System and method for protecting user logoff from web business transactions
First Claim
1. A system for assisting a user conducting a transaction on a secure site of a server to implicitly logoff from the secure site, comprising:
- the server including;
a secure transaction protection module that tracks a user'"'"'s access state to the server;
a database in communication with the secure transaction protection module, for storing data to be accessed by the user;
an identification module for validating the user'"'"'s access to the database; and
a notification module for notifying the secure transaction protection module of a user'"'"'s request to initiate a session on the server;
wherein if the user selects an insecure site while logged on to the secure site of the server, the notification module sends a warning notice to the user to alert the user of an impending logoff from the secure site, and further sends a termination command to the secure transaction protection module for implicitly logging off the user from the secure site; and
wherein the secure transaction protection module causes the session to be terminated in response to the termination command, absent an instruction from the user to maintain a connection with the secure site.
1 Assignment
0 Petitions
Accused Products
Abstract
A computer program product is provided as a system and associated method for use with a web browser and an Internet, to improve the access security to a secure web site and to protect the user from undesirable hacking. The system presents a novel, secure, implicit log-off procedure in addition to the conventional express log-off and cookie termination. The implicit log-off procedure reduces the risks resulting from transiting to an insecure site while remaining logged onto a secure site. The system is comprised of a secured transaction protection module implemented on a business server that includes a security/identification module and a local database; and a notification module which is implemented on the user'"'"'s browser. The system tracks the user'"'"'s access state to the server, and issues a termination command shortly as soon as the notification module detects migration to another site or to an insecure page on the same site.
-
Citations
15 Claims
-
1. A system for assisting a user conducting a transaction on a secure site of a server to implicitly logoff from the secure site, comprising:
-
the server including; a secure transaction protection module that tracks a user'"'"'s access state to the server; a database in communication with the secure transaction protection module, for storing data to be accessed by the user; an identification module for validating the user'"'"'s access to the database; and a notification module for notifying the secure transaction protection module of a user'"'"'s request to initiate a session on the server; wherein if the user selects an insecure site while logged on to the secure site of the server, the notification module sends a warning notice to the user to alert the user of an impending logoff from the secure site, and further sends a termination command to the secure transaction protection module for implicitly logging off the user from the secure site; and wherein the secure transaction protection module causes the session to be terminated in response to the termination command, absent an instruction from the user to maintain a connection with the secure site. - View Dependent Claims (2, 3, 4, 5, 6, 7, 9)
-
-
8. A computer program product for assisting a user conducting a transaction on a secure site of a server to implicitly logoff from the secure site, comprising:
-
the server including; a secure transaction protection module that tracks a user'"'"'s access state to the server; a database in communication with the secure transaction protection module, for storing data to be accessed by the user; an identification module for validating the user'"'"'s access to the database; and a notification module for notifying the secure transaction protection module of a user'"'"'s request to initiate a session on the server; wherein if the user selects an insecure site while logged on to the secure site of the server, the notification module sends a warning notice to the user to alert the user of an impending logoff from the secure site, and further sends a termination command to the secure transaction protection module for implicitly logging off the user from the secure site; and wherein the secure transaction Protection module causes the session to be terminated in response to the termination command, absent an instruction from the user to maintain a connection with the secure site.
-
-
10. A method for implicitly logging off a user conducting a transaction on a secure site of a server from the secure site, comprising:
-
tracking a user'"'"'s access state to the server; storing data to be accessed by the user; validating the user'"'"'s access to the database; notifying the secure transaction protection module of a user'"'"'s request to initiate a session on the server; wherein if the user selects an insecure site while logged on to the secure site of the server, sending a warning notice to the user to alert the user of an impending logoff from the secure site, and further issuing a termination command to the secure transaction protection module for implicitly logging off the user from the secure site; and causing the session to be terminated in response to the termination command, absent an instruction from the user to maintain a connection with the secure site. - View Dependent Claims (11, 12, 13, 14, 15)
-
Specification