System and method for local provision of meeting specified regulations for internet service providers

FIELD: telecommunication systems and methods for global network access.

SUBSTANCE: proposed system has station that provides for meeting specified regulations concerning authentication of subscribers, authorization of access and services, accounting of network resources, and mobility. These specified regulations are determined by Internet service provider at decision station concerning specified regulations which is, essentially, server connected to Internet that communicates with mentioned providing station. Internet service provider may be made in the form of encryption key for given providing station and encryption key for particular subscriber.

EFFECT: enlarged functional capabilities.

33 cl, 4 dwg

 

The technical field

The present invention relates to telecommunications systems and methods for accessing the Internet using a service provider network, the Internet, and more specifically to authentication and authorization of users, resources and services provided by the provider of Internet service.

Prior art and objectives of the present invention

The combined effect of the two factors cancel regulation and the impact of Protocol of the Internet (IP) has made it possible segmentation horizontal market of telecommunication systems. Previous attempts horizontal division of the market of telecommunication systems due to limitations on terminals and services for long-distance communication was slow acting and a rather unconvincing for a subscriber.

Currently, the outbreak of the local loop and the branch services from infrastructure, together with the adoption of the Protocol, substantially changed the relationship between the subscriber and the service provider. Transparent network based on IP Protocol supported by the providers of Internet service that enables the exchange of services, taking into account the strategy of network resources, made it possible to move the caller regarding provider Internet service (ISP), i.e. allow the operator to maintain ABO the clients in any location, virtually any network in the world.

For example, new customer segments can be created in accordance with criteria other than physical location, such as nationality, corporate identity, religion, culture, specific interests, etc. in Addition, virtual private network (VPN), IP based, can easily be created to service dispersed individuals and groups of subscribers.

The key to this final separation of services from infrastructure is the existence of a local point of ensuring compliance with the rules (POPUP). This POPUP responsible for ensuring implementation of the strategy, i.e. the established rules regarding authentication of subscribers, authorization, access and services, network resources and mobility, etc. Usually POPUP should be placed on the server of the local access or edge router provider of Internet services (ISPS). However, the implementation POPUP on the edge router in a typical case requires significant investments and resolution of many practical arrangements with providers local access and depending on them, taking into account the compliance of statutory rules.

Therefore, the present invention is the reduction of volume is investitsii for providers of Internet service, implementing point to ensure compliance with the rules.

The invention

The present invention is directed to telecommunications systems and methods for implementing a point of ensuring compliance with the rules (POPUP) for a provider of Internet services (ISPS) in the subscriber premises. POPUP responsible for ensuring implementation of the strategy, i.e. the established rules regarding authentication of subscribers, authorization, access and services, network resources and mobility. These set of rules are determined by the operator ISPS at the point of decision-making on the implementation of the established rules (PWUP), which is a server connected to the Internet and communicates with POPUP. In addition, ISPS can provide the encryption key for POPUP and the encryption key for a specific user. Thus, all data transmission between the subscriber and POPUP, and between POPUP and PWUP can be encrypted.

Brief description of drawings

The claimed invention is described below with reference to the drawings, which illustrate the most important individual embodiments of the invention and which in the present description is for reference only. In the drawings shows the following:

figure 1 - block diagram illustrating the traditional enforcement of the mouth of the established rules provider servants of the Internet;

figure 2 is a block diagram illustrating an example implementation of a local point of ensuring compliance with the rules (POPUP) in the subscriber premises according to preferred variants of the invention;

figure 3 is a detailed view of local POPUP in accordance with the variants of implementation of the present invention;

figure 4 is an example diagram of the alarm system, illustrating the signaling used in the communication session on the Internet in accordance with the variants of implementation of the present invention.

Detailed description of preferred embodiments of the invention

Various new features of the claimed invention are disclosed below with specific references to examples of implementation, which is by far the most preferred. However, it should be borne in mind that this class of embodiments provides only a few examples of the many preferred options using new principles of the invention. The information in the description of the invention, in principle, does not impose mandatory limits on any of the various claimed inventions. Moreover, some statements may apply to some of the new features and not apply for others.

