FORM 2
THE PATENTS ACT, 1970
(39 of 1970)
THE PATENTS RULES, 2003
COMPLETE
SPECIFICATION
(See section 10; rule 13)
TITLE OF THE INVENTION
METHOD AND SYSTEM FOR COMPLIANCE MANAGEMENT IN COMMUNICATION
NETWORK
APPLICANT
JIO PLATFORMS LIMITED
of Office-101, Saffron, Nr. Centre Point, Panchwati 5 Rasta, Ambawadi, Ahmedabad -
380006, Gujarat, India; Nationality : India
The following specification particularly describes
the invention and the manner in which
it is to be performed
2
TECHNICAL FIELD
[0001] The present disclosure generally relates to the field of
telecommunications and data service compliance. More particularly, the present
disclosure relates to a system and a method for compliance management in a
5 communication network.
DEFINITION
[0002] As used in the present disclosure, the following terms are generally
intended to have the meaning as set forth below, except to the extent that the context
in which they are used to indicate otherwise.
10 [0003] The expression ‘compliance management’ used hereinafter in the
specification refers to a systematic process of ensuring that a communication network
and its associated services adhere to applicable regulatory requirements, restrictions,
and policies.
[0004] The expression ‘real-time regulatory data’ used hereinafter in the
15 specification refers to regulation-related information received dynamically and
continuously from a source system, pertaining to legal and regulatory requirements
governing data and internet services, including but not limited to service barring
information, geographic restrictions, and compliance standards.
[0005] The expression ‘service barring information’ used hereinafter in the
20 specification refers to information specifying restrictions or prohibitions on specific
data or internet services at one or more sites, including details such as barred services
lists, site identifiers, and end-time details of the barred services.
[0006] The expression ‘relevant regulatory data’ used hereinafter in the
specification refers to a subset of real-time regulatory data extracted based on
3
geographic details and site information, deemed applicable to the compliance
requirements of a specific communication network, a node, geographic area, etc.
[0007] The expression ‘rule repository’ used hereinafter in the specification
refers to a database or structured storage system that contains site-wise barring
5 information and associated regulatory rules, serving as a foundation for compliance
management in the communication network.
[0008] The expression ‘site-wise barring information’ used hereinafter in the
specification refers to compliance-related data specific to individual network sites,
including but not limited to lists of barred services, site identifiers, and the duration or
10 end-time details of service restrictions.
[0009] The expression ‘site identifier (ID)’ used hereinafter in the specification
refers to a unique alphanumeric code or label assigned to a specific network site within
the communication network, used to associate regulatory data and service barring
information with that site.
15 [0010] The expression ‘predefined parameters’ used hereinafter in the
specification refers to criteria used to classify service barring information, including
but not limited to data type, sensitivity level, and regulatory requirements, to facilitate
management and prioritization of compliance efforts.
[0011] The expression ‘customer query’ used hereinafter in the specification
20 refers to a request or inquiry from a customer, containing location information and
seeking details about data or internet services, including potential service restrictions
or compliance status.
[0012] The expression ‘location query’ used hereinafter in the specification
refers to a structured query generated based on a customer’s location information, with
4
a predefined margin added to account for geographic variations, used to extract relevant
site-wise barring information from the rule repository.
[0013] The expression ‘predefined margin’ used hereinafter in the specification
refers to an adjustable buffer or tolerance applied to location information in the location
5 query to ensure accurate inclusion of relevant sites, accounting for potential
inaccuracies in geographic data.
[0014] The expression ‘predefined medium’ used hereinafter in the
specification refers to a communication channel used to respond to the customer query,
including but not limited to a phone call, email communication, text message, or
10 notification.
[0015] The expression ‘predefined criteria’ used hereinafter in the specification
refers to a set of rules or standards accessed from the source system, used to validate
service barring information before extracting relevant regulatory data.
[0016] The expression ‘automated compliance report’ used hereinafter in the
15 specification refers to a system-generated document or dataset detailing adherence to
regulatory standards, identifying potential compliance issues, and recommending
corrective actions.
[0017] The expression ‘communication network’ used hereinafter in the
specification refers to an infrastructure of interconnected systems and devices that
20 facilitate data and internet services, subject to regulatory restrictions and compliance
requirements.
[0018] The expression ‘source system’ used hereinafter in the specification
refers to an external or internal platform, database, or regulatory authority that provides
real-time regulatory data to a compliance management system.
5
[0019] These definitions are in addition to those expressed in the art.
BACKGROUND
[0020] The following description of related art is intended to provide
background information pertaining to the field of the disclosure. This section may
5 include certain aspects of the art that may be related to various features of the present
disclosure. However, it should be appreciated that this section should be used only to
enhance the reader's understanding with respect to the present disclosure, and not as
admissions of prior art.
[0021] Rapid advancement of telecommunications and internet technologies
10 has brought about myriad regulatory challenges for businesses operating in this space.
Regulatory bodies worldwide impose stringent restrictions and guidelines to ensure the
security, privacy, and fair usage of voice, message, data, and internet services.
However, navigating these complex regulatory landscapes poses significant hurdles for
service providers, often leading to compliance issues, legal risks, and potential
15 penalties.
[0022] Historically, ensuring compliance with regulatory restrictions on
telecommunications and data services has been cumbersome and resource intensive.
Conventional approaches relied heavily on manual processes, prone to errors, delays,
and inconsistencies. Moreover, the dynamic nature of regulatory frameworks meant
20 businesses struggled to keep pace with evolving requirements, leading to compliance
gaps and vulnerability. Additionally, the dynamic nature of the internet and the rapid
evolution of communication technologies (e.g., 3rd Generation (3G), 4th Generation
(4G), 5th Generation (5G), 6th Generation (6G), and the like) make it difficult for
traditional compliance methods to keep pace.
25 [0023] Further, current limitations in compliance management for
telecommunications and data services include fragmented approaches, reliance on
6
manual processes, and limited transparency. Existing solutions often focus on
addressing compliance for individual communication channels, such as voice or
messaging, leading to fragmented compliance efforts across various services.
Moreover, regulatory compliance typically involves manual processes for tasks like
5 information gathering, analysis, and reporting, which are time-consuming, error-prone,
and lack real-time adaptability to evolving regulatory requirements. Additionally, there
is often limited transparency in accessing and understanding a barring information,
which can impede effective communication with customers and regulatory bodies,
hindering the overall compliance process. These challenges underscore the need for
10 innovative solutions to streamline compliance management, enhance transparency, and
improve efficiency in navigating regulatory restrictions across the voice, message,
data, and internet services. Therefore, a pressing need arises for a solution that may
improve compliance management, enhance regulatory adherence, and mitigate legal
risks in the voice, message, data, and internet services.
15 [0024] There is, therefore, a need in the art to provide a method and a system
that can mitigate the disadvantages of the prior art.
OBJECTIVE
[0025] Some of the objectives of the present disclosure, which at least one
embodiment herein satisfies, are as follows:
20 [0026] An object of the present disclosure is to enable comprehensive
compliance management across all communication channels, including voice,
message, data, and internet services, ensuring adherence to regulatory restrictions and
standards.
[0027] Another object of the present disclosure is to implement automated
25 information gathering, analysis, and reporting processes to streamline compliance
7
efforts, reduce reliance on manual tasks, and improve efficiency in meeting regulatory
requirements.
[0028] Another object of the present disclosure is to enable real-time
adaptability to evolving regulatory landscapes by providing mechanisms for instant
5 updates and adjustments to compliance measures, ensuring continuous alignment with
changing regulations.
[0029] Another object of the present disclosure is to enhance transparency in
compliance management by providing clear access to barring information for internal
stakeholders and external regulatory bodies, facilitating effective communication and
10 cooperation.
[0030] Another object of the present disclosure is to enable easy navigation and
understanding of compliance-related information, empowering users to participate in
compliance efforts and make informed decisions actively.
[0031] Another object of the present disclosure is to ensure scalability and
15 seamless integration with existing telecommunications and data service infrastructure,
allowing the system to grow and evolve alongside the business while minimizing
disruptions.
[0032] Another object of the present disclosure is to mitigate legal risks
associated with non-compliance by providing robust compliance monitoring and
20 enforcement mechanisms, thereby safeguarding the reputation and integrity of the
business.
[0033] Another object of the present disclosure is to build and maintain
customer trust and satisfaction by demonstrating a commitment to regulatory
compliance, protecting customer data and privacy, and fostering transparent
25 communication regarding compliance measures and practices.
8
[0034] Yet another object of the present disclosure is to provide technological
solutions that assist businesses and service providers in adhering to the complex web
of legal and regulatory frameworks governing the use and provision of internet
services. This helps mitigate legal risks and build trust with users.
5 [0035] Other objects and advantages of the present disclosure will be more
apparent from the following description, which is not intended to limit the scope of the
present disclosure.
SUMMARY
[0036] In an exemplary embodiment, a method for compliance management in
10 a communication network is described. The method includes extracting, by a
processing unit, a relevant regulatory data from a real-time regulatory data based on a
geographic details and a site information provided in service barring information
present in the real-time regulatory data. The method includes classifying, by the
processing unit, the service barring information based on one or more predefined
15 parameters to obtain a classified barring information. The method includes creating, by
the processing unit, a rule repository based, at least in part, on the relevant regulatory
data and the classified barring information.
