Data network security system and method

US 6,252,869 B1
Filed: 12/29/1995
Issued: 06/26/2001
Est. Priority Date: 12/29/1995
Status: Expired due to Term

First Claim

Patent Images

1. A method for communicating information, both ways between an originating server and a terminating server, where the originating server and the terminating server are connected over a data network by a first two-way communications connection that includes at least one switching or routing active node, said method comprising the steps of:

establishing, while said first two-way communications connection continues to be active, a separate connection between said originating server and said terminating server, said separate connection being established through a network that is distinct from the network of said first two-way communications connection; and

transmitting at least some of said information via the separate connection.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A secure communication mechanism for communicating credit card or other sensitive information between a user terminal and a server which communicate over a data network (e.g.,Internet). For secure or private communication of sensitive information over a data network, a telephone connection is established between the originating server to which the user is connected for access to the data network and the SP to which the sensitive information is directed. The method and system provide for a secure electronic commercial transaction between a user and a service provider which charges for information and/or services and/or goods, wherein sensitive information includes credit card information transmitted from the user to the service provider, and/or electronic information or services transmitted from the service provider to the user in exchange for payment received from the user.

156 Citations

36 Claims

1. A method for communicating information, both ways between an originating server and a terminating server, where the originating server and the terminating server are connected over a data network by a first two-way communications connection that includes at least one switching or routing active node, said method comprising the steps of:
- establishing, while said first two-way communications connection continues to be active, a separate connection between said originating server and said terminating server, said separate connection being established through a network that is distinct from the network of said first two-way communications connection; and
  
  transmitting at least some of said information via the separate connection.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 19)
- - 2. The method according to claim 1, wherein said separate connection is a switched circuit telephone connection.
  - 3. The method according to claim 1, further comprising the step of terminating said separate connection after said step of transmitting said information is performed.
  - 4. The method according to claim 1, further comprising a step wherein said information is communicated, both ways, between said originating server and a user terminal that is connected to the originating server via a telecommunication connection, thereby communicating the information between said user terminal and said terminating server.
  - 5. The method according to claim 4, wherein said step of transmitting said information includes said user terminal transmitting payment information to said terminating server.
  - 6. The method according to claim 4, wherein said step of transmitting said information includes said terminating server transmitting electronic information to said user as recompense for payment information received from said user terminal via said telecommunication connection or said separate connection.
  - 7. The method according to claim 1 where said data network is a packet network.
  - 8. The method according to claim 4, wherein said step of establishing a separate connection is invoked in response to actions at the user terminal.
  - 9. The method according to claim 1, wherein said terminating server initiates the step of establishing the separate connection.
  - 10. The method according to claim 1, wherein said first two-way communications link aims to form a point-to-point connection between said orioinating server and said terminating server.
  - 11. The method according to claim 1, wherein said step of establishing the separate connection includes the steps of:
12. The method according to claim 11, further comprising before the step of said terminating server providing a telephone number, the step of said originating server transmitting to said terminating server information indicative of desire to establish the separate connection.
13. The method according to claim 1, wherein said step of establishing the separate connection includes the steps of:
- said originating server providing a telephone number to said terminating server over the first communications link on the data network;
  
  said terminating server placing a call using said telephone number; and
  
  said originating server receiving said call.
14. The method according to claim 13, further comprising before the step of said originating server providing a telephone number, the step of said terminating server transmitting to said originating server information indicative of intent to establish said separate connection.
19. The method according to claim 13, further comprising before the step of said origination server providing a telephone number, the step of said terminating server transmitting to said originating server information indicative of establishing the separate connection.

15. A method for communicating information between a user and a terminating server, said user connected to said terminating server via an accessing server which is connected to said terminating server over a data network by a first communications link, said method comprising the steps of:
- at the terminating server;
  
  associating a telephone call with said user;
  
  establishing, in coordination with said accessing server, a telephone connection with said accessing server;
  
  communicating said information with said accessing server via said telephone connection while said first communication link connection continues to be active;
  
  at the accessing server;
  
  establishing, in coordination with said terminating server, said telephone connection;
  
  associating said telephone connection with said user;
  
  communicating said information with said terminating server via said telephone connection; and
  
  communicating said information with said user.
- View Dependent Claims (16, 17, 18)
- - 16. The method according to claim 15, wherein said step of establishing a telephone connection includes the steps of:
17. The method according to claim 16, further comprising before the step of said terminating server providing a telephone number, the step of said accessing server transmitting to said terminating server information indicative of establishing the separate connection.
18. The method according to claim 15, wherein said step of establishing the separate connection includes the steps of:
- said accessing server providing a telephone number to said terminating server over the first communications link on the data network;
  
  said terminating server placing a call using said telephone number; and
  
  said accessing server receiving said call.