As shown in figure 1, a single subscriber 100A or company 110, with many Gabon is now 100b and 100C, of which is shown only two, bonded together by a local area network (LAN) 120, access the Internet 140 in the usual way, via the server 130 local access or edge router) provider of Internet services (ISPS) 135. The server 130 local access serves as a local point of ensuring compliance with the rules (POPUP) 160 for ISPS 135 in the region of 150, which maintains the server 130 local access. POPUP 160 is responsible for ensuring implementation of the strategy, i.e. the established rules regarding authentication of subscribers 100A-C in the specified area, authorization, access and services, network resources and mobility.

Before the beginning of the session in the Internet POPUP 160 must authenticate the subscriber, for example, the subscriber 100b. In a typical case, the subscriber 100b enters authentication information 105A, such as account number and personal identification number (PIN) to the server 130 local access ISP 135. After that POPUP 160 in the server 130 local access authenticates the subscriber 100b by comparing the received information authentication (IA) 105A entered by the subscriber, 100b, with authentication information 105A associated with the subscriber 100b stored in POPUP 160. It should be noted that POPUP 160 in the server local access (SLD) 130 stores the authentication information 105 for each of the th subscriber 100A, he serves. After authentication, the subscriber 100b can access the Internet 140 and view Web sites through the local access server 130. After completion of the communication session on the Internet POPUP 160 collects and stores information 115 on access to resources and billing (accounting information (SI) 115) for the communication session on the Internet.

Currently, none of the types of information transmitted between the subscriber 100b and the server 130 local access or POPUP 160 for communication in the Internet is not encrypted. Therefore, this information, including authentication information 105 may be intercepted by an unauthorized party. Modern mechanisms for ensuring compliance with the rules provider 135 Internet service do not account for unauthorized access of this type. Therefore, ISPS must rely on mechanisms to ensure compliance with the rules of the server local access in the area of 150 to provide strong authentication, which increases costs for ISPS 135 and subscribers 100A, which use the services provided by ISPS 135. In addition, some information accounting and billing required by the provider 135 Internet service can be provided only provider of local access, which also increases the atrate for ISPS 135.

However, if, as shown in figure 2, POPUP 160 is placed in the subscriber premises 110, for example, being connected to the LAN 160 is connected to the subscriber 100, paid upfront costs required for a provider 135 Internet service, will be reduced. In addition, ISPS 135 will become less dependent on the provider's local access. Therefore, in accordance with a preferred variant implementation of the present invention, POPUP can be implemented in the server (or server node) 180, which is connected to the local network 120 of the subscriber (subscribers) 100, as shown in figure 2. Alternatively, if the subscriber 100 is a single subscriber, POPUP 160 may be implemented on a computer or terminal associated with the subscriber 100.

To implement POPUP 160 in the subscriber premises 110, when the subscriber 100 or a group of subscribers registered to the ISP 135, ISPS 135 can provide software for POPUP 160 subscribers (subscribers) 100. This software can be downloaded from the ISP 135 on the Internet or can be sent to the subscriber (subscribers) 100 e-mail. The software contains individual subscriber key for each subscriber 100 and the key POPUP for POPUP 160. This software POPUP 160 can be loaded into the server 180, serving many subscribers 10, as shown in the drawing, or in a terminal associated with a single subscriber 100, to perform the functions POPUP 160. For example, the software may be loaded into the mailbox e-mail, which is a secure server 180 with built-in firewall protection (firewall)that interface with the fold line 120. After downloading subscribers can be assigned to one of the subscriber keys, and POPUP 160 may register the key POPUP on the server 130 local access.

As explained above, POPUP 160 facilitates the established rules regarding authentication of subscribers, authorization, access and services, network resources and mobility for subscribers, which serves POPUP 160. These set of rules are determined by the operator ISPS 135 at the point of decision-making on the implementation of the established rules (PWUP) 170, which is a server operated by the operator, which can be anywhere in the world. PWUP 170 communicates with various POPUP and other network PRUP (not shown) for authentication of subscribers 100, making roaming outside of its originating network.