[0037] In an embodiment, the service barring information comprises one or
more of a geographic details, a timing details, a barred services information, a site
20 information and a barring status.
[0038] In an embodiment, the relevant regulatory data includes site identifiers
(ID) of one or more sites where barring is applicable. The service barring information
is classified into one or more groups to facilitate management and prioritization of a
compliance effort.
25
9
[0039] In an embodiment, the extraction includes: validating, by the processing
unit, the received service barring information based on a predefined criteria, the
predefined criteria is accessed from the source system; and extracting, by the
processing unit, the relevant regulatory data from the regulatory data based on the
5 geographic details and the site information upon a successful validation.
[0040] In an embodiment, the method further includes checking, by the
processing unit, for one or more changes occurring in the real-time regulatory data at a
predefined time interval; and updating, by the processing unit, the rule repository based
on the one or more changes.
10 [0041] In an embodiment, the method further includes generating, by the
processing unit, an automated compliance report. The automated compliance report
includes details associated with adherence to regulatory standards, potential issues, and
corrective actions.
[0042] In another exemplary embodiment, a system for compliance
15 management in a communication network is disclosed. The system includes a receiving
unit configured to receive real-time regulatory data from a source system. The system
further includes a processing unit configured to extract a relevant regulatory data from
the real-time regulatory data based on geographic details and a site information
provided in a service barring information present in the real-time regulatory data. The
20 processing unit is configured to classify the service barring information based on one
or more predefined parameters to obtain a classified barring information. The
processing unit is configured to create a rule repository based, at least in part, on the
relevant regulatory data and the classified barring information.
[0043] In another exemplary embodiment, a user equipment (UE) is
25 communicatively coupled with a system. The system receives a connection request
from the UE. The system sends an acknowledgment of the connection request to the
10
UE. The UE transmits a plurality of signals in response to the connection request.
Based on the plurality of signals, the system is configured for compliance management
in a communication network.
BRIEF DESCRIPTION OF THE ACCOMPANYING DRAWING
5 [0044] The accompanying drawings, which are incorporated herein, and
constitute a part of this disclosure, illustrate exemplary embodiments of the disclosed
methods and systems in which, like reference numerals, refer to the same parts
throughout the different drawings. Components in the drawings are not necessarily to
scale emphasis instead being placed upon clearly illustrating the principles of the
10 present disclosure. Some drawings may indicate the components using block diagrams
and may not represent the internal circuitry of each component. It will be appreciated
by those skilled in the art that disclosure of such drawings includes disclosure of
electrical components, electronic components or circuitry commonly used to
implement such components.
15 [0045] FIG. 1 illustrates an exemplary network architecture for implementing
a system for compliance management in a communication network, in accordance with
an embodiment of the present disclosure.
[0046] FIG. 2 illustrates an exemplary block diagram of the system, in
accordance with an embodiment of the present disclosure.
20 [0047] FIG. 3 illustrates an exemplary architecture of the system for
compliance management in the communication network, in accordance with an
embodiment of the present disclosure.
[0048] FIG. 4 illustrates an exemplary flow diagram of a method for
compliance management in the communication network, in accordance with an
25 embodiment of the present disclosure.
11
[0049] FIG. 5 illustrates an exemplary flow diagram of a process for validating
service barring information in the telecommunication network, in accordance with an
embodiment of the present disclosure.
[0050] FIG. 6 illustrates an exemplary computer system in which or with which
5 the embodiments of the present disclosure may be implemented.
[0051] The foregoing shall be more apparent from the following more detailed
description of the disclosure.
LIST OF REFERENCE NUMERALS
100 – Network architecture
10 102-1, 102-2…102-N – Plurality of Users
104-1, 104-2…104-N – Plurality of User Equipments
106 – Network
108 – System
200 – Block Diagram
15 202 - Memory
204 – Interfaces
206 – Processing engine
208 – Receiving unit
210 – Processing unit
20 212 – Database
12
300 – Architecture
302 – Source system
304 – Global Server Load Balancer (GSLB)
306 – Primary load balancer
5 308 – Secondary load balancer
310-1, 310-2, 312 – Application Programming Interface (API) server
314 – Primary database
316 – Secondary database
400 – Method flow diagram
10 500 – Process flow diagram
600 – Computer System
610 - External Storage Device
620 – Bus
630 – Main Memory
15 640 – Read Only Memory
650 - Mass Storage Device
660 - Communication Port
670 – Processor
DETAILED DESCRIPTION
13
[0052] In the following description, for the purposes of explanation, various
specific details are set forth in order to provide a thorough understanding of
embodiments of the present disclosure. It will be apparent, however, that embodiments
of the present disclosure may be practiced without these specific details. Several
5 features described hereafter can each be used independently of one another or with any
combination of other features. An individual feature may not address any of the
problems discussed above or might address only some of the problems discussed
above. Some of the problems discussed above might not be fully addressed by any of
the features described herein. Example embodiments of the present disclosure are
10 described below, as illustrated in various drawings in which like reference numerals
refer to the same parts throughout the different drawings.
[0053] The ensuing description provides exemplary embodiments only and is
not intended to limit the scope, applicability, or configuration of the disclosure. Rather,
the ensuing description of the exemplary embodiments will provide those skilled in the
15 art with an enabling description for implementing an exemplary embodiment. It should
be understood that various changes may be made in the function and arrangement of
elements without departing from the spirit and scope of the disclosure as set forth.
[0054] Specific details are given in the following description to provide a
thorough understanding of the embodiments. However, it will be understood by one of
20 ordinary skill in the art that the embodiments may be practiced without these specific
details. For example, circuits, systems, networks, processes, and other components may
be shown as components in block diagram form in order not to obscure the
embodiments in unnecessary detail. In other instances, well-known circuits, processes,
algorithms, structures, and techniques may be shown without unnecessary detail in
25 order to avoid obscuring the embodiments.
[0055] Also, it is noted that individual embodiments may be described as a
process that is depicted as a flowchart, a flow diagram, a data flow diagram, a structure
14
diagram, or a block diagram. Although a flowchart may describe the operations as a
sequential process, many of the operations can be performed in parallel or concurrently.
In addition, the order of the operations may be re-arranged. A process is terminated
when its operations are completed but could have additional steps not included in a
5 figure. A process may correspond to a method, a function, a procedure, a subroutine, a
subprogram, etc. When a process corresponds to a function, its termination can
correspond to a return of the function to the calling function or the main function.
[0056] The word “exemplary” and/or “demonstrative” is used herein to mean
serving as an example, instance, or illustration. For the avoidance of doubt, the subject
10 matter disclosed herein is not limited by such examples. In addition, any aspect or
design described herein as “exemplary” and/or “demonstrative” is not necessarily to be
construed as preferred or advantageous over other aspects or designs, nor is it meant to
preclude equivalent exemplary structures and techniques known to those of ordinary
skill in the art. Furthermore, to the extent that the terms “includes,” “has,” “contains,”
15 and other similar words are used in either the detailed description or the claims, such
terms are intended to be inclusive like the term “comprising” as an open transition word
without precluding any additional or other elements.
[0057] Reference throughout this specification to “one embodiment” or “an
embodiment” or “an instance” or “one instance” means that a particular feature,
20 structure, or characteristic described in connection with the embodiment is included in
at least one embodiment of the present disclosure. Thus, the appearances of the phrases
“in one embodiment” or “in an embodiment” in various places throughout this
specification are not necessarily all referring to the same embodiment. Furthermore,
the particular features, structures, or characteristics may be combined in any suitable
25 manner in one or more embodiments.
[0058] The terminology used herein is to describe particular embodiments only
and is not intended to be limiting the disclosure. As used herein, the singular forms “a”,
15
“an”, and “the” are intended to include the plural forms as well, unless the context
indicates otherwise. It will be further understood that the terms “comprises” and/or
“comprising,” when used in this specification, specify the presence of stated features,
integers, steps, operations, elements, and/or components, but do not preclude the
5 presence or addition of one or more other features, integers, steps, operations, elements,
components, and/or groups thereof. As used herein, the term “and/or” includes any
combinations of one or more of the associated listed items. It should be noted that the
terms “mobile device”, “user equipment”, “user device”, “communication device”,
“device” and similar terms are used interchangeably for the purpose of describing the
10 invention. These terms are not intended to limit the scope of the invention or imply any
specific functionality or limitations on the described embodiments. The use of these
terms is solely for convenience and clarity of description. The invention is not limited
to any particular type of device or equipment, and it should be understood that other
equivalent terms or variations thereof may be used interchangeably without departing
15 from the scope of the invention as defined herein.
