and apparatus for providing a click-to-call service
Goix et al. Enumservice Registration for'acct'URI

Legal Events

Date Code Title Description
AS Assignment

Owner name: ALCATEL-LUCENT USA INC., NEW JERSEY

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:MOGANTI, MADHAV;PANDIT, MAYURESH;SANKALIA, ANISH;SIGNING DATES FROM 20130102 TO 20130103;REEL/FRAME:029756/0364

AS Assignment

Owner name: CREDIT SUISSE AG, NEW YORK

Free format text: SECURITY INTEREST;ASSIGNOR:ALCATEL-LUCENT USA INC.;REEL/FRAME:030510/0627

Effective date: 20130130

AS Assignment

Owner name: ALCATEL LUCENT, FRANCE

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:ALCATEL-LUCENT USA INC.;REEL/FRAME:032121/0290

Effective date: 20140123

AS Assignment

Owner name: ALCATEL-LUCENT USA INC., NEW JERSEY

Free format text: RELEASE BY SECURED PARTY;ASSIGNOR:CREDIT SUISSE AG;REEL/FRAME:033949/0016

Effective date: 20140819

STCB Information on status: application discontinuation

Free format text: ABANDONED -- AFTER EXAMINER'S ANSWER OR BOARD OF APPEALS DECISION