For example, if the LAN 120 is part of a company that has offices in different locations, and the subscriber 100 associated with one of these locations, visit the place where LS 120, and the formation authentication 105, associated with the subscriber 100 may not be preserved in POPUP 160 PP 120. Instead, the authentication information 105 may be stored in another POPUP (not shown) of the ISP 135 Internet service. So when arrived the subscriber 100 is attempting to access the Internet 140 via ISPS 135, POPUP 160 may send authentication information 105 received from the subscriber 100, PWUP 170 through the server 130 local access and the Internet 140 to authenticate the subscriber 100. Based on the authentication information 105 associated with the incoming caller 100, PWUP 170 can directly authenticate the subscriber 100 (if PWUP 170 stores all the authentication information 105 for each of the 100 subscribers registered provider 135 Internet). Alternatively, PWUP 170 may determine POPUP (not shown)associated with the incoming caller 100, to transmit the authentication information 105 to this POPUP and request authentication and authorization from this POPUP.

In another example, if the subscriber 100, connected to the local network 120 has an account with another provider of Internet service (not shown), but trying to access the Internet 140 through this provider 135 Internet service LAN 120, POPUP 160 may communicate with PWUP 170 through the server 130 local access, include the hydrated with ISPS 135 and the Internet 140, in order to authenticate the subscriber and to receive authorization to access ISPS 135. PWUP 170 may communicate with another PRUP (not shown) of the service provider network, the Internet, in which the subscriber 100 has his own expense, to verify whether the subscriber account with this provider and get authorization for billing and retirement account.

Structure and operation principle of the possible alternative implementation POPUP 160 is described below in more detail with reference to figure 3. Each POPUP 160 has a separate key 162 associated with it. This key 162 identifies POPUP 160 for PWUP 170 and server 130 local access provider 135 Internet service. So instead, to save authentication information 105 for each subscriber 100, the server 130 local access, you only need to save the keys 162 for all POPUP 160, of which he serves. Keys 162 POPUP can also be used to encrypt information transmitted between POPUP 160 and the server 130 local access and between POPUP 160 and PWUP 170, which greatly reduces the possibility of interception by an unauthorized party.

To initiate a communication session in a network the Internet, POPUP 160 provides this key 162 POPUP server 130 local access to authenticate POPUP 160. After that POPUP 160 and the server 130 Lok is a high access can use this key 162 POPUP to encrypt all information transmitted between them. Similarly, the key 162 POPUP can be used POPUP 160 and PWUP 170 to encrypt information transmitted between them. Such information may include, for example, authentication information 105 and the authorization information arrived subscribers or subscribers 100, making roaming, or account information 115 and information on the accounts at the end of the session in the Internet.

POPUP 160 also includes a memory or database 165 for storing different subscriber key 164 for each subscriber 100, of which he serves. For example, in the database 165 POPUP 160 may store a list of names of subscribers or account numbers 163 and keys 164 associated subscribers. To initiate a communication session in a network the Internet, the subscriber 100 may enter your account number 163, together with your subscription key 164 in POPUP 160. POPUP 160 accesses a database 165 and compares the received account number 163 and key 164 to authenticate the subscriber 100. This subscription key 164 can also be used to encrypt all data transferred between POPUP 160 and the subscriber 100.

In addition, POPUP 160 may also store a database 168 authorization, which contains information authorization 169 for each subscriber 100, of which he serves. Certain services provided by ISPS 135 may be available, the La each subscriber 100. Therefore, after authentication, when the subscriber 100 requests a service from ISPS 135, POPUP 160 may access a database 168 to determine whether the right of the subscriber to use this service, based on information authorization 169.

During a communication session in a network the Internet POPUP 160 supports the registration file 166 containing information 167 related to the communication session, including start time, end time, the service used. This registration file 166 is used by the provider 135 Internet service for auditing and billing purposes. By the end of the session in the Internet POPUP 160 sends this log file 166 using the key 162 POPUP to PWUP 170. Alternatively, the registration file 166 for all subscribers 100, serviced data POPUP 160 may be transmitted at regular intervals, for example, at the end of the day.