[0059] As used herein, an “electronic device”, or “portable electronic device”,
or “user device” or “communication device” or “user equipment” or “device” refers to
any electrical, electronic, electromechanical and computing device. The user device is
capable of receiving and/or transmitting one or parameters, performing
20 function/s, communicating with other user devices and transmitting data to the other
user devices. The user equipment may have a processor, a display, a memory, a battery
and an input-means such as a hard keypad and/or a soft keypad. The user equipment
may be capable of operating on any radio access technology including but not limited
to IP-enabled communication, Zig Bee, Bluetooth, Bluetooth Low Energy, Near Field
25 Communication, Z-Wave, Wi-Fi, Wi-Fi direct, etc. For instance, the user equipment
may include, but not limited to, a mobile phone, smartphone, virtual reality (VR)
devices, augmented reality (AR) devices, laptop, a general-purpose computer, desktop,
personal digital assistant, tablet computer, mainframe computer, or any other device as
16
may be obvious to a person skilled in the art for implementation of the features of the
present disclosure.
[0060] Further, the user device may also comprise a “processor” or “processing
unit” includes processing unit, wherein processor refers to any logic circuitry for
5 processing instructions. The processor may be a general-purpose processor, a special
purpose processor, a conventional processor, a digital signal processor, a plurality of
microprocessors, one or more microprocessors in association with a Digital Signal
Processing (DSP) core, a controller, a microcontroller, Application Specific Integrated
Circuits, Field Programmable Gate Array circuits, any other type of integrated circuits,
10 etc. The processor may perform signal coding data processing, input/output processing,
and/or any other functionality that enables the working of the system according to the
present disclosure. More specifically, the processor is a hardware processor.
[0061] As portable electronic devices and wireless technologies continue to
improve and grow in popularity, the advancing wireless technologies for data transfer
15 are also expected to evolve and replace the older generations of technologies. In the
field of wireless data communications, the dynamic advancement of various
generations of cellular technology are also seen. The development, in this respect, has
been incremental in the order of second generation (2G), third generation (3G), fourth
generation (4G), and now fifth generation (5G), and more such generations are
20 expected to continue in the forthcoming time.
[0062] Radio Access Technology (RAT) refers to the technology used by
mobile devices/ User Equipment (UE) to connect to a cellular network. It refers to the
specific protocol and standards that govern the way devices communicate with base
stations, which are responsible for providing the wireless connection. Further, each
25 RAT has its own set of protocols and standards for communication, which define the
frequency bands, modulation techniques, and other parameters used for transmitting
and receiving data. Examples of RATs include a GSM (Global System for Mobile
17
Communications), a Code Division Multiple Access (CDMA), a Universal Mobile
Telecommunications System (UMTS), a Long-Term Evolution (LTE), a Fifth
Generation (5G) technology, and a Sixth Generation (6G) technology. The choice of
RAT depends on a variety of factors, including the network infrastructure, the available
5 spectrum, and the mobile device's/device's capabilities. Mobile devices often support
multiple RATs, allowing them to connect to different types of networks and provide
optimal performance based on the available network resources.
[0063] Wireless communication technology has rapidly evolved over the past
few decades. The first generation of wireless communication technology was analog,
10 offering only voice services. Further, text messaging and data services became possible
when a Second Generation (2G) technology was introduced. A Third Generation (3G)
technology marked the introduction of high-speed internet access, mobile video
calling, and location-based services. A Fourth Generation (4G) technology
revolutionized the wireless communication with faster data speeds, improved network
15 coverage, and security. Currently, the 5G technology is being deployed, offering
significantly faster data speeds, lower latency, and the ability to connect many devices
simultaneously. These advancements represent a significant leap forward from
previous generations, enabling enhanced mobile broadband, improved Internet of
Things (IoT) connectivity, and more efficient use of network resources. The 6G
20 technology promises to build upon these advancements, pushing the boundaries of
wireless communication even further. While the 5G technology is still being rolled out
globally, research and development into the 6G are rapidly evolving, with the aim of
revolutionizing the way of connecting and interacting with technology. Currently, the
5G technology is being deployed, with even faster data speeds, low latency, and the
25 ability to connect multiple devices simultaneously. Looking ahead, 6G technology
promises to build upon these advancements, pushing the boundaries of wireless
communication even further. As wireless communication technologies have rapidly
evolved from 2G to 6G and beyond, the complexity of telecommunication network
18
deployments has increased significantly. This evolution of wireless communication
technologies ensures optimal telecommunication network performance and reliability
in modern communication systems.
[0064] While considerable emphasis has been placed herein on the components
5 and component parts of the preferred embodiments, it will be appreciated that many
embodiments can be made and that many changes can be made in the preferred
embodiments without departing from the principles of the disclosure. These and other
changes in the preferred embodiment as well as other embodiments of the disclosure
will be apparent to those skilled in the art from the disclosure herein, whereby it is to
10 be distinctly understood that the foregoing descriptive matter is to be interpreted merely
as illustrative of the disclosure and not as a limitation.
[0065] Compliance with regulatory restrictions on voice, message, data, and
internet services refers to addressing the challenges associated with ensuring that data
and internet services adhere to legal and regulatory requirements imposed by various
15 bodies governing communication networks, such as 4G, 5G, and emerging 6G
technologies. Conventional compliance practices rely on manual processes,
fragmented systems, and static compliance tools to monitor and enforce regulations
across these data and internet services, often integrated into existing
telecommunication infrastructures.
20 [0066] However, these conventional methods are inadequate due to the
dynamic nature of regulatory frameworks and the rapid evolution of communication
technologies. Manual processes are prone to errors, delays, and inconsistencies, while
fragmented systems fail to provide real-time adaptability or transparency, leading to
compliance gaps, legal risks, and diminished user trust. Service providers struggle to
25 navigate this complex landscape, increasing the potential for penalties and reputational
damage.
19
[0067] Embodiments herein relate to a method and system for compliance
management, ensuring compliance with evolving regulatory restrictions on data and
internet services offered by the communication network. The communication network,
for example, may be the 4G network, the 5G network, the 6G network, and the like.
5 The method and system offer communication network operators a comprehensive and
automated solution for managing compliance with ever-changing regulatory
landscapes. Further, the method and system improve efficiency, visibility, control, and
adaptability, ensuring a more reliable and cost-effective approach to compliance.
[0068] Hereinafter, exemplary embodiments of the present disclosure will be
10 described with reference to the accompanying drawings.
[0069] The various embodiments throughout the disclosure will be explained
in more detail with reference to FIG. 1 – FIG. 6.
[0070] FIG. 1 illustrates an exemplary network architecture 100 for
implementing a system 108 for compliance management in a communication network,
15 in accordance with an embodiment of the present disclosure. The communication
network may correspond to a network 106. Examples of the communication network
may include, the 4G network, the 5G network, the 6G network, and the like.
[0071] As illustrated in FIG. 1, the network architecture 100 may include one
or more computing devices or User Equipments (UEs) 104-1, 104-2…104-N
20 associated with one or more users 102-1, 102-2…102-N in an environment. A person
of ordinary skill in the art will understand that one or more users 102-1, 102-2…102-
N may be individually referred to as the user 102 and collectively referred to as the
users 102. Similarly, a person of ordinary skill in the art will understand that one or
more UEs 104-1, 104-2…104-N may be individually referred to as the UE 104 and
25 collectively referred to as the UEs 104. A person of ordinary skill in the art will
appreciate that the terms “computing device(s)” and “user equipment” may be used
20
interchangeably throughout the disclosure. Although three UEs 104 are depicted in
FIG. 1, however, any number of the UEs 104 may be included without departing from
the scope of the ongoing description.
[0072] In an embodiment, the UE 104 may include smart devices operating in
5 a smart environment, for example, an Internet of Things (IoT) system. In such an
embodiment, the UE 104 may include, but is not limited to, smartphones, smart
watches, smart sensors (e.g., a mechanical sensor, a thermal sensor, an electrical sensor,
a magnetic sensor, etc.), networked appliances, networked peripheral devices,
networked lighting system, communication devices, networked vehicle accessories,
10 networked vehicular devices, smart accessories, tablets, smart televisions (TVs),
computers, smart security systems, smart home systems, other devices for monitoring
or interacting with or for the user 102 and/or entities, or any combination thereof. A
person of ordinary skill in the art will appreciate that the UE 104 may include, but is
not limited to, intelligent, multi-sensing, network-connected devices, that can integrate
15 seamlessly with each other and/or with a central server or a cloud-computing system
or any other device that is network-connected.
[0073] In an embodiment, the UE 104 may include, but is not limited to, a
handheld wireless communication device (e.g., a mobile phone, a smart phone, a
phablet device, and so on), a wearable computer device (e.g., a head-mounted display
20 computer device, a head-mounted camera device, a wristwatch computer device, and
so on), a Global Positioning System (GPS) device, a laptop computer, a tablet
computer, or another type of portable computer, a media playing device, a portable
gaming system, and/or any other type of computer device with wireless communication
capabilities, and the like. In an embodiment, the UE 104 may include, but is not limited
25 to, any electrical, electronic, electro-mechanical, or an equipment, or a combination of
one or more of the above devices such as virtual reality (VR) devices, augmented
reality (AR) devices, a laptop, a general-purpose computer, a desktop, a personal digital
assistant, a tablet computer, a mainframe computer, or any other computing device.
21
Further, the UE 104 may include one or more in-built or externally coupled accessories
including, but not limited to, a visual aid device such as a camera, an audio aid, a
microphone, a keyboard, and input devices for receiving input from the user 102 or an
entity such as a touch pad, a touch enabled screen, an electronic pen, and the like. A
5 person of ordinary skill in the art will appreciate that the UE 104 may not be restricted
to the mentioned devices and various other devices may be used.
