Internet server access control and monitoring systems

US 20060095526A1
Filed: 12/13/2005
Published: 05/04/2006
Est. Priority Date: 01/12/1998
Status: Active Grant

First Claim

Patent Images

1. A method of processing service requests from a client to a server through a network, comprising:

forwarding a service request from the client to the server via hypertext transfer protocol data exchange;

returning a session identifier from the server to the client in response to the service request, the client storing the session identifier for use in subsequent requests to the server; and

appending the stored session identifier to each of the subsequent requests from the client to the server.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

This invention relates to methods for controlling and monitoring access to network servers. In particular, the process described in the invention includes client-server sessions over the Internet. In this environment, when the user attempts to access an access-controlled file, the server subjects the request to a secondary server which determines whether the client has an authorization or valid account. Upon such verification, the user is provided with a session identification which allows the user to access to the requested file as well as any other files within the present protection domain.

204 Citations

25 Claims

1. A method of processing service requests from a client to a server through a network, comprising:
- forwarding a service request from the client to the server via hypertext transfer protocol data exchange;
  
  returning a session identifier from the server to the client in response to the service request, the client storing the session identifier for use in subsequent requests to the server; and
  
  appending the stored session identifier to each of the subsequent requests from the client to the server.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25)
- - 2. The method of claim 1 wherein the session identifier includes a user identifier.
  - 3. The method of claim 1 wherein the session identifier includes an expiration time for the session.
  - 4. The method of claim 1 wherein the server records information from the session identifier in a transaction log.
  - 5. The method of claim 4 wherein the server tracks the access history of sequences of service requests within a session of requests.
  - 6. The method of claim 5 wherein the server tracks the access history to determine service requests leading to a purchase made within the session of requests.
  - 7. The method of claim 4 wherein the server counts requests to particular services exclusive of repeated requests from a common client.
  - 8. The method of claim 4 wherein the server maintains a database associating customer information to access patterns.
  - 9. The method of claim 8 wherein the information includes customer demographics.
  - 10. The method of claim 1 wherein the server assigns the session identifier to an initial service request received from the client.
  - 11. The method of claim 1 wherein the server subjects the client request to an authorization routine prior to issuing the session identifier and the session identifier is protected from forgery via an encryption algorithm.
  - 12. The method of claim 1 wherein the server comprises plural servers including an authentication server which provides session identifiers for service requests addressed to multiple content servers.
  - 13. The method of claim 12 wherein:
    - the client directs the service request to a first server which is to provide the requested service;
      
      the first server checks the service request for a session identifier and only services a service request having a valid session identifier, and where the service request has no valid identifier;
      
      the first server returns a response to the client, the response redirecting the service request from the client to the authentication server;
      
      the authentication server subjects the client to an authorization routine and issues the session identifier to be appended to the service request to the first server;
      
      the client forwards the service request appended with the session identifier to the first server; and
      
      the first server recognizes the session identifier and services the service request to the client; and
      
      the client appends the session identifier to subsequent service requests to the first server and is serviced without further authorization.
  - 14. The method of claim 13 wherein the session identifier includes a user identifier.
  - 15. The method of claim 13 wherein the session identifier includes an expiration time for the session.
  - 16. The method of claim 13 wherein the session identifier provides access to a protected domain to which the session has access authorization.
  - 17. The method of claim 16 wherein the session identifier is modified for access to a different protected domain.
  - 18. The method of claim 13 wherein the session identifier provides a key identifier for key management.
  - 19. The method of claim 13 wherein the server records information from the session identifier in a transaction log.
  - 20. The method of claim 1 wherein the access rights of the client are fully contained within the session identifier.
  - 21. The method of claim 1 wherein a service request is for a document and the session identifier includes a user identification, the method further comprising:
    - returning the requested document wherein the document is customized for a particular user based on the user identification of the session identifier.
  - 22. The method of claim 1 wherein a service request is for a document which has been purchased by a user, the session identifier comprises an authorization identifier, and further comprising:
    - returning the requested document if the authorization identifier indicates that the user is authorized to access the document.
  - 23. The method of claim 1 wherein a service request is for a document wherein the session identifier comprises a user identifier, and further comprising:
    - returning the requested document to the client; and
      
      charging the user identified in the identifier for access to the document.
  - 24. The method of claim 1, wherein at least one service request comprises a request for a document which has been purchased by a user, and wherein the session identifier comprises an authorization identifier, the method further comprising:
    - returning the requested document if the authorization identifier indicates that the user is authorized to access the document.
  - 25. The method of claim 24, wherein the authorization identifier is encoded within a session identifier which is appended to the request.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Soverain IP, LLC
Original Assignee
Soverain IP, LLC
Inventors
Payne, Andrew C., Stewart, Lawrence C., Treese, George Winfield, Levergood, Thomas Mark, Morris, Stephen Jeffrey

Granted Patent

US 9,900,305 B2
Time in Patent Office

Days
Field of Search
US Class Current

709/206
CPC Class Codes

G06Q 20/10   specially adapted for elect...

G06Q 20/102   Bill distribution or payments

G06Q 30/02   Marketing; Price estimation...

G06Q 30/0209   Incentive being awarded or ...

G06Q 30/06   Buying, selling or leasing ...

G06Q 30/0601   Electronic shopping [e-shop...

H04L 63/0807   using tickets, e.g. Kerbero...

H04L 63/083   using passwords cryptograph...

Internet server access control and monitoring systems

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

204 Citations

25 Claims

Specification

Solutions

Use Cases

Quick Links

Internet server access control and monitoring systems

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

204 Citations

25 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links