Method of using electronic tickets containing privileges for improved security
First Claim
1. In server coupled to a client, the client having an authorized user, wherein the server provides the client with a plurality of on-line services including a log-in service and at least one other service, the server including a user database, a method of controlling access by the client to the plurality of on-line services, the method comprising the steps of:
- storing in the user database a set of user data corresponding to the authorized user;
receiving at the log-in service a first access request for initiating access to the server by the client;
generating at the log-in service and transmitting to the client from the log-in service an information packet from the set of user data, the information packet indicating access privileges of the authorized user in relation to the plurality of on-line services;
receiving at the at least one other service a second access request for requesting use of the at least one other service by the client, the second access request including a copy of the information packet; and
regulating access by the client to the at least one other service by using the copy of the information packet and without requiring the at least one other service to access the user database.
4 Assignments
0 Petitions
Accused Products
Abstract
A server system provides a client system with a number of on-line services including a log-in service. Once the server receives a request from the user for initiating access to the server, the log-in service accesses a user database for information including access privileges of the authorized user in relation to the other services available on the server. The server then generates an information packet containing this information, and transmits the information packet to the client. The client than transmits a second request to the server, requesting use of another service offered by the server. The information packet provided by the server in response to the log-in request is transmitted along with the second request to the server. The server then regulates access by the client to this other service by using the information packet transmitted back to the server from the client. Thus, access to the user database is minimized.
-
Citations
35 Claims
-
1. In server coupled to a client, the client having an authorized user, wherein the server provides the client with a plurality of on-line services including a log-in service and at least one other service, the server including a user database, a method of controlling access by the client to the plurality of on-line services, the method comprising the steps of:
-
storing in the user database a set of user data corresponding to the authorized user;
receiving at the log-in service a first access request for initiating access to the server by the client;
generating at the log-in service and transmitting to the client from the log-in service an information packet from the set of user data, the information packet indicating access privileges of the authorized user in relation to the plurality of on-line services;
receiving at the at least one other service a second access request for requesting use of the at least one other service by the client, the second access request including a copy of the information packet; and
regulating access by the client to the at least one other service by using the copy of the information packet and without requiring the at least one other service to access the user database. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A computer program product for implementing, in server coupled to a client, the client having an authorized user, wherein the server provides the client with a plurality of on-line services including a log-in service and at least one other service, the server including a user database, a method of controlling access by the client to the plurality of on-line services, the computer program product comprising a computer-readable medium carrying computer-executable instructions for causing the server to perform acts of the method, said acts comprising:
-
storing in the user database a set of user data corresponding to the authorized user;
receiving at the log-in service a first access request for initiating access to the server by the client;
generating at the log-in service and transmitting to the client from the log-in service an information packet from the set of user data, the information packet indicating access privileges of the authorized user in relation to the plurality of on-line services;
receiving at the at least one other service a second access request for requesting use of the at least one other service by the client, the second access request including a copy of the information packet; and
regulating access by the client to the at least one other service by using the copy of the information packet and without requiring the at least one other service to access the user database. - View Dependent Claims (11, 12, 13, 14, 15)
the act of generating further comprises generating at the log-in service and transmitting to the client from the log-in service a list of the plurality of services provided by the server; and
the second access request includes a service name corresponding to the at least one other service, the service name being selected from the list of the plurality of services.
-
-
16. In a networked computer system that includes a server system having a plurality of remote servers and a plurality of proxy servers, and a plurality of client systems, all of which are logically interconnected so that the client systems can access informational content stored at the one or more remote servers, and wherein at least one client system comprises a graphical user interface by which the network can be accessed and browsed using a display, a method of increasing security of user database information retained by the server system by reducing the number of direct accesses of such user database information when accessing requested services provided by the server system, comprising steps for:
-
at one of the servers of the server system, determining the validity of a log-in request received from a client system;
as part of a log-in service, obtaining at the server which received the log-in request, access to a user database and preparing an information packet that includes access privileges in relation to other services available in the server system;
downloading to the client system the prepared information packet; and
thereafter, for any other service for which access is requested by the client system, the server at which said any other service request is received regulating access to the requested service based on a copy of the information packet submitted with the client system request, whereby access to the user database is limited to the initial log-in service. - View Dependent Claims (17, 18, 19, 20)
-
-
21. In a networked computer system that includes a server system having a plurality of remote servers and a plurality of proxy servers, and a plurality of client systems, all of which are logically interconnected so that the client systems can access informational content stored at the one or more remote servers, and wherein at least one client system comprises a graphical user interface by which the network can be accessed and browsed using a display, a computer program product for implementing a method of increasing security of user database information retained by the server system by reducing the number of direct accesses of such user database information when accessing requested services provided by the server system, comprising a computer readable medium for storing executable instructions for implementing the method, and wherein the method is comprised of steps for:
-
at one of the servers of the server system, determining the validity of a log-in request received from a client system;
as part of a log-in service, obtaining at the server which received the log-in request, access to a user database and preparing an information packet that includes access privileges in relation to other services available in the server system;
downloading to the client system the prepared information packet; and
thereafter, for any other service for which access is requested by the client system, the server at which said any other service request is received regulating access to the requested service based on a copy of the information packet submitted with the client system request, whereby access to the user database is limited to the initial log-in service. - View Dependent Claims (22, 23, 24, 25)
-
-
26. In a networked computer system that includes a server system having a plurality of remote servers, and a plurality of client systems, all of which are logically interconnected so that the client systems can access informational content stored at the one or more remote servers, and wherein at least one client system comprises a graphical user interface by which the network can be accessed and browsed using a display, a method of increasing security of user database information retained by the server system by reducing the number of direct accesses of such user database information when accessing requested services provided by the server system, comprising acts of:
-
receiving at one of the servers of the server system a log-in request from a client system;
as part of a log-in service, retrieving user information from a user database and generating an information packet from the user information that includes access privileges in relation to other services available in the server system;
sending the information packet to the client system; and
thereafter, for any other service for which access is requested by the client system, the server at which said any other service request is received resorting to the information packet rather than the user database to regulate access to the requested service, so as to limit direct access to the user database to the initial log-in service. - View Dependent Claims (27, 28, 29, 30)
-
-
31. In a networked computer system that includes a server system having a plurality of remote servers, and a plurality of client systems, all of which are logically interconnected so that the client systems can access informational content stored at the one or more remote servers, and wherein at least one client system comprises a graphical user interface by which the network can be accessed and browsed using a display, a computer program product for implementing a method of increasing security of user database information retained by the server system by reducing the number of direct accesses of such user database information when accessing requested services provided by the server system, comprising a computer readable medium for storing executable instructions for implementing the method, and wherein the method comprises acts of:
-
receiving at one of the servers of the server system a log-in request from a client system;
as part of a log-in service, retrieving user information from a user database and generating an information packet from the user information that includes access privileges in relation to other services available in the server system;
sending the information packet to the client system; and
thereafter, for any other service for which access is requested by the client system, the server at which said any other service request is received resorting to the information packet rather than the user database to regulate access to the requested service, so as to limit direct access to the user database to the initial log-in service. - View Dependent Claims (32, 33, 34, 35)
-
Specification