WikiPatents - Community Patent Review
Create Free Account  |  License or Sell Your Patent  |  WikiPatents Marketplace  |  WikiPatents Blog
Username:  Password:  
    
Advanced Search
Method for dial-in access security using a multimedia modem    
United States Patent5636282   
Link to this pagehttp://www.wikipatents.com/5636282.html
Inventor(s)Holmquist; Kurt E. (Largo, FL); Smith; Richard K. (Seminole, FL)
AbstractA multi-media modem is used to provide a security access arrangement that identifies a calling party to a computer system. In particular, a multi-media modem couples both an analog channel and a data channel to the computer system. The analog channel conveys the calling party's identification information, while the data channel conveys a data signal from the calling party. The computer system verifies the calling party's identification information communicated over the analog channel and, if the verification is successful, immediately establishes, or continues, data communications with the calling party over the data channel.
   














 Title Information Submit all comments and votes
 
Patent Text Patent PDF Print Page Summary File History
Plain text PDF images Print Summary File History
Inventor     Holmquist; Kurt E. (Largo, FL); Smith; Richard K. (Seminole, FL)
Owner/Assignee     Paradyne Corporation (Largo, FL)
Patent assignment
All assignments
Publication Date     June 3, 1997
Application Number     08/262,169
PAIR File History     Application Data   Transaction History
Image File Wrapper   Patent Term   Fees
Litigation
Filing Date     June 20, 1994
US Classification     726/16 379/93.03 379/442 713/155 713/182
Int'l Classification     H04L 009/32 H04M 011/06
Examiner     Barron Jr.; Gilberto
Assistant Examiner    
Attorney/Law Firm     Risley, Asman; Sanford J. Thomas, Kayden, Horstemeyer & Kelley; David P. ,
Address
Parent Case    
Priority Data    
USPTO Field of Search     379/95 379/442 380/25 380/23 381/42
Patent Tags     dial-in access security multimedia modem
   
Enter a comma (,) or semicolon (;) between multiple tag words/phrases.
Describe this patent:
 Amusing   
 Clever   
 Complex   
 Efficient   
 Historic   
 Important   
 Innovative   
 Interesting   
 Practical   
 Simple   
[no votes]
Patent WIKI

Share information and news about this patent, including information and news about the technology, inventors, company, ligation and licensing.
 References Submit all comments and votes
 
*references marked with an asterisk below are user-added references
 U.S. References
 
Add a new US reference:  
ReferenceRelevancyCommentsReferenceRelevancyComments
5365574
Hunt
379/88.02
Nov,1994
[0 after 0 votes]		5335276
Thompson

Aug,1994
[0 after 0 votes]
5301246
Archibald
379/142.06
Apr,1994
[0 after 0 votes]		5274695
Green
379/88.02
Dec,1993
[0 after 0 votes]
5247497
Cohn
369/26.01
Sep,1993
[0 after 0 votes]		5220595
Uehara
379/74
Jun,1993
[0 after 0 votes]
5003595
Collins
707/9
Mar,1991
[0 after 0 votes]		4998279
Weiss
340/5.52
Mar,1991
[0 after 0 votes]
4993068
Piosenka

Feb,1991
[0 after 0 votes]		4907267
Gutzmer
379/442
Mar,1990
[0 after 0 votes]
4876717
Barron
726/5
Oct,1989
[0 after 0 votes]		4763351
Lipscher
379/93.02
Aug,1988
[0 after 0 votes]
4679226
Muehleisen
379/93.02
Jul,1987
[0 after 0 votes]		4604499
Hughes
379/93.02
Aug,1986
[0 after 0 votes]
4520233
Smith
379/93.04
May,1985
[0 after 0 votes]		4430728
Beitel
379/93.02
Feb,1984
[0 after 0 votes]
3984637
Caudill
379/93.02
Oct,1976
[0 after 0 votes]		3896266
Waterbury
379/114.19
Jul,1975
[0 after 0 votes]
 Foreign References
 Other References
 Market Review Submit all comments and votes
   
Market Size
Estimate the gross annual revenues of the relevant market sector:
> $10B
$5B - $10B
$2B - $5B
$500M - $2B
$100M - $500M
$10M - $100M
$1M - $10M
$500K - $1M
$100K - $500K
< $100K
[No votes]
$0
 