By placing POPUP 160 in the premises of the subscriber 110 100, overhead can be reduced because of the reduction in the number of messages transmitted between the subscriber 100 and the server 130 local access. In addition, increased security and reduced latency in all the transmission between the subscriber 100 and POPUP 160.

Figure 4 is a diagram of the alarm system, which is described below in conjunction with the block diagram shown in figure 2 and 3. To initiate with the ANSA communication in the Internet subscriber 100 sends an authentication request (step 400), including the account number 163 and subscriber key 164, POPUP 160. After that POPUP 160 establishes a connection with the server 130 local access this ISP 135 and transmits the authentication request for access (step 405), including key 162 POPUP, to the server 130 local access.

After authentication POPUP 160 server 130 local access sends a reply message authentication for access (step 410) to POPUP 160, indicating that POPUP 160 is authorized for the communication session on the Internet with this ISP 135. When POPUP 160 receives the response message, the authentication server 130 local access POPUP authenticates the caller using the account number 163 and subscriber key 164 provided by the subscriber 100, and transmits the response message authentication (step 415) the subscriber 100.

If the subscriber 100 performs roaming, as explained above, to authenticate the subscriber 100, POPUP 160 transmits the authentication message that includes the key 162 POPUP and account number 163, and subscriber key 164 for the subscriber 100 to PWUP 170 through the server 130 local access and network 140 (step 412). It should be borne in mind that if the subscriber 100, making roaming, has an account for another ISP (not shown), the identification of this CMP, together with the account number of the subscriber 100 is transmitted in PWUP 170. In order for the subscriber 100, do the s roaming, got access to ISPS 135 this POPUP 160, both ISPS typically must have a contract that allows the subscriber to access any ISPS. In addition, account information and information relating to the accrual of payment for services should also be reflected in this agreement.

Then PWUP 170 authenticates the subscriber 100, either directly or by sending a request to another POPUP (not shown)containing the account number 163 and subscriber key 164 for the subscriber 100, or by sending a request to another PRUP (not shown). After conducting authentication PWUP 170 returns a response message authentication POPUP 160 (step 413), which, in turn, sends a response message to the authenticating subscriber 100 (step 415).

After the subscriber 100 receives the response to the authentication message, it can forward the request to the presentation services (step 420) in POPUP 160. Request for provision of the service may represent, for example, a request to access a Web site 190 or receiving subscriber or network information. If POPUP 160 determines that the requested service is not authorized, then POPUP 160 sends a response message authorization (step 425), showing that this service is not available. However, if the requested service is available, POPUP 160 sends a response message authorization (step 425), indicating that the data is available, and transmits the resource request message (step 430), including service requests, the server 130 local access.

If the requested service cannot be provided to the subscriber 100, the server 130 local access notifies the subscriber 100 by sending through POPUP 160 confirmation message resource allocation (step 435), showing that this service cannot be provided to the subscriber 100. The requested service cannot be provided, for example, if the network is busy, or if the service is not available at the current time. However, if the requested service can be provided to the subscriber 100, then a confirmation message resource allocation (step 435) shows that this service is available. After that, the subscriber 100 may conduct a communication session in a network the Internet (step 440), for example, by reading information from the Web site or by providing information to the Web site on the Internet. Preferably, all information transmitted between the subscriber 100 and the server 130 local access, can be encrypted with the subscriber key 164 and key 162 POPUP that prevents unauthorized access to this information.

In the process of implementing a communication session in a network the Internet (step 440) POPUP 160 registers in the register file 166 all the information 167 of the communication session on the Internet, such as start time, end time and zaprosi AUMA service. At periodic intervals PWUP 170 may transmit the request message, the registration information (step 445) to POPUP 160, which requests the registration file 166 for all communications on the Internet that have been conducted since the previous transmission of the request message account information. In response POPUP 160 transmits a registration file (step 450), which includes records of all communications on the Internet, completed prior to receiving this request message account information in PWUP 170. Alternatively, upon completion of the communication session on the Internet, POPUP 160 can read the log file 166 and forward this registration file 166 in PWUP 170 (step 450), without waiting for a request message account information (step 445). It should be borne in mind that the registration file can be encrypted for transmission from POPUP 160 to PWUP 170 using the key 162 POPUP.