20. A system for secure communication, comprising:
- an originating server;
  
  a terminating server connected to said originating server over a packet data network by a first two-way communications link that includes at least one switching or routing active node and which carries information from said originating server to said terminating server and from said terminating server to said originating server;
  
  a dialer for establishing a secure connection between said originating server and said terminating server that is distinct from the first two-way communications link; and
  
  means for transmitting at least some of said information via the secure connection while said first two-way communications link is active.
- View Dependent Claims (21, 22, 23, 24, 36)
- - 21. The system according to claim 20, wherein said secure connection is a switched circuit telephone connection.
  - 22. The system according to claim 20, wherein said secure connection is over a network separate from said data network.
  - 23. The system according to claim 20, further comprising a user terminal remote from said originating server but connected thereto, for receiving information from said terminating server and for sending information to said terminating server, wherein said information includes payment information communicated to the terminating server from the user terminal.
  - 24. The system according to claim 23, where said payment information is communicated from said originating server to said terminating server via said secure connection.
  - 36. The method of claim 23 where said information, in addition to including payment information, includes sensitive information possessed by said terminating server for which said payment information is a recompense.

25. A method for communicating first sensitive information possessed by a first party to a second party, and communicating second sensitive information possessed by the second party to the first party, where said first party is connected to said second party via a first two-way communication link of a data network, where information that is not sensitive flowing from said first party to said second party, and vice versa over said first two-way communication link of said data network by means of data packets, said method comprising the steps of:
- transmitting a phone number from said first party to said second party over said first two-way link;
  
  placing a call over a telecommunications network that is distinct from said data network, using said phone number, from said second party to said first party;
  
  receiving said call at said first party to provide a secure telephone connection over said telecommunications network between the first party and the second party; and
  
  transmitting said first sensitive information and said second sensitive information over said secure telephone connection.
- View Dependent Claims (26, 27)
- - 26. The method according to claim 25 wherein when the first sensitive information is transmitted before transmitting the second sensitive information.
  - 27. The method according to claim 26, where said first sensitive information is payment information and said second sensitive information is an Internet web page.

28. A method for communicating sensitive information from a first internet service provider (ISP) server to a second ISP server, where the first ISP server and the second ISP server are connected to each other by means of a primary connection over a packet network, said method comprising the steps of:
- While maintaining said primary connection, establishing a connection between said first ISP server and said second ISP server that is more secure than said primary connection; and
  
  transmitting said sensitive information via the more secure connection while said primary connection is active.
- View Dependent Claims (29, 30, 31, 32, 33, 34)
- - 29. The method of claim 28 where said more secure connection is effected over a network other than said packet routing network.
  - 30. The method of claim 28 where said more secure connection is effected over a switched-circuit telephone network.
  - 31. The method of claim 28 where said sensitive information is payment information whereby a party associated with said first ISP promises to pay said second ISP.
  - 32. The method of claim 31 where said payment information aims to induce said second ISP server to provide said party with goods, services, or sensitive second-ISP-server information.
  - 33. The method of claim 32 where said sensitive second-ISP-sever information is provided to said party over said more secure connection.
  - 34. The method of claim 33 where said sensitive second-IPS-server information is an Internet web page.

35. In a system where an accessing server is arranged to service a plurality of users as well as to establish a two-way connection to a terminating server over a packet routing data network, and where a user is connected to the accessing server via a telecommunications connection, a method comprising the steps of:
- in response to action taken by said user, the accessing server initiating the establishment of a secure connection between the accessing server and the terminating server by exchanging a telephone number with the terminating server;
  
  the accessing server participating with the terminating server in the establishment of said secure connection based on the exchanged telephone number and associating said secure connection with said user;
  
  the accessing server participating in the exchange of information over said secure connection between said user and said terminating server; and
  
  the accessing server participating in the dismantling of said secure connection upon completion of said exchange of information.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
AT&T Corporation (AT&T, Inc.)
Original Assignee
AT&T Corporation (AT&T, Inc.)
Inventors
Silverman, David P.
Primary Examiner(s)
VU, HUY DUY

Application Number

US08/580,671
Time in Patent Office

2,006 Days
Field of Search

379/90.01, 379/93.01, 379/93.02, 379/93.03, 379/93.05, 379/93.06, 379/93.07, 379/93.09, 379/93.1, 379/93.12, 379/93.15, 379/121, 379/130, 379/114, 370/352, 370/353, 370/354, 370/355, 370/356, 348/12, 348/13, 455/31.3
US Class Current

370/352
CPC Class Codes

G06Q 20/04   Payment circuits

G06Q 20/341   Active cards, i.e. cards in...

G06Q 20/425   using two different network...

G07F 7/084   Additional components relat...

G07F 7/1008   Active credit-cards provide...

H04L 2463/102   applying security measure f...

H04L 63/18   using different networks or...

Data network security system and method

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

156 Citations

36 Claims

Specification

Solutions

Use Cases

Quick Links

Data network security system and method

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

156 Citations

36 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links