Solicited authentication of a specific user

US 6,725,381 B1
Filed: 08/31/1999
Issued: 04/20/2004
Est. Priority Date: 08/31/1999
Status: Expired due to Term

First Claim

Patent Images

1. A method for authenticating a first user for a data transmission transaction over a server system between the first user and a second user wherein the second user has identified the first user, the method comprising:

a server receiving authentication information from the second user;

the server prompting the first user to submit the authentication information;

the server receiving response information from the first user responsive to the prompting;

the server comparing the response information to the authentication information; and

the server authenticating the first user upon a condition in which the response information is equivalent to the authentication information.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Secure web-based messaging according to a “push” paradigm is augmented by specific, intended recipient authentication. In particular, a document can be sent to a specified, intended recipient through the Web using e-mail recipient notification, and the recipient is authenticated prior to delivering the document to the recipient. Such authentication prevents a cracker from snooping a delivery notification e-mail message and retrieving the document prior to retrieval by the true intended recipient. In addition, such authentication of the recipient is driven by the sender such that prior participation by the recipient in the messaging system according to the present invention is required.

Citations

20 Claims

1. A method for authenticating a first user for a data transmission transaction over a server system between the first user and a second user wherein the second user has identified the first user, the method comprising:
- a server receiving authentication information from the second user;
  
  the server prompting the first user to submit the authentication information;
  
  the server receiving response information from the first user responsive to the prompting;
  
  the server comparing the response information to the authentication information; and
  
  the server authenticating the first user upon a condition in which the response information is equivalent to the authentication information.
- View Dependent Claims (2, 3, 4)
- - 2. The method of claim 1 wherein prompting comprises:
3. The method of claim 1 further comprising:
- in a session with the first user, receiving user account information from the first user;
  
  sending identification data which identifies the first user as identified by the second user and the user account information to an information server;
  
  and receiving verification data from the information server which indicates whether the information server'"'"'s associated identification data for the user account information is the same as the identification data which identifies the first user as identified by the second user.
4. The method of claim 3 further comprising:
- authenticating the first user when the identification data associated with the account information is the same as the identification data which identifies the first user as identified by the second user.

5. A method for a server authenticating a first user for a data transaction between the first user and a second user wherein the second user has identified the first user, the method comprising:
- the server sending a message to the first user as identified by the second user;
  
  in a session with the first user in response to the message, the server receiving user account information from the first user;
  
  the server generating transaction data associated with the first user, the transaction data including security data for allowing the first user to proceed with said data transaction between the first user and a second user; and
  
  the server sending a second message to the first user as identified by the second user wherein the second message includes said transaction data which is necessary for proceeding with the data transaction.
- View Dependent Claims (6, 7, 8, 9, 10)
- - 6. The method of claim 5 wherein the transaction data is a universal resource locator.
  - 7. The method of claim 5 wherein the transaction data identifies the first user.
  - 8. The method of claim 7 wherein the transaction data identifies subject data of the data transaction.
  - 9. The method of claim 5 wherein the transaction data identifies subject data of the data transaction.
  - 10. The method of claim 5 further comprising:

11. A method for a data delivery server authenticating a first user for a data transaction between the first user and a second user wherein the second user has identified the first user, the method comprising:
- a server sending a message to the first user as identified by the second user;
  
  the server in a session with the first user in response to the message, receiving user account information from the first user;
  
  the server sending identification data which identifies the first user as identified by the second user and the user account information to an information server; and
  
  the server receiving verification data from the information server which indicates whether the information server'"'"'s associated identification data for the user account information is the same as the identification data which identifies the first user as identified by the second user.
- View Dependent Claims (12)
- - 12. The method of claim 11 further comprising:

13. A computer system comprising:
- a processor;
  
  a memory operatively coupled to the processor; and
  
  an authentication module (i) which executes in the processor from the memory and (ii) which, when executed by the processor, causes the computer to authenticate a first user for a data transaction between the first user and a second user wherein the second user has identified the first user by;
  
  the authentication module sending a message to the first user as identified by the second user;
  
  in a session with the first user in response to the message, the authentication module receiving user account information from the first user; and
  
  the authentication module sending a second message to the first user as identified by the second user wherein the second message includes transaction data which is necessary for proceeding with the data transaction.
- View Dependent Claims (14, 15, 16, 17, 18)
- - 14. The computer system of claim 13 wherein the transaction data is a universal resource locator.
  - 15. The computer system of claim 13 wherein the transaction data identifies the first user.
  - 16. The computer system of claim 15 wherein the transaction data identifies subject data of the data transaction.
  - 17. The computer system of claim 13 wherein the transaction data identifies subject data of the data transaction.
  - 18. The computer system of claim 13 wherein the authentication module is configured to cause the computer to authenticate the first user by also:

19. A computer system comprising:
- a processor;
  
  a memory operatively coupled to the processor; and
  
  an authentication module (i) which executes in the processor from the memory and (ii) which, when executed by the processor, causes the computer to authenticate a first user for a data transaction between the first user and a second user wherein the second user has identified the first user by;
  
  the authentication module sending a message to the first user as identified by the second user;
  
  in a session with the first user in response to the message, the authentication module receiving user account information from the first user, said user account information providing secure data which is associated with a user identifier by an information server;
  
  the authentication module sending identification data which identifies the first user as identified by the second user and the user account information to the information server; and
  
  the authentication module receiving verification data from the information server which indicates whether the information server'"'"'s associated identification data for the user account information is the same as the identification data which identifies the first user as identified by the second user.
- View Dependent Claims (20)
- - 20. The computer system of claim 19 wherein the authentication module is configured to cause the computer to authenticate the first user by also:

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Axway Incorporated (Axway Software SA)
Original Assignee
Tumbleweed Communications Corporation (Axway Software SA)
Inventors
Smith, Jeffrey C., Bandini, Jean-Christophe
Primary Examiner(s)
HUA, LY

Application Number

US09/387,444
Time in Patent Office

1,694 Days
Field of Search

713/202, 713/201, 713/200, 713/159, 713/153, 709/205, 709/206, 709/201, 709/245, 709/249, 709/200, 707/10, 705/38, 705/35, 358/402, 358/440, 358/444, 358/436, 380/243
US Class Current

726/4
CPC Class Codes

H04L 51/08   Annexed information, e.g. a...

H04L 51/224   providing notification on i...

H04L 63/08   for authentication of entit...

Solicited authentication of a specific user

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Solicited authentication of a specific user

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links