Method and system for associating a plurality of transaction data records generated in a service access system

US 20030056092A1
Filed: 04/05/2002
Published: 03/20/2003
Est. Priority Date: 04/18/2001
Status: Active Grant

First Claim

Patent Images

1. A method of associating a plurality of transaction data records generated in a service access system including at least one service provider, the transaction data records being generated in response to a user accessing the system during a single user session and method including:

generating a unique session identification that is uniquely associated with the single user session and which is receivable by the at least one service provider, the unique session identification being included in the transaction data record;

receiving the plurality of transaction data records at a transaction processing facility from the at least one service provider; and

processing the transaction data records using the unique session identification of each transaction data record.

View all claims

11 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method of, and system for, associating a plurality of transaction data records generated in a service access system including a plurality of service providers is provided. The transaction data records are generated in response to a user accessing the system during a single user session. The method includes generating a unique session identification that is uniquely associated with the single user session and which is receivable by the service providers. The unique session identification is included in the transaction data record. The plurality of transaction data records is received at a transaction processing facility from the service providers and processes using the unique session identification of each transaction data record. In certain embodiments, the unique session identification is provided in a user identification string of each transaction data record when the user session is authentication.

168 Citations

View as Search Results

81 Claims

1. A method of associating a plurality of transaction data records generated in a service access system including at least one service provider, the transaction data records being generated in response to a user accessing the system during a single user session and method including:
- generating a unique session identification that is uniquely associated with the single user session and which is receivable by the at least one service provider, the unique session identification being included in the transaction data record;
  
  receiving the plurality of transaction data records at a transaction processing facility from the at least one service provider; and
  
  processing the transaction data records using the unique session identification of each transaction data record.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
- - 2. The method of claim 1, which includes providing the unique session identification in a user identification string of each transaction data record when the user session is authorized.
  - 3. The method of claim 2, which includes generating a unique code that is uniquely associated with the single user session and including the unique code in the user identification string.
  - 4. The method of claim 3, which includes generating the unique code at a connection application via which the user requests access and combining the unique code with a connection application identification which identifies the connection application.
  - 5. The method of claim 4, which includes generating the unique code by means of a counter.
  - 6. The method of claim 3, which includes providing the unique session identification in a format suitable for communication using a protocol from one of Point-to-Point Protocol (PPP), Password Authentication Protocol (PAP), Challenge-Handshake Authentication Protocol (CHAP), Remote Authentication Dial In User Service (RADIUS) protocol, Terminal Access Controller Access Control System (TACACS) protocol, Lightweight Directory Access Protocol (LDAP), NT Domain authentication protocol, Unix password authentication protocol, HyperText Transfer Protocol (HTTP), HyperText Transfer Protocol over Secure sockets layer (HTTPS), Extended Authentication Protocol (EAP), Transport Layer Security (TLS) protocol, Token Ring protocol and Secure Remote Password protocol (SRP).
  - 7. The method of claim 6, which includes providing the unique session identification within a user string with a maximum length of 63 characters.
  - 8. The method of claim 6, which includes randomly generating three alphanumeric digits to define the unique code;
    - providing a five-digit connection application identification that uniquely identifies the connection application; and
      
      providing an eleven-character user identification string that identifies the user.
  - 9. The method of claim 6, which includes constructing a modified transaction record data from at least one of the unique session identification, a customer identification from the authenticating service provider, customer data, customer routing data for internal customer routing, user identification data, customer domain data used by the user for internal routing, and non routing data customer data of a transaction data record.
  - 10. The method of claim 3, which includes allowing commencement of the session only if the user is positively authenticated by the system, and upon positive authentication, storing the unique session identification in a session identification field in an authentication transaction storage area at a transaction processing facility.
  - 11. The method of claim 10, which includes retrieving transaction data records from the at least one service provider and storing each transaction data record in an accounting transaction storage area based on the unique session identification data.
  - 12. The method of claim 11, which includes periodically receiving batch loading transaction data records from the at least one service provider;
    - constructing modified session identification data records; and
      
      storing the modified session identification data records in a session identification field in a batch history storage area.
  - 13. The method of claim 12, which includes receiving Service Quality Monitor (SQM) transaction data records;
    - constructing modified transaction data records from the SQM data records; and
      