[0074] In FIG. 1, the UE 104 may communicate with the system 108 through
the network 106. In particular, the UE 104 may be communicatively coupled with the
system 108. The coupling includes receiving, by the system 108, a connection request
10 from the UE 104. Upon receiving the connection request, the coupling includes steps
of sending, by the system 106, an acknowledgment of the connection request to the UE
104. Further, the coupling includes steps of transmitting, by the UE 104, a plurality of
signals to the system 108 via the network 106 in response to the connection request.
Based on the plurality of signals, the system 108 is configured for compliance
15 management in the communication network (e.g., network 106).
[0075] In an embodiment, the network 106 may include at least one of the 4G
network, the 5G network, the 6G network, or the like. The network 106 may enable the
UE 104 to communicate with other devices in the network architecture 100 and/or with
the system 108. The network 106 may include a wireless card or some other transceiver
20 connection to facilitate this communication. In another embodiment, the network 106
may be implemented as, or include any of a variety of different communication
technologies such as a wide area network (WAN), a local area network (LAN), a
wireless network, a mobile network, a Virtual Private Network (VPN), an internet, an
intranet, a public network, a private network, a packet-switched network, a circuit25 switched network, an ad hoc network, an infrastructure network, a Public-Switched
Telephone Network (PSTN), a cable network, a cellular network, a satellite network, a
fiber optic network, or some combination thereof. In another embodiment, the network
22
106 includes, by way of example but not limitation, at least a portion of one or more
networks having one or more nodes that transmit, receive, forward, generate, buffer,
store, route, switch, process, or a combination thereof, etc. one or more messages,
packets, signals, waves, voltage or current levels, some combination thereof, or so
5 forth.
[0076] In another exemplary embodiment, the network architecture 100 may
include a centralized server (not shown) may include or comprise, by way of example
but not limitation, one or more of a stand-alone server, a server blade, a server rack, a
bank of servers, a server farm, a hardware supporting a part of a cloud service or a
10 system, a home server, a hardware running a virtualized server, one or more processors
executing code to function as a server, one or more machines performing server-side
functionality as described herein, at least a portion of any of the above, some
combination thereof.
[0077] Although FIG. 1 shows exemplary components of the network
15 architecture 100, in other embodiments, the network architecture 100 may include
fewer components, different components, differently arranged components, or
additional functional components than depicted in FIG. 1. Additionally, or
alternatively, one or more components of the network architecture 100 may perform
functions described as being performed by one or more other components of the
20 network architecture 100.
[0078] FIG. 2 illustrates an exemplary block diagram 200 of the system 108
configured for compliance management in the communication network (e.g., the
network 106), in accordance with an embodiment of the disclosure. FIG. 2 is explained
in conjunction with FIG. 1.
25 [0079] In an embodiment, the compliance management refers to a process of
ensuring that all communication services provided within the network 106 adhere to
23
applicable regulatory requirements, including restrictions on voice, message, data, and
internet services. The system 108 provides solutions to meet compliance standards and
restrictions imposed by various regulatory bodies or laws governing data and internet
services. In essence, the system 108 aims to provide technological solutions that assist
5 businesses and service providers in adhering to the complex web of legal and regulatory
frameworks governing the use and provision of internet services. This helps mitigate
legal risks and build trust with users.
[0080] In an embodiment, the system 108 may include a processing engine
206. The processing engine 206 may be implemented as one or more microprocessors,
10 microcomputers, microcontrollers, digital signal processors, central processing units,
logic circuitries, and/or any devices that process data based on operational instructions.
Among other capabilities, the processing engine 206 may be configured to fetch and
execute computer-readable instructions stored in a memory 202 of the system 108. The
memory 202 may be configured to store one or more computer-readable instructions
15 or routines in a non-transitory computer-readable storage medium, which may be
fetched and executed to perform compliance management in the communication
network. The memory 202 may include any non-transitory storage device including,
for example, volatile memory such as a Random-Access Memory (RAM), or a nonvolatile memory such as an Erasable Programmable Read Only Memory (EPROM), a
20 flash memory, and the like.
[0081] In an embodiment, the processing engine 206 may be implemented as a
combination of hardware and programming (for example, programmable instructions)
to implement one or more functionalities of the processing engine 206. In the examples
described herein, such combinations of hardware and programming may be
25 implemented in several different ways. For example, the programming for the
processing engine 206 may be processor-executable instructions stored on a nontransitory machine-readable storage medium and the hardware for the processing
24
engine 206 may comprise a processing resource (for example, one or more processors),
to execute such instructions. In the present examples, the machine-readable storage
medium may store instructions that, when executed by the processing resource,
implement the processing engine 206. In such examples, the system 108 may comprise
5 the machine-readable storage medium storing the instructions and the processing
resource to execute the instructions, or the machine-readable storage medium may be
separate but accessible to the system 108 and the processing resource. In other
examples, the processing engine 206 may be implemented by electronic circuitry.
[0082] In an embodiment, the system 108 may include an interface(s) 204 (also
10 referred to as a User Interface (UI)). The interface(s) 204 may include a variety of
interfaces, for example, interfaces for data input and output devices (I/O), storage
devices, and the like. The interface(s) 204 may facilitate communication through the
system 108. The interface(s) 204 may also provide a communication pathway for one
or more components of the system 108. Examples of such components include, but are
15 not limited to, the processing engine 206 and a database 212. The processing engine
206 includes a receiving unit 208 and a processing unit 210. In an embodiment, the
receiving unit 208 and the processing unit 210 may be in communication with each
other to facilitate compliance management in the communication network.
[0083] To facilitate compliance management, initially, the receiving unit 208
20 is configured to receive real-time regulatory data from a source system. The real-time
regulatory data may include service barring information. In an embodiment, the service
barring information may include, but is not limited to, one or more of geographic
details, timing details, barred services information, site information and barring status.
[0084] The geographic details refer to location-specific data such as city
25 names, region codes, or Global Positioning System (GPS) coordinates, where
regulatory restrictions (e.g., specific regulations, permitted data usage limits) are
applicable. For example, geographic details may indicate that data services are barred
25
in a particular region due to local privacy laws, enabling the system 108 to enforce
compliance based on user location data obtained via Internet Protocol (IP) addresses or
GPS coordinates.
[0085] Further, the timing details indicate a duration or scheduling of the
5 restriction, such as start time and end time, specifying when the barring of services
becomes active and when it is expected to be lifted. For example, timing details may
specify that a service ban is active from 8:00 PM to 6:00 AM daily to comply with
curfew-related regulations, allowing the system 108 to dynamically adjust barring
actions in real-time.
10 [0086] Further, the barred services information includes a list of specific
services subject to restrictions, such as voice calls, messaging, data streaming, or
internet access. For example, barred services information may prohibit video streaming
in a region due to bandwidth limitations, enabling the system 108 to block or throttle
such services as required by regulatory mandates.
15 [0087] Further, the site information pertains to an identification of affected
network elements or infrastructure components, such as cell towers, site identifiers
(IDs), base station identifiers, or data centres, where the barring applies. For example,
site information may indicate that a specific cell tower in a high-risk area enforces
barring to comply with security regulations, allowing the system 108 to target
20 compliance efforts at precise locations.
[0088] Further, the barring status indicates the current state of the barring
enforcement, such as active, inactive, or pending, providing a real-time record of
compliance measures. For example, a barring status of “active” may reflect an ongoing
restriction on data usage due to a regulatory audit, enabling the system 108 to monitor
25 and report on compliance adherence effectively.
26
[0089] In an embodiment, the source system may refer to a centralized or
distributed network entity within the communication network that collects and provides
real-time regulatory data to the compliance management system (e.g., the system 108).
The source system, such as a Network Operations Center (NOC) or a regulatory
5 database, collects data from various sources, including governmental regulatory
bodies, network operators, or third-party compliance platforms, to ensure the system
108 receives up-to-date information on service barring and legal requirements. The
source system may operate over communication networks such as the 4G, 5G, and 6G,
and communicate with the receiving unit 208 of the system 108 to facilitate processing
10 and enforcement of regulatory restrictions on voice, message, data, and internet
services. The receiving unit 208 may further send the real-time regulatory data to the
processing unit 210.
[0090] Upon receiving the real-time regulatory data, the processing unit 210
may be configured to extract relevant regulatory data from the real-time regulatory data
15 based on the geographic details and the site information provided in service barring
information present in the real-time regulatory data. The service barring information
includes specific details that define the scope and conditions of regulatory restrictions,
such as geographic details indicating regions where services are restricted (e.g., a
country or city under data usage limits), site information identifying network
20 infrastructure points like cell towers or data centers where barring applies, timing
details specifying when restrictions are active (e.g., during specific hours), barred
services information listing the services affected (e.g., messaging or streaming), and
barring status indicating whether the restriction is currently active, inactive, or pending.