Specialists in the art it should be clear that the new principles described in this application can be modified and altered in a wide range of applications. Accordingly, the amount claimed of the invention should not be limited by any of the following, for example, variants of implementation, and should be determined by the claims.

1. Item ensure compliance with established rules provi the era of Internet service, located in a customer premises associated with at least one person who uses the service provider the Internet to gain access to the Internet, while the abovementioned point of ensuring compliance with the rules includes means for transmitting and receiving data transmitted between the point of ensuring compliance with the rules and the provider of the Internet, a memory for storing subscriber key for the said at least one subscriber, and subscriber key used to authenticate mentioned at least one subscriber, and the key point to ensure compliance with established rules designed to authenticate the said paragraph ensure compliance with the rules for a provider of Internet service.

2. Item ensure compliance with the rules according to claim 1, characterized in that it further comprises authorization database to store information authorization associated with said at least one subscriber.

3. Item ensure compliance with the rules according to claim 1, characterized in that it further comprises a registration file for recording information of the communication session relating to a communication session in a network the Internet, initiated mentioned at least one the m subscriber.

4. Item ensure compliance with the rules according to claim 1, characterized in that the subscriber key used to encrypt information transmitted between a point of ensuring compliance with the rules and said at least one subscriber.

5. Item ensure compliance with the rules according to claim 1, characterized in that the key point to ensure compliance with the rules is used to encrypt information transmitted between a point of ensuring compliance with the rules and the said node.

6. Item ensure compliance with the rules according to claim 1, characterized in that the subscriber premises include a local area network, and a point of ensuring compliance with the rules is a server connected to the local network.

7. Item ensure compliance with the rules according to claim 1, characterized in that the subscriber premises include a terminal associated with said at least one subscriber.

8. Telecommunication system for carrying out communication, the Internet at least one person using the service provider of the Internet that contains a point of ensuring compliance with the rules of the provider of Internet service, located at the customer premises associated at least with the ne by the subscriber, and the point of ensuring compliance with the rules is designed to receive the subscription key of said at least one subscriber when the said at least one subscriber initiates a session on the Internet, and subscriber key used to authenticate mentioned at least one subscriber, and site access provider Internet service located outside the subscriber's premises, used for receiving the key point to ensure compliance with the rules from the point of ensuring compliance with the rules for authentication of the item ensure compliance with the rules, and referred to the access node provides the possibility of the above at least one subscriber to a communication session in a network the Internet after authentication of the item ensure compliance with the rules.

9. The telecommunication system of claim 8, characterized in that the point of ensuring compliance with the rules contains the memory stored in the subscriber key for the said at least one subscriber and stored in the subscriber key is compared with the received subscriber key for authentication mentioned at least one subscriber.

10. The telecommunication system of claim 8, characterized in that paragraph shall ensure compliance with the rules contains the authorization database to store information authorization associated with the said at least one subscriber.

11. The telecommunication system of claim 10, wherein the point of ensuring compliance with the rules receives a request for provision of the service of said at least one subscriber and accesses the database authorization for determining whether a requested service is authorized, with the use of information authorization, and the communication session on the Internet is, if the requested service is authorized.

12. The telecommunication system of claim 8, characterized in that the point of ensuring compliance with the rules contains a log file to record the information of the communication session relating to a communication session in a network the Internet.

13. The telecommunication system according to item 12, wherein the information communication session contains the start time, end time, and at least one requested service.

14. The telecommunication system of claim 8, wherein the subscriber key used to encrypt information transmitted between a point of ensuring compliance with the rules and referred at least one person during the communication session on the Internet.

15. The telecommunication system of claim 8, characterized in that the key point to ensure compliance with the rules of COI the box is used to encrypt information, transmitted between a point of ensuring compliance with the rules and referred to by the node during the communication session on the Internet.