$0   $2.5B   $5B   $7.5B   $10B
Market Share
Estimate the percentage of the relevant market sector this invention will capture:
75% - 100%
50% - 74.99%
25% - 49.99%
10 - 24.99%
5 - 9.99%
2 - 4.99%
1 - 1.99%
< 1%
[No votes]
0.0%
 
0%   25%   50%   75%   100%
Reasonable Royalty
What percentage of gross sales should the inventor or assignee be paid?
75% - 100%
50% - 74.99%
25% - 49.99%
10 - 24.99%
5 - 9.99%
2 - 4.99%
1 - 1.99%
< 1%
[No votes]
0.0%
 
0%   25%   50%   75%   100%
Public's "Guesstimation" of Royalty Value
Market SizeN/A[No votes]
xMarket ShareN/A[No votes]
xReasonable RoyaltyN/A[No votes]
N/A
License Availablity
If you are NOT the owner or assignee, answer here:
Yes, license is available for purchase

No, license is not currently available



 [No votes]
License Availablity
If you ARE the owner or assignee, answer here:
Yes, license is available for purchase

No, license is not currently available



 [No votes]
Competitive Advantage
Does this invention have a significant competitive advantage over similar technologies?
Yes

No



 [No votes]
Most helpful competitive advantage comment
[No comments]
Commercial Alternatives
Are there viable commercial alternatives for this invention?
Yes

No



 [No votes]
Most helpful commercial alternative comment
[No comments]
 Technical Review Submit all comments and votes
 Claims Submit all comments and votes
 


We claim:

1. A method for providing security comprising the steps of:

(a) using a multi-media modem for coupling a first channel and a second channel to a computer system;

(b) providing data communications between the computer system and a party via the first channel;

(c) concurrently receiving in the computer system the party's identification information from the second channel; and

(d). verifying the party's identity as a function of the party's identification information without disconnecting the first channel.

2. The method of claim 1 wherein the party's identification information is biometric information of the party.

3. A method for use in a computer for providing security comprising the steps of:

(a) coupling the computer to a first port and a second port of a modem;

(b) receiving a first signal from the first port of the modem, where the first signal represents identity information of a user transmitted during a telephone call;

(c) verifying the identify information of the user; and

(d) allowing the user to access the computer through the second port of the modem without disconnecting the telephone call if the identify of the user is successfully verified.

4. The method of claim 3 wherein the identity information is biometric information of the user.

5. A method for use in a computer for providing security comprising the steps of:

(a) coupling the computer to a modem;

(b) receiving a multiplexed signal from the modem during a telephone call, where the multiplexed signal includes at least a first signal and a second signal and where at least the first signal represents identity information of a user;

(c) verifying the identify information of the user; and

(d) allowing the user to access the computer through the modem without disconnecting the telephone call if the identity of the user is successfully verified.

6. The method of claim 5 wherein the identity information is biometric information of the user.

7. A method for use in a computer, the method comprising the steps of

(a) coupling the computer to a first port and a second port of a modem;

(b) establishing a data connection through the second port of the modem with a user, where the data connection allows the user to communicate with the computer; and

(c) recording a first signal received from the first port of the modem without disconnecting the data connection.

8. The method of claim 7 wherein the first signal is a voice signal provided by the user.

9. Apparatus comprising:

a modem having at least a first port, a second port, and a network port for coupling to a telephone network to establish a telephone call; and

a computer that a) verifies a user's identity by comparing user information to identification information retrieved by the computer, where the user information is provided by the user in the telephone call to the computer over at least the first port, and b) allows the user access to the computer system through the second port of the modem without disconnecting the telephone call when the computer successfully verifies the identify of the user.

10. The apparatus of claim 9 wherein the user information is biometric.

11. The apparatus of claim 9 wherein the network port of the modem provides a tip/ring interface for coupling to the telephone network.

12. Computer apparatus comprising:

(a) a first port for coupling to a port of a modem;

(b) a second port for coupling to another port of the modem; and

(c) processing means that:

(i) verifies a user's identity by comparing user information to identification information retrieved by the computer, where the user information is provided by the user in a telephone call coupled through the modem to the computer and received in at least the first port; and

(ii) allows the user access to the computer through the second port without disconnecting the telephone call when the computer successfully verifies the identify of the user.

13. Apparatus comprising:

(a) a modem having at least a first port, a second port, and a network port for coupling to a telephone network to establish a telephone call; and

(b) a computer that:

(i) verifies a user's identity by comparing user information to identification information retrieved by the computer, where the user information is provided by the user in the telephone call to the computer over at least the first port; and

(ii) allows the user access to the computer through the second port of the modem,

without disconnecting the telephone call when the computer successfully verifies the identify of the user.