      storing the modified transaction data records in a session identification field in an SQM storage area.
  - 14. The method of claim 11, which includes comparing session identification data in the authentication transaction storage area and the accounting transaction area to identify missing accounting records.
  - 15. The method of claim 11, which includes identifying each transaction data record without a unique session identification in the accounting transaction storage area to identify transaction data records provided by the at least one service provider which were not authenticated.
  - 16. The method of claim 11, which includes searching for duplicate session identification data in the accounting transaction storage area to identify duplicate transaction data records.
  - 17. The method of claim 11, which includes using the unique session identification to identify at least one of duplicate alias records, ISDN dual-channel records, invalid session length records, and overlapping accounting records.

18. A system for processing transaction data records generated in a service access system including at least one service provider, the transaction data records being generated in response to a user accessing the system during a single user session and system including:
- a session identification generator to generate a unique session identification that is uniquely associated with the single user session and which is receivable by the at least one service provider, the unique session identification being included in the transaction data record; and
  
  a transaction processing facility to process the plurality of transaction data records received from the at least one service provider using the unique session identification of each record.
- View Dependent Claims (19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29)
- - 19. The system of claim 18, in which the session identification generator provides the unique session identification data in a user identification string of each transaction data record when the user session is authorized.
  - 20. The system of claim 19, in which the session identification generator generates a unique code that is uniquely associated with the single user session, the unique code being included in the user identification string.
  - 21. The system of claim 20, in which, the session identification generator is implemented by a software application on a connection application via which the user requests access and the unique code is combined with a connection application identification which identifies the connection application.
  - 22. The system of claim 21, in which the session identification generator is a counter that generates the unique code.
  - 23. The system of claim 20, which includes a protocol from one of Point-to-Point Protocol (PPP), Password Authentication Protocol (PAP), Challenge-Handshake Authentication Protocol (CHAP), Remote Authentication Dial In User Service (RADIUS) protocol, Terminal Access Controller Access Control System (TACACS) protocol, Lightweight Directory Access Protocol (LDAP), NT Domain authentication protocol, Unix password authentication protocol, HyperText Transfer Protocol (HTTP), HyperText Transfer Protocol over Secure sockets layer (HTTPS), Extended Authentication Protocol (EAP), Transport Layer Security (TLS) protocol, Token Ring protocol and Secure Remote Password protocol (SRP), the unique session identification being provided in a format suitable for communication using.
  - 24. The system of claim 23, which provides the unique session identification within a user string with a maximum length of 63 characters.
  - 25. The system of claim 24, in which the unique code is provided by three alphanumeric digits randomly generated;
    - the connection application identification is provided by five-digits that uniquely identifies the connection application; and
      
      the user identification string that identifies the user is provided by eleven-characters.
  - 26. The system of claim 20, which allows commencement of the session only if the user is positively authenticated the by system, and upon positive authentication, the transaction processing facility stores the unique session identification in a session identification field in an authentication transaction storage area.
  - 27. The system of claim 26, in which the transaction processing facility receives transaction data records from the at least one service provider and stores each transaction data record in an accounting transaction storage area based on the unique session identification data.
  - 28. The system of claim 27, in which the transaction processing facility periodically receives batch loading transaction data records from the at least one service provider;
    - constructs modified session identification data records; and
      
      stores the modified session identification data records in a session identification field in a batch history storage area.
  - 29. The system of claim 28, in which the transaction processing facility receives Service Quality Monitor (SQM) transaction data records;
    - constructs modified transaction data records from the SQM transaction data records; and
      
      stores the modified transaction data records in a session identification field in an SQM storage area.