16. The telecommunication system of claim 8, wherein the subscriber premises include a local area network, and a point of ensuring compliance with the rules is a server connected to the local network.

17. The telecommunication system of claim 8, wherein the subscriber premises include a terminal associated with said at least one subscriber.

18. The telecommunication system of claim 8, characterized in that it further contains a point of decision for compliance with the rules of the provider of the Internet service associated with the Internet and available for ensuring compliance with the rules through the access node.

19. Telecommunication system p, characterized in that paragraph to ensure compliance with the rules transmits the key point to ensure compliance with the rules in paragraph decision for compliance with the rules for authentication of the item ensure compliance with the rules.

20. Telecommunication system p, characterized in that paragraph to ensure compliance with the rules transmits subscriber key in the item PR is making decisions for compliance with the rules for authentication mentioned at least one subscriber, when the said at least one subscriber visits the subscriber premises.

21. Telecommunication system p, characterized in that paragraph to ensure compliance with the rules transmits information of the communication session relating to a communication session in a network the Internet, to the point of decision for compliance with the rules after completion of the above-mentioned communication session on the Internet.

22. The telecommunication system according to item 21, wherein the information of the communication session encrypted using the key points ensure compliance with the rules, and the encrypted information of the communication session is transferred to the point of decision for compliance with the rules.

23. Way of the communication session on the Internet using a service provider network, the Internet, comprising the steps of receiving subscriber key point to ensure compliance with the rules of the provider of Internet service, located at the customer premises associated with at least one subscriber of said at least one user authentication mentioned at least one subscriber point of ensuring compliance with the rules using the obtained subscriber key and after the step authentication, participation mentioned at least some of the subscriber in the communication session to the Internet via a point of ensuring compliance with the rules.

24. The method according to item 23, characterized in that it further includes the steps of transferring the key points ensure compliance with the rules from the point of ensuring compliance with the rules in the access provider Internet service located outside the subscriber premises, and authentication access point ensure compliance with the rules on the basis of key points ensure compliance with the rules, and referred to the stage of participation is performed after step authentication point of ensuring compliance with the rules.

25. The method according to paragraph 24, characterized in that it further includes the steps of encrypting information transmitted between a point of ensuring compliance with the rules and the access node during the communication session on the Internet using the key points ensure compliance with the rules.

26. The method according to item 23, wherein the step authentication mentioned at least one subscriber further includes the steps of storing in paragraph ensure compliance with the rules stored in the subscriber key for the said at least one subscriber and compare stored subscriber key mentioned accepted subscription key for authentication mentioned at least one subscriber.

27. JV the property in item 23, characterized in that it further includes the steps of storing in paragraph enforce the established rules of information authorization associated with said at least one subscriber, receiving, at the point of ensuring compliance with the rules of requesting services from the mentioned at least one subscriber and identifying a point of ensuring compliance with the rules, is authorized if the requested service on the basis of information authorization, and if it is authorized, then the indication that the communication session on the Internet can be performed.

28. The method according to item 23, characterized in that it further includes the step of recording during the communication session on the Internet in the registration file at the point of ensuring compliance with the rules information session relating to said communication session in a network the Internet.

29. The method according to p, characterized in that it further comprises a phase transfer after completion of the communication session in the Internet information of the communication session from the point of ensuring compliance with the rules to the point of taking decisions on the implementation of the established rules of the service provider network, the Internet, linked to the Internet and located outside the subscriber's premises.

30. The method according to clause 29, wherein the step of transmitting information of the communication session stage is niteline includes the step of encrypting information of a communication session using the key points ensure compliance with the rules.

31. The method according to clause 29, characterized in that it further includes the step of transmitting the key point to ensure compliance with the rules from the point of ensuring compliance with the rules to the point of taking decisions on the implementation of the established rules and authentication point of ensuring compliance with the rules using the key points ensure compliance with the rules.

32. The method according to p, wherein the first-mentioned step of authenticating further includes the step of transmitting the subscriber key point to ensure compliance with the rules to the point of taking decisions on the implementation of the established rules for authentication mentioned at least one subscriber when the said at least one subscriber visits the subscriber premises.