14. Computer apparatus for communicating with a user via a modem, the apparatus comprising:

(a) a first port for coupling to a port of the modem;

(b) a second port for coupling to another port of the modem; and

(c) processing means that:

(i) communicates with the user via the second port; and

(ii) verifies the user's identity as a function of user information received from at least the first port, without disconnecting the communications over the second port.

15. The apparatus of claim 14 wherein the user information is biometric.

16. Computer apparatus for communicating with a user via a modem, the apparatus comprising:

(a) a first port for coupling to a port of the modem;

(b) a second port for coupling to another port of the modem; and

(c) processing means that:

(i) communicates with the user via the second port; and

(ii) records a voice signal of the user received via the first port, without disconnecting the communications over the second port.
 Description Submit all comments and votes
 


BACKGROUND OF THE INVENTION

The present invention relates to data communications equipment and to computer systems. In particular, this invention relates to the use of data communications equipment to provide secure access to a computer system.

The use of computers in today's world is continually on the increase, from main-frames to personal computers more and more people are using computer systems. In fact, it is the accessibility of a computer itself, via a modem and the public switched telephone network (PSTN), that allows almost anyone to benefit from the use of a computer. Unfortunately, this "dial-up" accessibility also seems to attract "intruders," i.e., illegitimate users of a computer system. As a result, the security of a computer system, or even a network of computers, as to both the integrity and distribution of the information stored on a computer is an item of continuing concern to the legitimate owners and operators of computers. In response to this need of prodding some type of access security to a computer system a number of alternatives have been proposed.

Some approaches utilize the well-known "automatic number identification" (ANI) feature available from most public switched telephone network providers. For example, U.S. Pat. No. 5,003,595, issued to Collins et al. on Mar. 26, 1991, describes a system where a private branch exchange (PBX), upon answering an incoming data call, provides the calling party's ANI to an adjunct processor, i.e., computer, for analysis. This adjunct processor compares the calling party's ANI to a list of authorized ANI numbers. If the calling party's ANI is on this authorization list then the data call is completed. However, if the calling party's ANI is not on the list of numbers, the adjunct processor instructs the PBX not to answer the data call. In contrast to the Collins et al. patent, U.S. Pat. No. 5,301,246, issued Apr. 5, 1994 to Archibald et al. describes a modem that includes a list of authorized ANI numbers. For any incoming data call the modem compares the calling party's ANI to each of the authorized ANI numbers. The modem answers the incoming data call only if a match is found.

Another approach utilized by the prior an is the use of an individual's "biometric" information. In particular, an individual's voice print can be used to verify a person's identify. U.S. Pat. No. 4,876,717, issued to Barron et al. on Oct. 24, 1989, describes a system that includes a PBX in association with an adjunct processor. In this system, when a calling party wants to access a computer system, the calling party first establishes a "voice-call" to the system. Upon answering the voice-call, the PBX transfers the call to the adjunct processor. The latter prompts the calling party, via a voice recording, to speak a predefined identifying phrase. As the calling party speaks this phrase the adjunct processor generates a voiceprint of the calling party. After generating the calling party's voiceprint, the calling party is instructed to "hang-up." The adjunct processor than compares the calling party's voiceprint to a set of voiceprints that represent authorized users. If there is a match between the calling party's voiceprint and a voiceprint of an authorized user, the adjunct processor calls back the calling party to establish a data call between a host computer coupled to the PBX and the calling party. In making this second telephone call, the adjunct processor uses a telephone number that is a priori associated with the, now identified, calling party.

The above-mentioned prior art, while providing secure arrangements to access computers, arc not the complete answers to the problem. For example, the Collins et al. and Archibald et al. approaches utilize the calling party's ANI, but this does not guarantee the calling party is the actual person authorized to use the computer system. It only guarantees, to a degree, the location of the calling party in the public switched telephone network. On the other hand, the Barron et al. patent, albeit providing a better identification of the actual calling party, requires two telephone calls, one to identify the calling party and one to establish the data call upon verification of the calling party. In addition, since this system initiates the data call using a predefined telephone number, the original calling party must be at the location associated with this predefined telephone number absent the use of any sophisticated call forwarding arrangements. As a result, the two-call approach is usually impractical for a person who is on a business trip.