30. A method of processing a plurality of transaction data records generated in a service access system including at least one service provider, method including:
- receiving the transaction data records from the at least one service provider, each transaction data record being generated in response to a user accessing the system during a single user session; and
  
  identifying transaction data records associated with the single user session based on a session identification included in each transaction data record, each session identification uniquely identifying a single user session.
- View Dependent Claims (31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45)
- - 31. The method of claim 30, which includes identifying the unique session identification in a user identification string of each transaction record.
  - 32. The method of claim 31, which includes identifying a unique code that is uniquely associated with the single user session and included in the user identification string.
  - 33. The method of claim 32, including identifying a connection application identification that identifies a connection application via which the user requests access and that has generated the unique code.
  - 34. The method of claim 32, which receives the transaction data record including the unique session identification using a protocol from one of Point-to-Point Protocol (PPP), Password Authentication Protocol (PAP), Challenge-Handshake Authentication Protocol (CHAP), Remote Authentication Dial In User Service (RADIUS) protocol, Terminal Access Controller Access Control System (TACACS) protocol, Lightweight Directory Access Protocol (LDAP), NT Domain authentication protocol, Unix password authentication protocol, HyperText Transfer Protocol (HTTP), HyperText Transfer Protocol over Secure sockets layer (HTTPS), Extended Authentication Protocol (EAP), Transport Layer Security (TLS) protocol, Token Ring protocol and Secure Remote Password protocol (SRP).
  - 35. The method of claim 34, which extracts the unique session identification from a user string with a maximum length of 63 characters.
  - 36. The method of claim 35, which identifies the unique code from three alphanumeric digits;
    - identifies the connection application from a five-digit connection application identification; and
      
      identifies the user from an eleven-character user identification string.
  - 37. The method of claim 34, which includes constructing a modified transaction record data from at least one of the unique session identification, a customer identification from the authenticating service provider, customer data, customer routing data for internal customer routing, user identification data, customer domain data used by the user for internal routing, and non routing data customer data of a transaction data record.
  - 38. The method of claim 32, which includes storing the unique session identification in a session identification field in an authentication transaction storage area at a transaction processing facility.
  - 39. The method of claim 32, which includes storing each transaction data record received from the service providers in an accounting transaction storage area based on the unique session identification data.
  - 40. The method of claim 39, which includes periodically receiving batch loading transaction data records from the at least one service provider;
    - constructing modified session identification data records from the transaction data records; and
      
      storing the modified session identification data records in a session identification field in a batch history storage area.
  - 41. The method of claim 39, which includes receiving Service Quality Monitor (SQM) transaction data records;
    - constructing modified transaction data records from the modified transaction data records; and
      
      storing the modified transaction data records in a session identification field in an SQM storage area.
  - 42. The method of claim 39, which includes comparing session identification data in the authentication transaction storage area and the accounting transaction area to identify missing accounting records.
  - 43. The method of claim 39, which includes identifying each transaction data record without a unique session identification in the accounting transaction storage area to identify transaction data records provided by the at least one service provider which were not authenticated.
  - 44. The method of claim 39, which includes searching for duplicate session identification data in the accounting transaction storage area to identify duplicate transaction records.
  - 45. The method of claim 39, which includes using the unique session identification to identify at least one of duplicate alias records, ISDN dual-channel records, invalid session length records, and overlapping accounting records.

46. A transaction processing facility for processing a plurality of transaction data records generated in a service access system including at least one service provider, transaction processing facility arranged to:
- receive the transaction data records from the at least one service provider, each transaction data record being generated in response to a user accessing the system during a single user session; and
  
  identify transaction data records associated with the single user session based on a session identification included in each transaction data record, each session identification uniquely identifying a single user session.
- View Dependent Claims (47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61)
- - 47. The transaction processing facility of claim 46, which identifies the unique session identification in a user identification string of each transaction record.
  - 48. The transaction processing facility of claim 47, which identifies a unique code that is uniquely associated with the single user session and included in the user identification string.
  - 49. The transaction processing facility of claim 47, in which the transaction processing facility identifies a connection application identification that identifies a connection application that generated the unique code and via which the user gains access.
  - 50. The transaction processing facility of claim 48, which receives the transaction data record including the unique session identification using a protocol from one of Point-to-Point Protocol (PPP), Password Authentication Protocol (PAP), Challenge-Handshake Authentication Protocol (CHAP), Remote Authentication Dial In User Service (RADIUS) protocol, Terminal Access Controller Access Control System (TACACS) protocol, Lightweight Directory Access Protocol (LDAP), NT Domain authentication protocol, Unix password authentication protocol, HyperText Transfer Protocol (HTTP), HyperText Transfer Protocol over Secure sockets layer (HTTPS), Extended Authentication Protocol (EAP), Transport Layer Security (TLS) protocol, Token Ring protocol and Secure Remote Password protocol (SRP).
  - 51. The transaction processing facility of claim 50, which extracts the unique session identification from a user string with a maximum length of 63 characters.
  - 52. The transaction processing facility of claim 51, which identifies the unique code from three alphanumeric digits;
    - identifies the connection application from a five-digit connection application identification; and
      