The relevant regulatory data includes prioritization (IDs) of one or more sites where
25 barring is applicable. The site IDs refer to unique alphanumeric codes or labels (e.g.,
“CT-001” for a cell tower or “DC-015” for a data center) assigned to individual
network sites within the communication network infrastructure. These site IDs are used
to identify and differentiate physical or logical sites such as base stations, cell towers,
27
or access points. Site IDs enable the system 108 to accurately map regulatory
restrictions to the corresponding network locations, ensuring that service barring is
applied only to the intended areas.
[0091] In some embodiments, to extract the relevant regulatory data from the
5 regulatory data, the processing unit 210 is configured to validate the received service
barring information based on a predefined criteria. In an embodiment, the predefined
criteria may be accessed from the source system. During validation, the processing unit
210 checks whether the received service barring information is correct by comparing
its consistency with the predefined criteria. The predefined criteria may include data
10 integrity rules, expected formats, mandatory fields, and logical consistency checks. For
example, the processing unit 210 may verify whether each service barring entry
contains valid geographic coordinates or region codes, whether the site IDs exist within
the network 106, and whether the timing details fall within acceptable boundaries. The
purpose of the validation is to ensure that only correct, complete, and actionable
15 regulatory data proceeds further into the compliance process, thereby preventing
erroneous enforcement of restrictions.
[0092] Upon successful validation (i.e., if each service barring entry contains
the valid geographic coordinates or the region codes, the site IDs exist within the
network 106, and the timing details fall within acceptable boundaries), the processing
20 unit 210 may extract the relevant regulatory data from the real-time regulatory data
based on the geographic details and the site information. The extraction may be
performed by filtering information based on the geographic details and the site
information, ensuring that only applicable data, like barring rules for specific regions
or sites, is processed for compliance enforcement. In some embodiments, prior to
25 extraction, the processing unit 210 may parse the validated barring information to
transform it into a structured format, such as geographic details, site identifiers, timing
details, barred services information, and barring status. The parsing structures the data
28
for efficient filtering, enabling the processing unit 210 to extract the relevant regulatory
data that aligns with the predefined criteria for compliance management within the
communication network. This is further explained in greater detail in conjunction with
FIG. 5.
5 [0093] Upon extracting the relevant regulatory data, the processing unit 210
may further classify the service barring information based on one or more predefined
parameters to obtain a classified barring information. The one or more predefined
parameters may include, but are not limited to, data type (e.g., voice, SMS, internet),
sensitivity level (e.g., high-priority regulatory zones, emergency restrictions), and
10 regulatory requirements (e.g., local authority mandates, national security rules). In
particular, the classification is performed by analyzing each unit of service barring
information against the one or more predefined parameters. For example, the data type
is identified to determine whether the restriction applies to voice, messaging, or internet
services. The sensitivity level is assessed based on the nature of the restriction and the
15 criticality of the region, such as whether the area is a conflict zone, high-security event
location, or under emergency regulations. The regulatory requirements are matched
against known compliance rules to group the information according to applicable legal
mandates.
[0094] In an embodiment, the service barring information is classified into one
20 or more groups (referred to as the classified barring information, for example, a service
barred information based on voice, a service barred information based on data, a service
barred information based on sensitivity, etc.) to facilitate management and
prioritization of compliance efforts (based on high-impact or time-sensitive regulatory
requirements). The management of compliance efforts refers to organizing, tracking,
25 and applying regulatory rules in a structured manner across different network sites and
service types. Further, the prioritization enables the system 108 to address high-impact
or time-sensitive regulatory requirements, such as emergency service barring, before
29
handling lower-risk or scheduled directives. This ensures efficient resource allocation,
minimizes response delays, and reduces non-compliance risk by focusing efforts based
on urgency and regulatory importance. Each group may correspond to a specific
category based on regulatory urgency, service type, or geographical sensitivity. For
5 example, the service barring information that is time-sensitive or legally mandated
under emergency conditions may be placed into high-priority groups, while less critical
service barring information may be placed into lower-priority groups. The grouping
enables the system 108 to apply compliance actions in a targeted and sequenced
manner, allowing faster enforcement where required, efficient resource allocation, and
10 clearer visibility for audit and monitoring purposes. In an embodiment, prioritization
is performed by evaluating one or more predefined parameters associated with each
barring entry, such as: a sensitivity level (e.g., high-priority for national security or
emergency events), an effective time window (e.g., immediate vs. scheduled future
enforcement), a service type (e.g., voice restrictions may take precedence over non15 critical data barring), and a regulatory source (e.g., mandatory orders from national
authorities may be ranked higher than regional advisories). Based on these parameters,
the system 108 applies internal rule-based logic to assign a priority level (e.g., high,
medium, low) to each classified group. This allows the system to enforce time-critical
or high-risk regulations first, followed by less critical actions, thereby ensuring
20 optimized resource allocation, reduced response time, and minimized risk of noncompliance.
[0095] The processing unit 210 is further configured to create a rule repository
based, at least in part, on the relevant regulatory data and the classified barring
information. In an embodiment, creating the rule repository involves aggregating the
25 extracted regulatory data, such as site identifiers and geographic details, with the
classified barring information, which has been grouped based on predefined
parameters, such as data type or sensitivity level, to form a structured collection of
compliance rules.
30
[0096] In some embodiments, the processing unit 210 may be configured to
map the classified data to specific regulatory rules stored in the rule repository. With
the regulatory data classified, the processing unit 210 maps each category to the
corresponding regulatory rules stored in the rule repository. This mapping ensures that
5 each piece of regulatory data is associated with the appropriate regulations, allowing
for accurate interpretation and enforcement of compliance measures.
[0097] In an embodiment, the rule repository acts as a foundation for
compliance management. In particular, the rule repository supports various operations
such as real-time decision-making, customer query resolution, compliance reporting,
10 and audit logging. The rule repository includes site-wise barring information
corresponding to the one or more sites of the communication network. The site-wise
barring information includes at least one of a barred services list and end-time details
of the barred services present in the barred services list. The barred services list
identifies specific services restricted at each site, such as prohibiting data streaming or
15 messaging due to regulatory mandates. Additionally, the end-time details specify the
expiration of these restrictions, such as a date or time when a temporary ban on a
service may be lifted, allowing the system 108 to update compliance actions.
[0098] In some embodiments, the processing unit 210 may check for one or
more changes occurring in the real-time regulatory data at a predefined time interval
20 (e.g., every hour or daily). The checking process may involve periodically querying the
source system, such as every hour or daily, to detect the one or more changes. For
example, the one or more changes may include updates in regulatory data within one
hour or daily, such as new barring rules, modified geographic restrictions, or changes
in service status, ensuring the system 108 remains aligned with the latest legal
25 requirements. The predefined time interval may be customizable may be the system
(108) defined or the operator defined. Based on the one or more changes, the
processing unit 210 may update the rule repository. The update involves revising the
31
existing entries in the rule repository by adding new barring information, modifying
existing rules to reflect updated geographic or site-specific restrictions, or removing
outdated rules, thereby maintaining an accurate and current foundation for compliance
management across the communication network.
5 [0099] In some embodiments, upon creating the rule repository, the system 108
may further provide access to the created rule repository to a plurality of users (e.g.,
users 102). The plurality of users is predefined and selected based on their roles within
the communication network, such as regulatory compliance managers or site operators,
and their identities are established in advance to maintain security and restrict access
10 to authorized individuals only. Once the access is provided to each user of the plurality
of users, the system 108 may add each user of the plurality of users to an authentic user
list. In an embodiment, the authentic user list is maintained in the database 212. The
authentic user list is a record of authorized users, containing details like user IDs, roles,
and access levels, which the system 108 uses to track and manage user permissions
15 effectively.
[00100] Further, the processing unit 210 may perform an authentication of each
user of the plurality of users trying to access the rule repository using the authentic user
list. User authentication mechanisms are implemented to verify the identity of
individuals accessing the communication network. Based on the classified data and
20 associated regulatory rules, the processing unit 210 assigns specific user roles and
permissions, dictating the level of access and authority each user has within the
network 106. The authentication involves verifying user credentials, such as usernames
and passwords, against the authentic user list to confirm their identity and access rights,
preventing unauthorized access.
25 [00101] In an embodiment, the processing unit 210 may generate an automated
compliance report. The generation involves compiling data from the rule repository
and real-time regulatory data to create a summary of compliance activities, which is
32
automatically produced at regular intervals or triggered by specific events like
regulatory updates. The automated compliance report includes details associated with
adherence to regulatory standards, potential issues, and corrective actions. These
details include metrics such as a percentage of compliance across sites, specific
5 instances of non-compliance (e.g., a barred service still active in a restricted region),
identified risks like outdated barring rules, and recommended actions such as updating
the rule repository or notifying site operators. These reports provide details of the
network’s compliance status, facilitating informed decision-making and regulatory
compliance management. In some embodiments, the automated compliance report may
10 be shared with one or more users. The sharing involves distributing the report to
predefined users, such as compliance officers or network administrators, via secure
channels like email notifications or a dashboard interface, enabling the one or more
users 102 to review and act on the findings to maintain regulatory adherence.
[00102] In some embodiments, upon creation of the rule repository, the
15 receiving unit 208 is configured to receive a customer query from at least one customer.