SUMMARY OF THE INVENTION

We have realized a simple, and effective, technique for providing a security arrangement that identifies a calling party to a computer system. In particular, a multi-media modem couples both an analog channel and a data channel to the computer system. The analog channel conveys the calling party's identification information, while the data channel conveys a data signal from the calling party. The computer system verifies the calling party's identification information communicated over the analog channel and, if the verification is successful, immediately establishes, or continues, data communications with the calling party over the data channel.

In an embodiment of the invention, a simultaneous voice and data modem (SVD) is used to provide both an analog channel and data channel between a calling party and a computer. The latter is coupled to both the analog port and data port of the SVD modem. When the SVD modem answers an incoming telephone call the SVD modem provides the calling party's voice signal to the host computer via the analog port and a data signal to the host computer via the data port. The computer then transmits a voice recording to the calling party via the analog port This voice recording instructs the calling party to speak a predefined phrase and to enter a "login" via their data terminal. As the calling party speaks the phrase the computer generates a voiceprint of the calling party. In addition, after receiving the requested "login," the computer retrieves from a nonvolatile memory device a voiceprint a priori associated with the received "login." If there is a match between the calling party's voiceprint and the retrieved voiceprint, the computer allows the data connection to immediately be established or to continue. However, if the calling party's voiceprint does not match, the computer hangs-up. Advantageously, this technique uses only one telephone call and allows the calling party to be located anywhere in the PSTN network since no call-back is performed by the computer system.

BRIEF DESCRIPTION OF THE DRAWING

FIG. 1 shows a block diagram of a simultaneous voice and data communications system embodying the principles of the invention;

FIG. 2 shows a block diagram of a simultaneous voice and data modem;

FIG. 3 is a table showing illustrative SVD identification signal assignments;

FIG. 4 is an illustrative SVD symbol block that provides a secondary communications channel;

FIG. 5 is an illustrative flow diagram of a method embodying the principles of the invention for providing a security arrangement;

FIG. 6 is an illustrative flow diagram of another method embodying the principles of the invention for providing a security arrangement;

FIG. 7 is an illustrative flow diagram of another method embodying the principles of the invention for providing a security arrangement; and

FIG. 8 is an illustrative flow diagram of another method embodying the principles of the invention.

DETAILED DESCRIPTION

A block diagram of a simultaneous voice and data communications system embodying the principles of the invention is shown in FIG. 1. As shown in FIG. 1, there are illustratively two communications endpoints represented by user 1 and computer 300. Other than the inventive concept, which is described below, computer 300 is any commercially available computer system that includes at least one data terminal equipment (DTE) port, DTE 30, and at least one analog port, herein represented by voice port 40. It is assumed the computer 300 includes components (not shown) that allow computer 300 to both generate prerecorded messages via voice port 40 and generate voiceprints from incoming voice signals received at voice port 40 as known in the art. Both voice port 40 and DTE port 30 of Computer 300 are coupled to PSTN 500 via SVD modem 200. The equipment of user 1 includes DTE 10, telephone 20, and SVD modem 100. DTE 10 is coupled to SVD modem 100 via line 11. Telephone 20 is coupled to SVD modem 100 via line 21. It is assumed that line 21 represents a "tip/ring" type of electrical interface. SVD modem 100 is coupled to public switched telephone network (PSTN) 500, via local loop 101, for originating and answering telephone calls. Local loop 101 is a typical "tip/ring" facility, i.e., a wire-pair, upon which a voice-band signal is transmitted between SVD modem 100 and PSTN 500. Finally, the signal connections between the data communications equipment, represented by SVD modems 100 and 200, and respective data terminal equipment, represented by DTEs 10 and 30, are assumed to conform to the Electronic Industry Association (EIA) RS-232 interface.

Before describing the inventive concept below, a description of the general operation of an SVD modem is provided using SVD modem 100 as an example. The basic operation of an SVD modem is also described in the commonly assigned, U.S. Pat. No. 5,448,555 of Bremer et al. entitled "Simultaneous Analog and Digital Communication," issued on Sep. 5, 1995.

