Secure and stateful electronic business transaction system
First Claim
Patent Images
1. A method for transacting business electronically, the method comprising:
- storing first information in a database management module in a protected environment, the first information including client information and product information;
reading the first information in the database management module by a network server module in response to a client request, the network server module being outside the protected environment, the network server module distributing both secure and non-secure information, wherein at least a portion of the first information is encrypted, the first information providing login information relating to the client;
providing a client customized interface using the first information by the network server module;
in response to a request by a client for a secure selected data file, providing the client with a ticket file and providing the selected data file to the file transfer module, the file transfer module being outside the protected environment, a file transfer module having a secure file transfer protocol;
in response to the receipt of the ticket file by the file transfer module from the client, determining when the client is authorized to receive the selected data file in the file transfer module by comparison of the ticket file from the client with a ticket file stored in the database management module; and
when the client is authorized to receive the selected data file , transferring the selected data file to the client by the file transfer module using the secure file transfer protocol.
2 Assignments
0 Petitions
Accused Products
Abstract
A method for transacting business electronically includes storing first information in a database management module, reading the first information in the database management module by a network server module, providing a client customized interface with the first information by the network server module, providing client information and product information to a file transfer module responsive to a client ordering a product, and transferring a product to a client by the file transfer module.
127 Citations
22 Claims
-
1. A method for transacting business electronically, the method comprising:
-
storing first information in a database management module in a protected environment, the first information including client information and product information;
reading the first information in the database management module by a network server module in response to a client request, the network server module being outside the protected environment, the network server module distributing both secure and non-secure information, wherein at least a portion of the first information is encrypted, the first information providing login information relating to the client;
providing a client customized interface using the first information by the network server module;
in response to a request by a client for a secure selected data file, providing the client with a ticket file and providing the selected data file to the file transfer module, the file transfer module being outside the protected environment, a file transfer module having a secure file transfer protocol;
in response to the receipt of the ticket file by the file transfer module from the client, determining when the client is authorized to receive the selected data file in the file transfer module by comparison of the ticket file from the client with a ticket file stored in the database management module; and
when the client is authorized to receive the selected data file , transferring the selected data file to the client by the file transfer module using the secure file transfer protocol. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
implementing a login procedure for the client, the login procedure including accessing the first information;
forwarding an agreement to the client; and
when the client has executed the agreement, making the product evaluation available to the client.
-
-
7. The method as recited in claim 5, wherein in response to a client request for a product purchase, the method comprising:
-
implementing a login procedure for the client, the login procedure including accessing the first information;
forwarding an invoice to the client;
confirming payment by the client; and
making the requested product available to the client.
-
-
8. The method as recited in claim 7 wherein the making the requested product available includes at least one of:
-
encrypting the requested product; and
transferring the requested product by the file transfer module.
-
-
9. The method as recited in claim 1 wherein the determining when the client is authorized step includes:
comparing at least one client password with a password stored in the database management module.
-
10. The method as recited in claim 1 wherein the network server module has a separate interface for interacting with the data base management system.
-
11. An apparatus for electronically, securely and statefully transacting business, the apparatus comprising:
-
computer-readable storage media, the storage media being in a protected environment;
a database management module stored on the computer-readable storage media, the database management module storing at least first information and secure data files;
a network server module outside the protected environment, the network server module including;
a client interface module;
a secure database interface module for interacting with the database management module; and
a file transfer interface module; and
a file transfer module outside of the protected environment, the file transfer module having a secure file transfer protocol; and
wherein the client interface module accesses the database interface module in response to an access by a client;
the database interface module provides the first information to the client interface module responsive to being accessed by the client interface module, the first information used in a login procedure with the client;
the client interface module provides an interface that is customized to the client in response to receiving the first information from the database interface module;
the file transfer interface module providing a selected data file to the file transfer module in response to a request for selected data files, the client interface module providing a ticket file to the client when the selected data file is a secure data file;
in response to receiving the ticket file from the client, a comparison of the ticket file from the client with the ticket file in the database management system is performed, and when the comparison is true, the file transfer module transfers the selected file using the secure file transfer protocol to the client. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18)
a firewall, wherein files in the database management module are protected by the firewall, the procedures for encrypting the files, and the file transfer module using the secure file transfer protocol.
-
-
14. The apparatus as recited in claim 11 wherein access by a client can include a data file selected from the group comprising a request for product information, a request for product evaluation, and a product purchase request.
-
15. The apparatus as recited in claim 14 wherein an agreement is transferred to the client by the network server module in response to a product evaluation request.
-
16. The apparatus as recited in claim 14 wherein an invoice is transferred to the client by the network server module in response to a product purchase request.
-
17. The apparatus as recited in claim 11 wherein the ticket file includes at least one password, the at least one password in the database management module being compared with a client password prior to the product being transferred to the client.
-
18. The apparatus as recited in claim 17 wherein the one password is applied to the file transfer module, the one password being transferred to the file transfer interface module for comparison.
-
19. An apparatus for providing protected information to a client system over a network, the apparatus comprising:
-
a database system storing product files and client files, the database system being in a protected environment, wherein some of the files are protected;
a network server responsive to the client system, the network server not being in the protected environment, wherein a client request for product files causes product files and client files to be transferred from the database system, client files permitting the network server to implement a login procedure for the client, the network server preparing customized responses to the client system from the client files, the network server determining a category of activity for responding to the client, wherein the requested non-protected client files are transferred to the client, the network server including encryption procedures for encrypting files;
a file transfer server outside of the protected environment for receiving selected files, wherein non-protected selected files are transferred to the client after the login procedure;
wherein protected selected files are transferred using a secure file transfer protocol in response to a ticket file provided to the client system by the network server after validation of the ticket file by the network server, a protected selected file being transferred to the client system when at least one portion of a client ticket file matches a ticket file in the database system during the login procedure.- View Dependent Claims (20, 21, 22)
-
Specification