Method and device of enabling a user of an internet application access to protected information
First Claim
1. A method of enabling a user of an Internet application access to protected information, said method comprising:
- creating user identifier token after authentication of the user by way of a logon mechanism of the Internet application;
associating said user identifier token with the authenticated user;
storing said user identifier token at an Internet client of the authenticated user, the user identifier token not giving access to the Internet application;
associating the protected information with the authenticated user;
creating an information identifier token, the information identifier token not giving access to said Internet application, neither by itself nor in combination with the user identifier token;
associating the information identifier token with the protected information;
delivering the information identifier token to the authenticated user via e-mail;
receiving a request from a requesting user to access the protected information; and
verifying that the request comprises a user identifier token and an information identifier token, and that the user identifier token of the request is associated with the authenticated user, that the authenticated user is associated with the requested protected information and that the requested protected information is associated with the information identifier token of the request, allowing the requesting user to access said protected information.
0 Assignments
0 Petitions
Accused Products
Abstract
A method and a system are disclosed, of enabling a user of an Internet application to access protected information. An idea behind at least one embodiment of the invention is that a user identifier token is created, after a user has been authenticated by way of a logon mechanism of the Internet application. The user identifier token is then associated with the authenticated user and stored at an Internet client of the authenticated user. When protected information is to be made available for a requesting user, the concerned set of protected information is associated with the authenticated user and an information identifier token is created and associated with the protected information. The information identifier token is delivered to the authenticated user via e-mail. When a request is received from a requesting user, it is verified that the request comprises a user identifier token and an information identifier token, that there exists an association between these tokens and the previously authenticated user and the protected information, respectively, and that the requested protected information is associated with the authenticated user. If so, the requesting user is allowed to access the protected information.
75 Citations
41 Claims
-
1. A method of enabling a user of an Internet application access to protected information, said method comprising:
-
creating user identifier token after authentication of the user by way of a logon mechanism of the Internet application; associating said user identifier token with the authenticated user; storing said user identifier token at an Internet client of the authenticated user, the user identifier token not giving access to the Internet application; associating the protected information with the authenticated user; creating an information identifier token, the information identifier token not giving access to said Internet application, neither by itself nor in combination with the user identifier token; associating the information identifier token with the protected information; delivering the information identifier token to the authenticated user via e-mail; receiving a request from a requesting user to access the protected information; and verifying that the request comprises a user identifier token and an information identifier token, and that the user identifier token of the request is associated with the authenticated user, that the authenticated user is associated with the requested protected information and that the requested protected information is associated with the information identifier token of the request, allowing the requesting user to access said protected information. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 41)
-
-
21. A device for enabling a user of an Internet application to access protected information, said device comprising:
-
means for creating a user identifier token after having authenticated the user by a logon mechanism of the Internet application; means for associating the user identifier token with the authenticated user; means for delivering the user identifier token to an Internet client of the authenticated user, the user identifier token not giving access to the Internet application; means for associating the protected information with the authenticated user; means for creating an information identifier token, the information identifier token not giving access to said Internet application, neither by itself nor in combination with the user identifier token; means for associating the information identifier token with the protected information; means for delivering the information identifier token to the authenticated user via e-mail; means for receiving a request from a requesting user to access the protected information; and means for verifying that the request comprises a user identifier token and an information identifier token, and that the user identifier token of the request is associated with the authenticated user, that the authenticated user is associated with the requested protected information and that the requested protected information is associated with the information identifier token of the request, allowing the requesting user to access the protected information. - View Dependent Claims (22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40)
-
Specification