FIG. 2 shows an illustrative block diagram of SVD modem 100. SVD modem 100 operates in either a "voice-only" mode, a "data-only" mode, or an SVD mode. In the "voice-only" mode, SVD modem 100 simply communicates a signal, e.g., a voice signal, present on telephone port 105 to PSTN port 110. In the "data-only" mode, SVD modem 100 modulates a data signal received via DTE port 115 for transmission via PSTN port 110 to a remote data endpoint, and demodulates a modulated data signal received via PSTN port 110 for transmission to DTE 10. Finally, in the SVD mode, SVD modem 100 provides the combination of the "voice-only" and "data-only" mode with the exception that the signal received and transmitted via PSTN port 110 is a combined voice and data signal (hereafter referred to as an "SVD signal"). Other than the inventive concept, the individual components of SVD modem 100 are well-known and are not described in detail. For example, CPU 125 is a microprocessor-based central processing unit, memory, and associated circuitry for controlling SVD modem 100.

CPU 125, of SVD modem 100, controls switch 160, via line 126, as a function of the above-mentioned operating mode of SVD modem 100. In the "voice-only" mode, switch 160 couples any signal on line 162 to line 166 for transmission via telephone port 105, and couples any signal on line 149 to line 161 for transmission via PSTN port 110. The remaining components, e.g., data encoder 155, data decoder 140, voice decoder 130, and voice encoder 150, are disabled by control signals (not shown) from CPU 125. Consequently, in the "voice-only" mode any analog signal appearing at one of the analog ports is coupled, or bridged, to the other analog port.

If SVD modem 100 is in the "data-only" mode, switch 160 couples any signal on line 146 to line 161 for transmission via PSTN port 110, and couples any signal on line 162 to line 131. In the "data-only" mode, voice encoder 150 and voice decoder 130 are disabled by control signals (not shown) from CPU 125. In this mode of operation, any data signal appearing at DTE port 115 (assuming SVD modem 100 is not receiving "AT commands") is encoded by data encoder 155. DTE port 115 is assumed to represent the above-mentioned EIA RS-232 interface. The latter couples not only data from DTE 10 for transmission to an opposite endpoint, but also couples commands from DTE 10 to SVD modem 100 during the well-known "AT command mode" of operation. Data encoder 155 includes any of the well-known encoding techniques like scrambling, trellis-coding, etc., to provide a sequence of symbols on line 156 at a symbol rate, 1/T to modulator 145. The symbols are selected from a two-dimensional signal space (not shown). Note, since voice encoder 150 is disabled, adder 165 does not add a signal to the output signal from data encoder 155. Modulator 145 illustratively provides a quadrature amplitude modulated signal (QAM) to PSTN port 110 via switch 160. Similarly in the reverse direction, a QAM signal received at PSTN port 110 is provided to demodulator 135 via switch 160. Demodulator 135 provides an encoded data stream to data decoder 140. The latter performs the inverse function of data encoder 155 and provides a received data signal to DTE port 115 for transmission to DTE 10.

Finally, if SVD modem 100 is in the SVD mode, switch 160 couples any signal on line 146 to line 161 for transmission via PSTN port 110, and couples any signal on line 162 to line 131. In the SVD mode, voice encoder 150 and voice decoder 130 are enabled by control signals (not shown) from CPU 125. In this mode, any analog signal, e.g., a voice signal, appearing on line 149 is applied to voice encoder 150. The latter processes the voice signal so that it is mapped into the two-dimensional signal space used by data encoder 155 to provide a voice signal point. This voice signal point defines the magnitude and angle of a "voice signal vector" about the origin of the two-dimensional signal space. Voice encoder 150 provides a sequence of two-dimensional signal points, at the predefined symbol rate of 1/T symbols per sec., on line 151. Adder 165 adds each voice signal vector on line 151, if any, to a respective one of the symbols provided by data encoder 155 to provide a stream of signal points to modulator 145. As described above, modulator 145 provides a QAM modulated signal to PSTN port 110 via switch 160. This QAM modulated signal is the above-mentioned SVD signal since it represents both voice and data.

In the reverse direction, the received SVD signal on line 131 is processed as described above by demodulator 135 and data decoder 140 to provide the received data signal on line 127. In addition, voice decoder 130 receives both the received signal point sequence from demodulator 135 and the decoded symbol sequence from data decoder 140. Voice decoder 130 includes suitable buffering to allow for the decoding time needed by data decoder 140 to make a decision as to a received symbol. Voice decoder 130 subtracts the received symbol provided by data decoder 140 from the respective received signal point provided by demodulator 135 to yield the voice signal vector and then performs the inverse function of voice encoder 150 to provide a received voice signal to telephone port 105, via line 133.