33. The method according to item 23, characterized in that it further includes a step of encryption of information transmitted between a point of ensuring compliance with the rules and referred at least one person during the communication session on the Internet using dial key.



 

Same patents:

FIELD: mobile communications.

SUBSTANCE: base station determines speed of direct data transfer of data in accordance to control data about data transfer speed received from base station, reads temporary maximal total size encoder packers from buffer, determines, if it is possible to transfer these temporary packets at this speed of data transfer forms a combination of logic packets from these temporary packets, if it possible to transfer these packets at current data transfer speed, and total size of temporary packets is greater or equal to certain threshold value, and transmits logic packets with physical level packet.

EFFECT: higher data transfer speed.

3 cl, 9 dwg

The invention relates to the field of computer technology

The invention relates to signaling protocols in communication networks (e.g., mobile networks), namely the signaling Protocol in a communication network, which does not depend on the services of a media signaling underlying level

The invention relates to a device for data exchange with setting permissions on data exchange

The invention relates to a wireless communication

The invention relates to a method for data transmission in a digital mobile communication network, which can handle user data in certain levels corresponding to certain protocols, and a certain level of these levels of user data are transmitted on the physical channel between the mobile station and the fixed network mobile radio unit for transmission of the above-mentioned level in terminal form the payload of a certain size containing bits scan associated with the implementation of transmission bits and transmission intended for user data transmission, and each terminal is a channel encoded using a particular encoding method, and the size of the payload depends on the encoding method

The invention relates to the interconnection of communications networks, including the telephone means to the Internet

The invention relates to a method and apparatus protection data traffic between the first communication station and a second communication station, and send data in accordance with the Protocol data from the second communication station to the first communication station

The invention relates to a method of transmitting and displaying data, updated from a Central server to at least one subscriber of the post via the digital communication network, where each subscriber has the ability to connect your subscription post to the server, and device for implementing this method

FIELD: ATMs.

SUBSTANCE: device has devices for performing banking operations, visual displaying devices, data input devices, software applications and documents, while ATM outputs user interface via visual displaying device, located at the front, and also outputs user interface, meant for technical service, via visual displaying device, positioned at the back.

EFFECT: higher reliability, higher trustworthiness.

13 cl, 11 dwg

FIELD: electronic financial transactions.

SUBSTANCE: method includes receiving request for transaction from user to server, generating response to user, receiving answer from user, based on response, after that said response is processed and user is checked. Then transaction authentications are performed, using at least one key, and at least portion of said authentication documents are sent to user. Then repeated query from user is received, which has portion of authentication documents mentioned above, and it is checked by said key to provide access to transaction service.

EFFECT: higher reliability and trustworthiness.

7 cl, 16 dwg

FIELD: trading.

SUBSTANCE: method includes controlling movement of trade goods flow via trade goods flow control system. Goods sold in the complex are categorized in trade groups on basis of given criterion, to each trade group a terminal, loading bay and goods demonstration sector are assigned. During delivery of goods to complex route of movement of each type of goods is determined with note of terminal, loading bay and goods demonstration sector. Delivered goods through terminal assigned to current goods type are loaded into assigned loading bay and positioned in assigned sectors for goods demonstration. Trade goods flow control system has control implements and computer, connected to control implements and containing controlling software module, database of names of goods sold in trade complex, while controlling software is made with possible assigning of a terminal for delivery of each goods type in database and determining its movement route with note of terminal, loading bay and goods demonstration sector.

EFFECT: simplified control, lower costs, lower losses due to thefts.

2 cl, 3 dwg

FIELD: software and hardware means for financial operations.

SUBSTANCE: machine has computer and multiple operation functional devices, multiple driver components, corresponding o said functional devices. Drivers operate reacting on communication of XFS level, for controlling operation of operation function devices. Machine includes terminal application and level of services of open devices, containing multiple components, appropriate for drivers and reacting on terminal application, providing for control fop operational function devices on the side of drivers by connecting to level XFS.

EFFECT: higher efficiency.

2 cl, 4 dwg

FIELD: communication networks.