The customer query includes location information (e.g., latitude and/or longitude) of
the at least one customer, which may be derived from GPS coordinates, cell tower
triangulation, or customer-provided address details. The at least one customer may
initiate customer query through self-service channels such as a mobile application, a
20 customer care portal, or by contacting the call center. For example, a customer may
ask, “Why is my internet not working in my area?” or “Are voice calls currently
restricted in my location?”.
[00103] Upon receiving the customer query, the receiving unit 208 forwards it
to the processing unit 210. The processing unit 210 is configured to create a location
25 query for the at least one customer based on the location information of the respective
at least one customer. To ensure comprehensive coverage, a predefined margin is added
to the location coordinates or region for the creation of the location query. The margin
33
(e.g., a radius of 5 kilometres around a customer's coordinates) allows the system 108
to include nearby sites or zones that may influence service availability at the location
coordinates, especially in edge or overlapping coverage areas.
[00104] The processing unit 210 is configured to execute the location query on
5 the rule repository to extract the site-wise barring information of at least one site that
comes under the customer location. The execution involves searching the rule
repository to identify barring rules for sites, such as cell towers or data centers, within
the customer location. This enables the system 108 to retrieve precise information
about which services are restricted in the customer location and for how long. Based
10 on the extracted barring information, the processing unit 210 is configured to answer
the customer query using a predefined medium. The predefined medium may include
one of a call, an email communication, a text communication, or a notification.
[00105] In an embodiment, to answer the customer query based on the extracted
barring information, the processing unit 210 is configured to process the customer
15 query using a Natural Language Processing (NLP) technique to obtain the context of
the customer query. The processing involves analyzing the customer query’s text or
speech input through an NLP algorithm, such as tokenization and semantic analysis, to
identify key terms and intent, like a customer asking, “Can I use streaming services
here?”. The processing unit 210 is configured to determine whether the context is
20 related to barred services. This determination step checks if the identified intent
pertains to services listed in the extracted barring information, such as verifying if the
query about streaming services matches a barred service category like video streaming
in the customer’s location.
[00106] Upon determining that the context is associated with the barred services,
25 the processing unit 210 is configured to answer the customer query based on the
extracted barring information using the predefined medium. The answer is formulated
by mapping the customer query’s context to the barring details, such as informing the
34
customer that streaming is restricted due to regulatory limits, and delivering this
response via the predefined medium, such as a text message or email, ensuring precise,
and timely communication.
[00107] In an embodiment, the database 212 includes data (e.g., the real-time
5 regulatory data, the rule repository, the authentic user list, and the automated
compliance report, etc.) that may be either stored or generated as a result of
functionalities implemented by any of the components of the processing engine 206.
In some embodiments, the database 212 may be configured to store the processed,
classified, and mapped data, such as compliance reports, audit trails, and logging
10 mechanisms received from the processing unit 210. The database 212 ensures that the
information is securely retained for future reference, analysis, and retrieval as needed
for compliance management and reporting purposes.
[00108] In some embodiments, the processing unit 210 is configured to establish
an audit and logging mechanism to record all relevant activities, access attempts, and
15 changes for accountability purposes. An audit trail and logging mechanism are
implemented to track and record all activities within the communication network. This
ensures transparency and accountability, enabling thorough monitoring and analysis of
compliance-related activities.
[00109] In some embodiments, the processing unit 210 is configured to develop
20 an incident response plan with one or more predefined steps for addressing noncompliance incidents. An incident response plan is developed to outline the one or
more predefined steps and procedures for addressing non-compliance incidents
promptly and effectively. This approach helps mitigate risks and minimize the impact
of compliance breaches on the communication network.
25 [00110] In some embodiments, the processing unit 210 is configured to
implement automated or manual remediation processes to correct compliance issues.
35
These processes address compliance issues identified through monitoring and reporting
and enable prompt resolution of non-compliance incidents, ensuring the integrity and
security of the communication network.
[00111] In some embodiments, the processing unit 210 is configured to design
5 the system 108 to scale efficiently with the growing volume of data and users. This
involves architectural planning and implementation to ensure the communication
network seamlessly accommodates increasing data traffic and user demands over time.
Scalability considerations include adopting flexible infrastructure, distributed
computing techniques, and scalable data storage solutions to support the network's
10 expansion while maintaining performance and reliability.
[00112] In some embodiments, the processing unit 210 is configured to optimize
the system performance through efficient algorithms and data processing methods. The
system 108 employs optimization techniques such as algorithmic improvements, data
caching, parallel processing, and resource allocation optimization to enhance the
15 performance of the system 108. The communication network 106 may achieve optimal
throughput, responsiveness, and resource utilization by fine-tuning the processes of the
system 108, thereby delivering an enhanced user experience.
[00113] In some embodiments, the processing unit 210 is configured to establish
a process for continuous improvement based on feedback, emerging regulatory trends,
20 and technological advancements. Continuous improvement is integral to ensuring the
system's ongoing effectiveness and relevance. This involves gathering feedback from
stakeholders, monitoring emerging regulatory trends, and staying abreast of
technological advancements in the field. This information is used to iteratively refine
and enhance the system 108, ensuring it remains aligned with evolving requirements
25 and best practices.
36
[00114] In some embodiments, the processing unit 210 is configured to update
the system 108 to incorporate the latest regulatory requirements. Given the dynamic
nature of regulatory landscapes, keeping the communication network 106 updated with
the latest regulatory requirements is essential. This involves periodically reviewing and
5 analyzing regulatory changes and updates and promptly implementing any necessary
modifications to ensure ongoing compliance. This approach helps to mitigate
regulatory risks and ensures that the communication network always complies with
current regulations.
[00115] FIG. 3 illustrates an exemplary architecture 300 of the system 108 for
10 compliance management in the communication network (e.g., the network 106), in
accordance with an embodiment of the present disclosure. FIG. 3 is explained in
conjunction with FIGS. 1 and 2.
[00116] The architecture 300 includes a source system 302, a Global Server
Load Balancer (GSLB) 304, a primary load balancer 306, a secondary load balancer
15 308, one or more primary Application Programming Interface (API) servers (e.g., API
server 1 310-1, API server 2 310-2), secondary API server (e.g., API server 312), and
the database 212.
[00117] As discussed earlier, in order to facilitate compliance management, the
source system 302 may initially receive real-time regulatory data. The source system
20 302 may be a Network Operations Center (NOC) or a regulatory database that collects
data from various sources, including governmental regulatory bodies, network
operators, or third-party compliance platforms, to ensure the system 108 receives realtime information on service barring and legal requirements. The source system 302
may operate over a private communication network (such as an Intranet) to transmit
25 the real-time regulatory data to the GSLB 304. In an embodiment, the real-time
regulatory data may include service barring information. The service barring
37
information may include one or more of the geographic details, timing details, barred
services information, site information and barring status.
[00118] In an embodiment, the GSLB 304 may be configured to direct traffic
(e.g., real-time regulatory data) in a geographically distributed network. Further, the
5 GSLB 304 considers one or more parameters, such as user location, server health,
server availability, and server performance, to distribute traffic across multiple data
centers worldwide. In an embodiment, the GSLB 304 is the first point of contact for
traffic distribution. Based on its pre-configured settings, the GSLB 304 decides
whether to direct the traffic to the primary load balancer 306 (also referred to as a
10 production load balancer) or the secondary load balancer 308 (also referred to as a
disaster load balancer).
[00119] In an embodiment, the decision whether to direct the traffic to the
primary load balancer 306 or the secondary load balancer 308 may be based on one or
more factors, for example, but not limited to,
15 • User Location: If a user is geographically closer to the data center with the
secondary load balancer 308, the GSLB 304 may route the traffic to the secondary load
balancer 308 to minimize latency.
• Server Load: If the primary load balancer 306 is experiencing heavy traffic, the
GSLB 304 may divert the traffic to the secondary load balancer 308 for better
20 performance.
• Planned Maintenance: If maintenance is scheduled on the primary load balancer
306, the GSLB 304 may direct traffic to the secondary load balancer 308 to avoid
service disruptions.
[00120] In an embodiment, the primary load balancer 306 acts as an active load
25 balancer in regular operation. The primary load balancer 306 receives incoming data
38
traffic containing service barring information from the source system 302. The primary
load balancer 306 may consider one or more factors, such as, but not limited to, server
load, response times, and health, to ensure no single server becomes overloaded to
maintain smooth system performance and prevent latency.
5 [00121] In an embodiment, the secondary load balancer 308 acts as a passive or
backup load balancer and remains inactive during regular operation. The primary
function of the secondary load balancer 308 is to take over data traffic distribution if
the primary load balancer 306 encounters failure. This failure may be due to various
reasons, such as, but not limited to, hardware malfunction, software crashes, or
10 scheduled maintenance. The secondary load balancer 308 ensures that the system 108
remains operational even if the primary load balancer 306 experiences issues.
[00122] The primary load balancer 306 (in normal condition) and the secondary
load balancer 308 (in overload or disaster condition) may be configured to distribute
the traffic efficiently to the processing engine 206. In an embodiment, the processing
15 engine 206 may be implemented as the one or more primary API servers (e.g., API
server 1 310-1, API server 2 310-2), and the secondary API server (e.g., API server
312).