As a result, this SVD technique advantageously provides a voice-band signal that has both an audio portion and a data portion, hereafter referred to as the analog channel and the data channel, respectively. This allows two users, or endpoints, with simultaneous voice and data capable modems to communicate data between them and talk at the same time--yet only requires one "tip/ring" type telephone line at each user's location.

During the establishment of an SVD connection it is advantageous for the calling SVD modem to initially signal the far-end, or called, SVD modem, that the calling modem is also an SVD modem. This initial signaling is accomplished by the use of an SVD identification signal that is transmitted by the calling SVD modem after dialing the telephone number of the called SVD modem. This type of notification allows the answering SVD modem to immediately switch to an SVD mode as opposed to initially defaulting to a standard data modulation like CCITT V.32 and then switching to an SVD mode. An illustrative set of distinctive identification signals for use by an SVD modem is shown in FIG. 3. These hand-shaking signals include a calling signal, SVD CNG, which include calling tones "a" and "b," and an answer identification signal, SVD AID, which includes answering tones "a" and "b." The called SVD modem provides the answer identification signal as an acknowledgment to the calling SVD modem that the call has been answered by an SVD compatible modem.

The determination of what mode SVD modem 100 is in depends upon whether SVD modem 1130 is originating or answering a telephone call. If SVD modem 100 is originating a telephone call, then the calling party, e.g., user 1, can select the particular mode of operation in a number of ways. One illustrative way is simply via a predefined command mode instruction provided via DTE port 115. Another way is for SVD modem 100 to evaluate the state of various signals at both telephone port 105 and DTE port 115. For example, "voice-only" mode is entered if an "off-hook" signal is detected at telephone port 105 and there is no "data-terminal-ready" (DTR) signal from DTE 10 at DTE port 115. This DTR signal is a part of the above-mentioned EIA RS-232 interface specification. Conversely, "data-only" mode is entered if there is no "off-hook" signal but the DTR signal is active. Finally, the SVD modem is entered if an "off-hook" signal is detected and the DTR signal is active.

When user 1 is the called party, i.e., when SVD modem 100 answers an incoming telephone call, the determination of what operating mode to enter is performed as follows. SVD modem 100 first determines if an SVD identification signal is being transmitted by the calling party's equipment. If SVD modem 100 detects an SVD identification signal, then the SVD mode of operation is entered. However, if no SVD identification signal is detected, SVD modem 100 can either enter the "voice-only" mode or the "data-only" mode. The particular selection is set by user 1 via a predefined command mode instruction provided via DTE port 115. This command mode instruction sets a "default" mode of operation for SVD modem 100 if no SVD identification signal is detected from the calling party's equipment.

Once an opposite SVD modem has been identified and both modems are communicating in the SVD mode, it is necessary for each SVD modem to communicate control and status information to the opposite endpoint. This is done via a secondary channel that communicates signaling information between, e.g., SVD modem 100 and SVD modem 200, and can be implemented in any number of ways. For example, as is known in the art, a secondary channel can be provided by multiplexing the data modulated signal (here the SVD signal) with another control signal; or a secondary channel can be provided as described in the co-pending, commonly assigned, U.S. Patent application of Bremer et al. entitled "Side-Channel Communications in Simultaneous Voice and Data Transmission," issued on Apr. 9, 1996. FIG. 4 shows a diagram of a transmission scheme that includes a side-channel within an SVD signal. This SVD side-channel not only provides for the transport of additional information between any SVD endpoints--but also allows the voice signal to be transmitted across the full bandwidth of the SVD data connection. As can be observed from FIG. 4, information from an SVD modem is provided in a frame, or "symbol block," e.g., symbol block 405. For the purposes of this example, a symbol block comprises 70 symbols. Consecutive symbols within each symbol block are identified as S1, S2, S3, . . . , S70. Each symbol block is further divided into a data segment, e.g., data segment 406; and a control segment, e.g., control segment 407. Let the group of symbols in the data segment be S1 to S56. These are the "data symbols" and always convey DTE data. For the purposes of the following discussion the symbol rate is illustratively 3000 symbols/second (s/sec.), although other symbol rates may be used, e.g., 2800 s/sec. At a symbol rate of 3000 s/sec., the average data symbol rate of a symbol block is equal to (56/70).times.3000)=2400 s/sec. Consequently, if there are 6 bits of data per data symbol, the resultant data rate is 14400 bits/sec (bps). It is assumed that this data rate is high enough to meet a user's needs so that the remaining bandwidth of the SVD data connection can be allocated to the control segment, which provides the side-channel.

