SUBSCRIPTION ACCESS SYSTEM FOR USE WITH AN UNTRUSTED NETWORK
First Claim
1. A system for controlling the operation of and access to selected computer resources of at least a first server computer by at least one subscriber client computer via an untrusted network in an operating session, without necessarily controlling access to other computer resources provided by the first server computer and by other server computers and nonsubscriber client computers, comprising:
- clearinghouse means for storing identity data of said first server computer and the identity data of each of said subscriber client computers server software means installed on said first server computer adapted to forward its identity data and identity data of each subscriber client computer to said clearinghouse means at the beginning of an operating session in which access to selected computer resources of said first server computer is requested;
client software means installed on each of said subscriber client computers adapted to forward its identity data to said first server computer at the beginning of an operating session in which access to selected computer resources is requested;
said clearinghouse means being adapted to authenticate the identity of said subscriber client computer responsive to a request for selected computer resources of said first server computer by a subscriber client computer;
said clearinghouse means being adapted to authenticate the identity of said first server computer responsive to said subscriber client computer making the request for selected computer resources of said first server computer;
said clearinghouse means being adapted to permit access to said selected computer resources responsive to successful initial authentication of said first server computer and of said subscriber client computer making said request.
2 Assignments
0 Petitions
Accused Products
Abstract
A system and method is disclosed for controlling access to computer resources using an untrusted network. The system preferably uses a hardware key connected to each subscriber client computer and adds software to the subscriber client computer and to the existing server computer. A clearinghouse is provided to store client and server identification data, including demographic data, including URL data, usage data and billing information. The clearinghouse authenticates the subscriber and server computers before an operating session occurs. For every new client session, a login mechanism requires the client computer to supply appropriate identification data, including a digital identification generated by the hardware key. The login parameters are verified by the clearinghouse and a session is then started. The system is adapted to protect preselected content from being printed or copied by a client using a web browser. The system architecture permits a geographical distributed system of multiple subscriber client computers, multiple server computers and multiple clearinghouses which can interact with each other.
-
Citations
36 Claims
-
1. A system for controlling the operation of and access to selected computer resources of at least a first server computer by at least one subscriber client computer via an untrusted network in an operating session, without necessarily controlling access to other computer resources provided by the first server computer and by other server computers and nonsubscriber client computers, comprising:
-
clearinghouse means for storing identity data of said first server computer and the identity data of each of said subscriber client computers server software means installed on said first server computer adapted to forward its identity data and identity data of each subscriber client computer to said clearinghouse means at the beginning of an operating session in which access to selected computer resources of said first server computer is requested;
client software means installed on each of said subscriber client computers adapted to forward its identity data to said first server computer at the beginning of an operating session in which access to selected computer resources is requested;
said clearinghouse means being adapted to authenticate the identity of said subscriber client computer responsive to a request for selected computer resources of said first server computer by a subscriber client computer;
said clearinghouse means being adapted to authenticate the identity of said first server computer responsive to said subscriber client computer making the request for selected computer resources of said first server computer;
said clearinghouse means being adapted to permit access to said selected computer resources responsive to successful initial authentication of said first server computer and of said subscriber client computer making said request. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24)
-
- 25. A system for controlling the operation of and access to selected computer resources of at least a first server computer by at least one subscriber client computer via an untrusted network in an operating session, wherein each of said subscriber client computers has an application for browsing the untrusted network, said first server computer being adapted to designate specific resource content as being protected and to provide predetermined protection data identifying said resource content as being protected when said data is transmitted to one of said subscriber client computers responsive to a request for said resource content, said data being monitored by said subscriber client computer and selectively disabling predetermined functionality of said application for said designated specific resource content.
-
28. A method of controlling access to selected computer resources of at least a first server computer by at least one subscriber client computer via an untrusted network during an operating session, without necessarily controlling access to other computer resources provided by the first server computer and by other server computers and nonsubscriber client computers, comprising the steps of:
-
registering identity data of said first server computer and the identity data of each of said subscriber client computers and storing the registered identity data in a clearinghouse means associated with said first server computer and said subscriber client computers;
requiring a subscriber client computer to forward its identity data to said clearinghouse means at the beginning of an operating session in which access to selected computer resources is requested;
attempting to authenticate the identity of said subscriber client computer from said clearinghouse means responsive to a request for selected computer resources of said first server computer by a subscriber client computer;
attempting to authenticate the identity of said first server computer from said clearinghouse means responsive to said subscriber client computer making the request for selected computer resources;
permitting access to said selected computer resources responsive to successful initial authentication of said first server computer and of said subscriber client computer making said request. - View Dependent Claims (29, 30, 31, 32, 33, 34, 35, 36)
-
Specification