SUBSTANCE: method has stages: registering client inputs domain name at native language into computer, which includes at least one non alphabetic-digital symbol, conversion of each such symbol in computer to at least one corresponding symbol to produce wholly alphabetic-digital domain name, registering resulting name in computer of authorized registering operator.

EFFECT: higher efficiency.

3 cl, 6 dwg, 1 tbl

FIELD: financial transactions.

SUBSTANCE: system provided structured protocol for trading, according to which offers about purchasing or selling can be inputted into system or erased from it, participants can reconsider their offers, dependently on trades state. Workstations of users maintain connection to central server. Access to trading activity is performed via communication sever and remote server.

EFFECT: broader functional capabilities.

12 cl, 12 dwg

FIELD: computers, finance.

SUBSTANCE: method includes receiving data from user concerning certain active, minimal value of change, current percent stake without risk of non-payment, difference between prices of certain active during its quotation and required guarantee payment for certain active. Derivative for each variable of derivative calculation algorithm is set, variable price of realization with value of current price of certain active, variable price of execution with value of execution price. Difference between trade price of contract and final closing price is determined. Data about said difference is sent to user, which difference is subject to distribution. Difference between execution price and current price of certain active is determined and data is sent to user concerning said difference, being subject to distribution.

EFFECT: higher precision.

7 cl

FIELD: technologies for automated elections.

SUBSTANCE: methods include recording data concerning names of voters and portrait photograph on entrance ticket and then reading data, comparing to data from voters database, i.e. automatic identification of voters. Then voter is presented with vote card, and vote cards are not given to unsanctioned voters, to prevent illegal voting. Identification devices realize above-mentioned methods.

EFFECT: higher efficiency.

6 cl, 14 dwg

FIELD: advertisement.

SUBSTANCE: method includes, before transfer of combined video and audio signal from remote center to multiple control servers, selection of blocks of video and audio information about goods, in remote center, which goods are present in trading location, where appropriate control server is positioned, and playback is performed continuously on each display by means of respective controls server, at least portion of selected blocks of video and audio information about advertised goods is played, which are appropriate for goods present in trading location, wherein appropriate controlling server is located and matching display, after that analysis of blocks of video and audio information indicated on displays, is performed, and report information is formed.

EFFECT: higher efficiency.

2 cl, 1 dwg

FIELD: ATMs.

SUBSTANCE: methods for inputting data into ATM include following steps: forming an input signal when function key or auxiliary keyboard key is pressed at ATM panel, at the same time data inputted into ATM are assigned to pressed key, conversion of input signal from key to input signal, matching coordinate data of point of a point on screen of ATM, previously matched with pressed key, redirection of coordinate data input signal into computer data flow, meant for data input from mouse. Method for data input may have additional steps: forming of signal by pressing key of auxiliary keyboard, conversion of input signal from auxiliary keyboard key to input signal, matching key on standard letter-digit keyboard, previously matched with pressed key; redirection of received input into data flow of computer, meant for inputting data from standard keyboard. ATMs have computer and at least one device for performing financial operations in response to data input in computer, performed in accordance to methods for inputting data into ATM. Devices for storing software have software, providing for control of ATM in accordance to methods for inputting data in ATM.

EFFECT: higher efficiency.

6 cl

FIELD: formation of payment documents.

SUBSTANCE: the information meaningful for the payment document is introduced in the computer of the financial settlements and check-out center, the payment document is formed in the form a text and the first dot-and-dash code line and introduced in the electronic data base, the document is displayed for payment to the payer, the payer introduces the information on the quantity of consumed resources and the sum of payments to the document according to the acting tariff rates, these data are introduced in the cash register of the payment reception center with the date of payment, types and sums of payments, these data and the second dot-and-dash code line with these data on the document are represented by means of the cash register, it is sent to the financial settlements and check-out center, the first and second dot-and-dash code lines are read out, the information is compared with the electronic base, entered together with the information on reception of the payment in its electronic data base.

EFFECT: automated formation of documents with due account made for payments determined by the floor space, quantity of people living there and the quantity of the consumed resources.

8 cl, 1 dwg

Up!