The remaining symbols of the control segment, i.e., S57 to S70, are the "control symbols." Usually, the latter never convey DTE data, but convey control information. Each control symbol represents a number of "control bits." For example, some of these control bits represent a state identifier, which provides information to the far-end, or receiving, SVD modem as to the mode of operation of the transmitting SVD modem, i.e., whether the transmitting SVD modem is in the "voice-only" mode, "data-only" mode, or SVD mode, of operation. The control symbols are encoded and scrambled the same as the DTE data symbols, e.g., they use the same signal space. The control symbols provide the side-channel for conveying additional signaling information between SVD modem endpoints. Although the data symbols represent user data and the control symbols represent control information, both the data and control symbols may also convey analog data, which in this example is any voice signal that is provided to SVD modem 100 by telephone 20. As a result, the side-channel is a part of the simultaneous voice and data transmission.

Having described the general operation of an SVD modem, the inventive concept will now be described. Referring back to FIG. 1, it is assumed both SVD modems 100 and 200 have been preconfigured to default to the above-mentioned SVD mode of operation. At this point, in order to facilitate understanding of the inventive concept, reference can also be made to FIG. 5, which represents an illustrative method embodying the principles of the invention. In step 605, user 1 dials a telephone number associated with computer 300. SVD modem 100 goes "off-hook" and transmits this telephone number to PSTN 500 by providing a respective sequence of dual-tone multifrequency (DTMF) digits. PSTN 500 routes this telephone call as is known in the art. A local exchange carrier (not shown) within PSTN 500 "rings" SVD modem 200 of computer 300 via line 301. In step 610, SVD modem 200 answers the telephone call by going "off-hook" and, upon detecting an SVD identification signal, performs a handshaking sequence with SVD modem 100 to thereby establish a simultaneous voice and data connection between computer 300 and the terminal equipment of user 1. SVD modem 200 also "rings" voiceport 40 of computer 300 and provides a "data-set-ready" (DSR) indication to DTE port 30. In response, computer 300 goes "off-hook" at voiceport 40 and provides a DTR indication to SVD modem 200. As a result, the analog channel provided by SVD modem pair 100 and 200 communicates respective voice signals between voice port 40 of computer 300 and telephone 20 of user 1, and the data channel between this modem pair communicates respective data signals between DTE port 30 of computer 300 and DTE 10 of user 1. It should be noted that although there is "data communications" between user 1 and computer 300 at this point, the latter has not yet allowed user 1 to access the information stored on computer 300.

Computer 300 transmits a verification request to user 1 to provide additional data information and a voice response in step 615. In particular, computer 300 transmits a data prompt such as a "login" request to user 1 over the data channel, and a prerecorded voice prompt, such as a request to repeat a predefined phrase, over the voice channel. As noted earlier, it is assumed that computer 300 includes standard speech synthesis technology to provide the verbal prompt transmitted by computer 300. The predefined phrase can either be a "stock" phrase, or one of a number of phrases randomly selected by the computer. User 1 transmits the requested information in step 620 by entering, via DTE 10, a preassigned "login," and by verbally repeating the requested phrase into a handset of telephone 20. Computer 300 receives the requested data information via DTE port 30 and records the vocal response of user 1 via voice port 40 to create a voiceprint of user 1 in step 625. Computer 300 verifies both the received data information and the voiceprint of user 1 in step 630. In particular, computer 300 compares the data information entered by user 1 to a list of authorized logins stored in a nonvolatile storage device (not shown) of computer 300. Similarly, computer 300 compares the voiceprint of user 1 to an authorized voiceprint stored in a nonvolatile storage device (not shown) of computer 300. This authorized voiceprint represents an authorized user of computer 300 for that "login." If either, or both, of the received data information and voiceprint do not match a respective authorized login and authorized voiceprint, then computer 300 simply disconnects in step 640. Computer 300 disconnects by "dropping" the DTR signal via DTE port 30 and "hanging-up" at voice port 40. It should be noted that if computer 300, for whatever reason, never creates a voiceprint in step 625, e.g., user 1 does not repeat the requested phrase, then computer 300 "times-out," e.g., after five seconds, and disconnects from SVD modem 200 as described above.

However, if the both the data information entered by user 1 and the voicepit of user 1 match a respective authorized login and voiceprint