[00123] In an embodiment, the primary load balancer 306 directs the traffic to
the one or more primary API servers (310-1 and 310-2), which process the regulatory
20 data for compliance tasks. During high loads or failures of the primary load balancer
306, the secondary load balancer 308 routes traffic to the secondary API server 312,
acting as a backup to maintain system continuity. In an embodiment, the one or more
primary API servers and the secondary API server may implement a Representational
State Transfer (REST)-based API to process the traffic (i.e., regulatory data) in real25 time, utilizing cutting-edge technology for instant accessibility to end users (e.g.,
compliance officers or customers).
39
[00124] In an embodiment, the one or more primary API servers (e.g., API
server 1 310-1, API server 2 310-2), and the secondary API server (e.g., API server
312), functioning as the processing engine 206, handle tasks (e.g., validation of service
barring information, extraction of relevant regulatory data, classification of the service
5 barring information, creation of the rule repository, and generation of the automated
compliance report), as already described in FIG. 2.
[00125] The database 212 includes a primary database 314 and a secondary
database 316. In an embodiment, the primary database 314 stores the rule repository,
the authentic user list, the automated compliance report, etc. To ensure data resiliency
10 and fault tolerance, the architecture 300 supports real-time data replication from the
primary database 314 to a secondary database 316, which acts as a backup data store
and may be used for read operations, disaster recovery, or load balancing under highvolume conditions, ensuring data consistency and availability across the system 108.
[00126] In an embodiment, once the rule repository and automated compliance
15 reports are stored in the database 212. The database 212 may be utilized to address
customer queries by providing site-specific barring information through the one or
more primary API servers and the secondary API servers, enabling quick resolution of
inquiries about service restrictions, and are accessed by compliance teams to monitor
adherence, identify issues, and implement corrective actions, ensuring effective
20 regulatory across the communication network.
[00127] FIG. 4 illustrates an exemplary flow diagram of a method 400 for
compliance management in the communication network (e.g., the network 106), in
accordance with an embodiment of the present disclosure. FIG. 4 is explained in
conjunction with FIGS. 1, 2, and 3. Each step of the method 400 may be performed by
25 various units (e.g., the receiving unit 208 and the processing unit 210), present within
the processing engine 206 of the system 108.
40
[00128] In order to facilitate compliance management in the communication
network, initially as an optional step, the method 400 includes receiving, by the
receiving unit 208, a real-time regulatory data from the source system 302. The realtime regulatory data includes a service barring information. In an embodiment, the
5 service barring information includes one or more of a geographic details, a timing
details, a barred services information, a site information and a barring status.
[00129] At step 402, the method 400 includes extracting, by the processing unit
210, relevant regulatory data from the real-time regulatory data based on geographic
details and a site information provided in the service barring information present in the
10 real-time regulatory data. In an embodiment, the relevant regulatory data includes site
identifiers (ID) of one or more sites where barring is applicable.
[00130] At step 404, the method 400 includes classifying, by the processing unit
210, the service barring information based on one or more predefined parameters to
obtain a classified barring information. The one or more predefined parameters include,
15 but are not limited to, a data type (e.g., voice, data, internet), a sensitivity level (public,
confidential, highly sensitive), and regulatory requirements (e.g., specific regulations,
permitted data usage limits). Additionally, the one or more parameters may include
user access permissions, compliance risk assessments, data retention policies,
monitoring criteria, incident response thresholds, encryption standards, reporting
20 formats, and change management controls. Once the regulatory data is integrated into
the system 108, it undergoes classification based on its sensitivity and relevance to
regulatory requirements. In an embodiment, the service barring information is
classified into one or more groups to facilitate management and prioritization of
compliance efforts.
25 [00131] At step 406, the method 400 includes creating, by the processing unit
210, a rule repository based, at least in part, on the relevant regulatory data and the
classified barring information. In an embodiment, the rule repository is created in the
41
database 212. The rule repository includes site-wise barring information of the one or
more sites of the communication network 106. The site-wise barring information
includes at least one of the barred services list and end-time details of the barred
services present in the barred services list. The rule repository acts as a foundation for
5 compliance management.
[00132] In an embodiment, the method 400 further includes receiving, by the
receiving unit 208, a customer query from at least one customer. The customer query
includes location information of the at least one customer. The method 400 further
includes creating, by the processing unit 210, a location query for the at least one
10 customer based on the location information of the respective at least one customer. In
an embodiment, a predefined margin is added to the location information for the
creation of the location query. The method 400 further includes executing, by the
processing unit 210, the location query on the rule repository to extract the site-wise
barring information of at least one site that comes under customer location. The method
15 400 further includes answering, by the processing unit 210, the customer query based
on the extracted barring information using a predefined medium. In an embodiment,
the predefined medium is one of: a call, an email communication, a text communication
and a notification.
[00133] In an embodiment, for answering the customer query based on the
20 extracted barring information using the predefined medium, the method 400 includes
processing, by the processing unit 210, the customer query using a natural language
processing technique to obtain a context of the customer query. The method 400 further
includes determining, by the processing unit 210, whether the context is related to
barred services. Upon determining that the context is associated with the barred
25 services, the method 400 further includes answering, by the processing unit 210, the
customer query based on the extracted barring information using the predefined
medium.
42
[00134] In an embodiment, to extract relevant regulatory data from the
regulatory data based on the geographic details and the site information, the method
400 includes validating, by the processing unit 210, the received service barring
information based on a predefined criteria. In an embodiment, the predefined criteria
5 is accessed from the source system. The method 400 further includes extracting, by the
processing unit 210, the relevant regulatory data from the regulatory data based on the
geographic details and the site information upon successful validation.
[00135] In an embodiment, the method 400 further includes checking, by the
processing unit 210, for one or more changes occurring in the real-time regulatory data
10 at a predefined time interval. The method 400 further includes updating, by the
processing unit 210, the rule repository based on the one or more changes.
[00136] In an embodiment, the method 400 further includes generating, by the
processing unit 210, an automated compliance report. The automated compliance
report includes details associated with adherence to regulatory standards, potential
15 issues, and corrective actions.
[00137] FIG. 5 illustrates an exemplary flowchart of a process 500 of validating
service barring information in the telecommunication network (i.e., the network 106),
in accordance with an embodiment of the present disclosure. FIG. 5 is explained in
conjunction with FIGS. 1, 2, 3, and 4. Each step of the process 500 may be performed
20 by various units present within the processing engine 206 of the system 108.
[00138] To validate the service barring information initially, at step 502, process
500 starts with the receiving unit 208, which receives the real-time regulatory data,
including service barring information. The service barring information includes the
geographic details, timing details, barred services information, site information and
25 barring status.
43
[00139] At step 504, the processing unit 210 validates the service barring
information. In other words, the processing unit 210 verifies whether the barring
information aligns with the regulatory rules integrated into the system 108. The
validation involves identifying whether the received service barring information aligns
5 with relevant regulatory requirements based on the geographic location and nature of
data and internet services. This step also ensures data integrity, compliance with
regulatory formats, and alignment with legal standards to confirm accuracy and
reliability. The validation ensures compliance with regulatory standards in the
communication network.
10 [00140] At step 506, upon successful validation, the processing unit 210 parses
the barring information to extract structured components, such as service types (e.g.,
voice, data, SMS), start and end times, and site-level applicability. In an embodiment,
parsing transforms the data into a normalized format suitable for storage and query
execution.
15 [00141] At step 508, the processing engine 206 saves the parsed information in
a database (e.g., the database 212). The database 212 stores the parsed barring
information as part of the rule repository, making it available for compliance tasks like
customer query resolution and compliance reporting, as described in earlier
embodiments.
20 [00142] If the barring information is incorrect, the process 500 moves to step
512, where the processing unit 210 sends a notification. In an embodiment, the
notification may be sent via email or a system alert to compliance teams, informing
relevant stakeholders about the validation failure, including details of the incorrect data
(e.g., a mismatch in site identifiers), enabling corrective actions to be taken promptly.
25 Further, at step 514, the process 500 ends. This step concludes the validation workflow,
ensuring that either the barring information has been successfully validated, parsed,
and stored for compliance management, or a notification has been sent for incorrect
44
data, maintaining the system integrity and adherence to regulatory standards across the
communication network.
[00143] FIG. 6 illustrates an exemplary computer system 600 in which or with
which embodiments of the present disclosure may be implemented. As shown in FIG.
5 6, the computer system 600 may include an external storage device 610, a bus 620, a
main memory 630, a read-only memory 640, a mass storage device 650,
communication port(s) 660, and a processor 670. A person skilled in the art will
appreciate that the computer system 600 may include more than one processor and
communication ports. The processor 670 may include various modules associated with
10 embodiments of the present disclosure. The communication port(s) 660 may be any of
an RS-232 port for use with a modem-based dialup connection, a 10/100 Ethernet port,
a Gigabit or 10 Gigabit port using copper or fiber, a serial port, a parallel port, or other
existing or future ports. The communication port(s) 660 may be chosen depending on
a network, such a Local Area Network (LAN), Wide Area Network (WAN), or any
15 network to which the computer system 600 connects.