      identifies the user from an eleven-character user identification string.
  - 53. The transaction processing facility of claim 47, which constructs a modified transaction record data from at least one of the unique session identification, a customer identification from the authenticating service provider, customer data, customer routing data for internal customer routing, user identification data, customer domain data used by the user for internal routing, and non routing data customer data of a transaction data record.
  - 54. The transaction processing facility of claim 47, which stores the unique session identification in a session identification field in an authentication transaction storage area at the transaction processing facility.
  - 55. The transaction processing facility of claim 47, which stores each transaction data record received from the at least one service provider in an accounting transaction storage area based on the unique session identification data.
  - 56. The transaction processing facility of claim 55, which periodically receives batch loading transaction data records from the at least one service provider from which it constructs modified session identification data records that are stored in a session identification field in a batch history storage area.
  - 57. The transaction processing facility of claim 55, which receives Service Quality Monitor (SQM) transaction data records and constructs modified transaction data records from the SQM transaction data records and stores them in a session identification field in an SQM storage area.
  - 58. The transaction processing facility of claim 55, which compares session identification data in the authentication transaction storage area and the accounting transaction area to identify missing accounting records.
  - 59. The transaction processing facility of claim 55, which identifies each transaction data record without a unique session identification in the accounting transaction storage area to identify transaction data records provided by the at least one service provider which were not authenticated.
  - 60. The transaction processing facility of claim 55, which searches for duplicate session identification data in the accounting transaction storage area to identify duplicate transaction records.
  - 61. The transaction processing facility of claim 55, which uses the unique session identification to identify at least one of duplicate alias records, ISDN dual-channel records, invalid session length records, and overlapping accounting records.

62. A method of connecting a user to an access service provider, the method including creating a unique session identification associated with a single user session during which the user accesses the service provider, the unique session identification being provided in a user identification string of each transaction data record when the user session is authorized.
- View Dependent Claims (63, 64, 65, 66, 67, 68)
- - 63. The method of claim 62, which includes generating a unique code that is uniquely associated with the single user session and including the unique code in the user identification string.
  - 64. The method of claim 63, including generating the unique code at a connection application via which the user gains access and combining the unique code with a connection application identification which identifies the connection application.
  - 65. The method of claim 64, which includes generating the unique code by means of a counter.
  - 66. The method of claim 63, which includes providing the unique session identification in a format suitable for communication using a protocol from one of Point-to-Point Protocol (PPP), Password Authentication Protocol (PAP), Challenge-Handshake Authentication Protocol (CHAP), Remote Emus Authentication Dial In User Service (RADIUS) protocol, Terminal Access Controller Access Control System (TACACS) protocol, Lightweight Directory Access Protocol (LDAP), NT Domain authentication protocol, Unix password authentication protocol, HyperText Transfer Protocol (HTTP), HyperText Transfer Protocol over Secure sockets layer (HTTPS), Extended Authentication Protocol (EAP), Transport Layer Security (TLS) protocol, Token Ring protocol and Secure Remote Password protocol (SRP).
  - 67. The method of claim 66, which includes providing the unique session identification within a user string with a maximum length of 63 characters.
  - 68. The method of claim 67, which includes randomly generating three alphanumeric digits to define the unique code;
    - providing a five-digit connection application identification that uniquely identifies the connection application; and
      
      providing an eleven-character user identification string that identifies the user.

