Method and system for secure, authorized e-mail based transactions

US 20030014633A1
Filed: 07/12/2001
Published: 01/16/2003
Est. Priority Date: 07/12/2001
Status: Active Grant

First Claim

Patent Images

1. A method of conducting a secure transaction with an on-line service while offline comprising the steps of issuing a transaction authorization token to a user from an application server for the on-line service while the user is online;

preparing an off-line transaction object containing data to specify and request the transaction;

sending a message to the on-line service, said message containing the transaction object and the authorization token;

upon receipt of the message, the application server validating the token to authenticate the user and to authorize the transaction; and

executing the transaction object if the transaction is authorized.

View all claims

12 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Method and system for secure off-line transactions using a security access token for authentication and authorization of transactions. The user requests and receives the token from an application server of a desired service while on-line, logs off, prepares a transaction for entry into the system, and sends a message to the application server. The message contains a transaction object, such as a transaction, a query, an entry, an update, a revision, or the like combined with transaction data and the token previously supplied by the server. The server validates the token and executes the transaction object if the user is authorized for the transaction.

Citations

26 Claims

1. A method of conducting a secure transaction with an on-line service while offline comprising the steps of issuing a transaction authorization token to a user from an application server for the on-line service while the user is online;
- preparing an off-line transaction object containing data to specify and request the transaction;
  
  sending a message to the on-line service, said message containing the transaction object and the authorization token;
  
  upon receipt of the message, the application server validating the token to authenticate the user and to authorize the transaction; and
  
  executing the transaction object if the transaction is authorized.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26)
- - 2. The method of claim 1, wherein the token is issued to the user via an email message sent from the application server.
  - 3. The method of claim 1, wherein the token is issued to the user via a download operation while the user is on-line.
  - 4. The method of claim 1, wherein the user prepares the transaction object off-line.
  - 5. The method of claim 1, wherein the on-line service comprises the application server, and the user requests the token for the transaction from the application server.
  - 6. The method of claim 5, wherein the application server accesses a database.
  - 7. The method of claim 1, wherein the token comprises a unique identifier that is generated by the on-line service when the token is issued.
  - 8. The method of claim 1, wherein the token is a one-way encryption of at least one of an identity of the user, a transaction type, and a data object for which the transaction is authorized.
  - 9. The method of claim 2, wherein the application server receives an incoming message including the token, checks the token for validity, and accepts or rejects the token.
  - 10. The method of claim 9, wherein the message delivering the token and offline transaction from the user to the application server is an e-mail message delivered to the application server via an asynchronous e-mail delivery method.
  - 11. The method of claim 10 where the asynchronous delivery mechanism is database record synchronization.
  - 12. The method of claim 11 where the asynchronous e-mail delivery method comprises a synchronization of data between a portable computing device and an on-line service.
  - 13. The method of claim 1, wherein the token includes data representing a time period during which the token is valid.
  - 14. The method of claim 1, wherein the token includes data representing a valid access duration for the token.
  - 15. The method of claim 1, wherein the token specifies an e-mail audit signature, and said token is valid only if the transaction is sent from an e-mail program via an e-mail delivery path that matches the e-mail audit signature.
  - 16. The method of claim 15, wherein an e-mail address to which the message is sent varies according to an authorized data object and transaction type.
  - 17. The method of claim 1, further comprising encrypting the transaction object.
  - 18. The method of claim 17, wherein said encrypting comprises issuing a temporary public key that is a one-way encryption function of an address to which the transaction is to be sent for encryption of the transaction object.
  - 19. The method of claim 1, wherein the token is contained in a body or a header of an e-mail message.
  - 20. The method of claim 1, wherein the token and the transaction object are attachments to an e-mail message.
  - 21. The method of claim 11, wherein the application server ensures that the token can only be used once, by authorizing a specific transaction by a specific user on specific data objects.
  - 22. The method of claim 1, wherein the application server is a web-based application server.
  - 23. The method of claim 1, whereon said transaction is selected from the group consisting of a database modification, update, adding a file, and editing a file.
  - 24. The method of claim 23 farther comprising checking out a file, editing the file off-line, and checking in the file as an e-mail attachment.
  - 25. The method of claim 1, further comprising authenticating the user with a password and a network identity while the user is accessing the on-line service.
  - 26. The method of claim 1, wherein the user comprises a software agent that conducts the transaction on behalf of the user.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Ip Ot Sub Ulc
Original Assignee
Vignette Corporation (Open Text Corporation)
Inventors
Gruber, Thomas Robert

Granted Patent

US 7,266,840 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/170
CPC Class Codes

H04L 63/0823 using certificates cryptogr...

H04L 63/10 for controlling access to d...

Method and system for secure, authorized e-mail based transactions

First Claim

12 Assignments

0 Petitions

Accused Products

Abstract

Citations

26 Claims

Specification

Solutions

Use Cases

Quick Links

Method and system for secure, authorized e-mail based transactions

First Claim

12 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

26 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links