[00144] The main memory 630 may be Random-Access Memory (RAM), or any
other dynamic storage device commonly known in the art. The read-only memory 640
may be any static storage device(s) e.g., but not limited to, a Programmable Read Only
Memory (PROM) chips for storing static information e.g., start-up or Basic
20 Input/Output System (BIOS) instructions for the processor 670. The mass storage
device 650 may be any current or future mass storage solution, which can be used to
store information and/or instructions. The mass storage device 650 includes, but is not
limited to, Parallel Advanced Technology Attachment (PATA) or Serial Advanced
Technology Attachment (SATA) hard disk drives or solid-state drives (internal or
25 external, e.g., having Universal Serial Bus (USB) and/or Firewire interfaces), one or
more optical discs, a Redundant Array of Independent Disks (RAID) storage, e.g. an
array of disks.
45
[00145] The bus 620 communicatively couples the processor 670 with the other
memory, storage, and communication blocks. The bus 620 may be, e.g. a Peripheral
Component Interconnect (PCI)/PCI Extended (PCI-X) bus, Small Computer System
Interface (SCSI), Universal Serial Bus (USB), or the like, for connecting expansion
5 cards, drives, and other subsystems as well as other buses, such a front side bus (FSB),
which connects the processor 670 to the computer system 600.
[00146] Optionally, operator and administrative interfaces, e.g. a display,
keyboard, joystick, and a cursor control device, may also be coupled to the bus 620 to
support direct operator interaction with the computer system 600. Other operator and
10 administrative interfaces can be provided through network connections connected
through the communication port(s) 660. The components described above are meant
only to exemplify various possibilities. In no way should the aforementioned
exemplary computer system 600 limit the scope of the present disclosure.
[00147] While the foregoing describes various embodiments of the invention,
15 other and further embodiments of the invention may be devised without departing from
the basic scope thereof. The scope of the invention is determined by the claims that
follow. The invention is not limited to the described embodiments, versions or
examples, which are included to enable a person having ordinary skill in the art to make
and use the invention when combined with information and knowledge available to the
20 person having ordinary skill in the art.
[00148] The method and system of the present disclosure may be implemented
in a number of ways. For example, the methods and systems of the present disclosure
may be implemented by software, hardware, firmware, or any combination of software,
hardware, and firmware. The above-described order for the steps of the method is for
25 illustration only, and the steps of the method of the present disclosure are not limited
to the order specifically described above unless specifically stated otherwise. Further,
in some embodiments, the present disclosure may also be embodied as programs
46
recorded in a recording medium, the programs including machine-readable instructions
for implementing the methods according to the present disclosure. Thus, the present
disclosure also covers a recording medium storing a program for executing the method
according to the present disclosure.
5 [00149] While considerable emphasis has been placed herein on the preferred
embodiments, it will be appreciated that many embodiments can be made and that
many changes can be made in the preferred embodiments without departing from the
principles of the disclosure. These and other changes in the preferred embodiments of
the disclosure will be apparent to those skilled in the art from the disclosure herein,
10 whereby it is to be distinctly understood that the foregoing descriptive matter is to be
implemented merely as illustrative of the disclosure and not as a limitation.
[00150] The present disclosure provides a technical advancement related to
compliance management in telecommunication networks. This advancement addresses
the limitations of existing solutions by automating real-time processing and
15 enforcement of regulatory restrictions, overcoming the inefficiencies of manual and
fragmented approaches. The disclosure involves a system utilizing a REST-based API,
real-time regulatory data validation, and a dynamic rule repository, which significantly
improves overall performance, reduces response times, and enables real-time data
processing. The most unique aspects of the present disclosure include integration into
20 technological infrastructure, ensuring compliance is seamlessly embedded into the
design and operation of data and internet services rather than a mere checkbox exercise;
real-time compliance monitoring and updates, allowing the system to dynamically
adapt to emerging regulations through continuous oversight; and user-friendly
implementation, providing intuitive and accessible solutions for businesses and service
25 providers regardless of their legal or technical expertise. By implementing automated
compliance reporting and location-based customer query resolution, the present
47
disclosure enhances regulatory adherence and user transparency, reducing legal risks
and increasing trust across users.
ADVANTAGES OF THE PRESENT DISCLOSURE
[00151] The present disclosure provides a method and a system for compliance
5 management in a communication network.
[00152] The present disclosure provides a method and a system that ensures
legal compliance by enabling data and internet services to adhere to the laws and
regulations governing them, reducing the risk of legal consequences and penalties for
businesses and service providers.
10 [00153] The present disclosure provides the method and the system that mitigate
risks by assisting businesses and service providers in avoiding legal and regulatory
risks associated with non-compliance, fostering a more secure operational
environment.
[00154] The present disclosure provides the system and the method that builds
15 user trust by demonstrating a commitment to following rules and regulations, assuring
users that their data and online experiences are handled responsibly and ethically.
[00155] The present disclosure provides the system and the method that
contributes to a positive business reputation by showcasing a commitment to ethical
and lawful practices, which can serve as a competitive advantage in the market.
20 [00156] The present disclosure provides the system and the method that
enhances operational efficiency by integrating compliance measures into the design
and implementation of data and internet services, reducing the likelihood of disruptions
due to regulatory issues.
48
[00157] The present disclosure provides a competitive edge by differentiating
businesses from competitors through a demonstrated commitment to compliance,
which may be a key factor for users when choosing between service providers. The
present disclosure creates a framework that helps businesses comply with regulatory
5 requirements, enhances operational efficiency, builds trust with users, and contributes
to a positive and reputable image in the market.
10
15
20
49
WE CLAIM:
1. A method (400) for compliance management in a communication network, the
method (400) comprising:
5 extracting (402), by a processing unit (210), a relevant regulatory data
from a real-time regulatory data based on a geographic details and a site
information provided in a service barring information present in the real-time
regulatory data;
classifying (404), by the processing unit (210), the service barring
10 information based on one or more predefined parameters to obtain a classified
barring information; and
creating (406), by the processing unit (210), a rule repository based, at
least in part, on the relevant regulatory data and the classified barring
information.
15
2. The method (400) as claimed in claim 1, wherein the service barring
information comprises one or more of a geographic details, a timing details, a
barred services information, a site information and a barring status.
20 3. The method (400) as claimed in claim 1, wherein the relevant regulatory data
comprises site identifiers (IDs) of one or more sites where a barring is
applicable.
4. The method (400) as claimed in claim 1, wherein the service barring
25 information is classified into one or more groups to facilitate management and
prioritization of a compliance effort.
50
5. The method (400) as claimed in claim 1, wherein the extracting comprises:
validating, by the processing unit (210), the extracted service barring
information based on a predefined criteria, wherein the predefined criteria is
5 accessed from the source system (302); and
extracting, by the processing unit (210), the relevant regulatory data
upon a successful validation.
6. The method (400) as claimed in claim 1, further comprising:
10 checking, by the processing unit (210), for one or more changes
occurring in the real-time regulatory data at a predefined time interval; and
updating, by the processing unit (210), the rule repository based on the
one or more changes.
15 7. The method (400) as claimed in claim 1, further comprising:
generating, by the processing unit (210), an automated compliance
report, wherein the automated compliance report comprises details associated
with adherence to regulatory standards, potential issues, and corrective actions.
20 8. A system (108) for compliance management in a communication network, the
system (108) comprising:
a processing unit (210) configured to extract a relevant regulatory data
from a real-time regulatory data based on a geographic details and a site
information provided in a service barring information present in the real-time
25 regulatory data;
the processing unit (210) further configured to classify the service
barring information based on one or more predefined parameters to obtain a
classified barring information; and
51
the processing unit (210) further configured to create a rule repository
based, at least in part, on the relevant regulatory data and the classified barring
information.
5 9. The system (108) as claimed in claim 8, wherein the service barring information
comprises one or more of a geographic details, a timing details, a barred
services information, a site information and a barring status.
10. The system (108) as claimed in claim 8, wherein the relevant regulatory data
10 comprises site identifiers (IDs) of one or more sites where a barring is
applicable.
11. The system (108) as claimed in claim 8, wherein the service barring information
is classified into one or more groups to facilitate management and prioritization
15 of a compliance effort.
12. The system (108) as claimed in claim 8, wherein for the extraction:
the processing unit (210) is further configured to validate the extracted
service barring information based on a predefined criteria, wherein the
20 predefined criteria is accessed from the source system (302); and
the processing unit (210) is further configured to extract the relevant
regulatory data upon a successful validation.
13. The system (108) as claimed in claim 8, wherein
25 the processing unit (210) is further configured to check whether one or
more changes are occurring in the real-time regulatory data at a predefined time
interval; and
52
the processing unit (210) is further configured to update the rule
repository based on the one or more changes.
14. The system (108) as claimed in claim 8, wherein the processing unit (210) is
5 further configured to generate an automated compliance report, wherein the
automated compliance report comprises details associated with adherence to
regulatory standards, potential issues, and corrective actions.
15. A user equipment (UE) (104) communicatively coupled with a system (108),
10 the coupling comprises steps of:
receiving, by the system (108), a connection request;
sending, by the system (108), an acknowledgment of the connection
request to the UE (104); and
transmitting a plurality of signals in response to the connection request,
15 wherein, based on the plurality of signals, the system (108) is configured for a
compliance management in a communication network, as claimed in claim 8.