69. Connection apparatus for connecting a user to an access service provider, the apparatus including a session identification generator that creates a unique session identification associated with each session that is authorized.
- View Dependent Claims (70, 71, 72, 73, 74, 75)
- - 70. The connection apparatus of claim 69, in which the session identification generator generates a unique code that is uniquely associated with the single user session, the unique code being included in the user identification string.
  - 71. The connection apparatus of claim 70, in which the session identification generator combines the unique code with a connection apparatus identification that identifies the connection application.
  - 72. The connection apparatus of claim 70, in which the session identification generator generates the unique code by means of a counter.
  - 73. The connection apparatus of claim 70, in which the unique session air identification is provided in a format suitable for communication using a protocol from one of Point-to-Point Protocol (PPP), Password Authentication Protocol (PAP), Challenge-Handshake Authentication Protocol (CHAP), Remote Authentication Dial In User Service (RADIUS) protocol, Terminal Access Controller Access Control System (TACACS) protocol, Lightweight Directory Access Protocol (LDAP), NT Domain authentication protocol, Unix password authentication protocol, HyperText Transfer Protocol (HTTP), HyperText Transfer Protocol over Secure sockets layer (HTTPS), Extended Authentication Protocol (EAP), Transport Layer Security (TLS) protocol, Token Ring protocol and Secure Remote Password protocol (SRP).
  - 74. The connection apparatus of claim 73, in which the unique session identification is provided within a user string with a maximum length of 63 characters.
  - 75. The connection apparatus of claim 74, in which the session identification generator randomly generates three alphanumeric digits to define the unique code;
    - provides a five-digit connection application identification that uniquely identifies the connection apparatus; and
      
      provides for an eleven-character user identification string to identify the user.

76. A machine-readable medium embodying a sequence of instructions that associate a plurality of transaction data records generated in a service access system including at least one service provider, the transaction data records being generated in response to a user accessing the system during a single user session, the instructions, when executed by a machine, cause the machine to:
- generate a unique session identification that is uniquely associated with the single user session and which is receivable by the at least one service provider, the unique session identification being included in the transaction data record;
  
  receive the plurality of transaction data records at a transaction processing facility from the service providers; and
  
  process the transaction data records using the unique session identification of each transaction data record.
- View Dependent Claims (77, 78)
- - 77. The machine-readable medium of claim 76, in which the unique session identification is provided in a user identification string of each transaction data record when the user session is authorized.
  - 78. The machine-readable medium of claim 77, in which a unique code that is uniquely associated with the single user session is generated and included in the user identification string.

79. A machine-readable medium embodying a sequence of instructions that processes a plurality of transaction data records generated in a service access system including at least one service provider, the instructions, when executed by a machine, cause the machine to:
- receive the transaction data records from the at least one provider, each transaction data record being generated in response to a user accessing the system during a single user session; and
  
  identify transaction data records associated with the single user session based on a session identification included in each transaction data record, each session identification uniquely identifying a single user session.

80. A machine-readable medium embodying a sequence of instructions that relate to connecting a user to an access provider, the instructions, when executed by a machine, cause the machine to create a unique session identification associated with a single user session during which the user accesses the service provider, the unique session identification being provided in a user identification string of each transaction data record when the user session is authorized.

81. A transaction processing facility for processing a plurality of transaction data records generated in a service access system including at least one service provider, transaction processing facility including:
- receiver means for receiving the transaction data records from the at least one service provider, each transaction data record being generated in response to a user accessing the system during a single user session; and
  
  processor means to identify transaction data records associated with the single user session based on a session identification included in each transaction data record, each session identification uniquely identifying a single user session.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Channel IP BV
Original Assignee
Ipass Incorporated (Pareteum Corp.)
Inventors
Edgett, Jeff Steven, Sunder, Singam

Granted Patent

US 7,469,341 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/153
CPC Class Codes

G06F 21/31   User authentication

G06F 2221/2115   Third party

G06F 2221/2137   Time limited access, e.g. t...

G06Q 20/14   specially adapted for billi...

H04L 63/0428   wherein the data content is...

H04L 63/0442   wherein the sending and rec...

H04L 63/083   using passwords cryptograph...

H04L 63/108   when the policy decisions a...

Method and system for associating a plurality of transaction data records generated in a service access system

First Claim

11 Assignments

0 Petitions

Accused Products

Abstract

168 Citations

81 Claims

Specification

Solutions

Use Cases

Quick Links

Method and system for associating a plurality of transaction data records generated in a service access system

First Claim

11 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

168 Citations

81 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links