Method and apparatus for a web application server to provide for web user validation
First Claim
1. In a data processing environment having a user with a first user identifier, which uniquely identifies said user, at a terminal located at a particular site, the improvement comprising:
- a. wherein said terminal includes a second user identifier which uniquely identifies said particular site and wherein said user utilizes said terminal to generate a particular one of a plurality of service requests the honoring of which requiring access to secure data responsively coupled via a publicly accessible digital data communication network to a data base management system having at least one data base containing said secure data which honors said particular one of said plurality of service requests by executing a sequence of command language script corresponding to said particular one of said plurality of service requests;
b. an administration module located within said data base management system for permitting a manager having authority to access said administration module to associate a particular security level which each of said plurality of service requests; and
c. a security profile indicative of said particular security level maintained by said administration module and stored in association with said sequence of command language script corresponding to said sequence of command language script whereby said data base management system permits said user to access said secure data from said at least one data base from said terminal at said particular site without transfer of said first user identifier uniquely identifying said user via said publicly accessible digital data communication network if said second user identifier corresponds to said security profile.
13 Assignments
0 Petitions
Accused Products
Abstract
An apparatus for and method of utilizing an internet terminal coupled to the world wide web to access an existing proprietary data base management system having a dialog-based request format. The user request is received by a web server from the world wide web and converted into one or more sequenced data base management commands stored as corresponding to the service request. If a particular service request requires access to secured data and/or services, the request may be granted in relationship to a particular user security profile. This security profile is determined through a special field indicative of the internet user transferred in conjunction with the service request.
-
Citations
20 Claims
-
1. In a data processing environment having a user with a first user identifier, which uniquely identifies said user, at a terminal located at a particular site, the improvement comprising:
-
a. wherein said terminal includes a second user identifier which uniquely identifies said particular site and wherein said user utilizes said terminal to generate a particular one of a plurality of service requests the honoring of which requiring access to secure data responsively coupled via a publicly accessible digital data communication network to a data base management system having at least one data base containing said secure data which honors said particular one of said plurality of service requests by executing a sequence of command language script corresponding to said particular one of said plurality of service requests; b. an administration module located within said data base management system for permitting a manager having authority to access said administration module to associate a particular security level which each of said plurality of service requests; and c. a security profile indicative of said particular security level maintained by said administration module and stored in association with said sequence of command language script corresponding to said sequence of command language script whereby said data base management system permits said user to access said secure data from said at least one data base from said terminal at said particular site without transfer of said first user identifier uniquely identifying said user via said publicly accessible digital data communication network if said second user identifier corresponds to said security profile. - View Dependent Claims (2, 3, 4, 5)
-
-
6. An apparatus comprising:
-
a. a terminal located at a particular location having a first identifier which uniquely identifies said terminal and a user with a second identifier which uniquely identifies said user and which generates a particular one of a plurality of service requests; b. a data base management system having access to a data base responsively coupled to said terminal via a publicly accessible digital data communication network and which executes a sequence of command language script to honor said particular one of said plurality of service requests; c. an administration module located within said data base management system which may be utilized by a manager having authority to access said administration module to assign a particular security level to each of said plurality of service requests; and d. a security profile generated by said data base management system corresponding to said sequence of command language script whereby said data base management system executes said sequence of command language script to provide access to a particular secure portion of said data base corresponding to said location specific security profile without transfer of said second identifier via said publicly accessible digital data communication network if said first identifier corresponds to said security profile. - View Dependent Claims (7, 8, 9, 10)
-
-
11. A method of utilizing a terminal having a first identifier and having a user with a user identifier which uniquely identifies said user located at a particular site to securely access a remote data base management system having a data base via a publicly accessible digital data communication network comprising:
-
a. signing on to said terminal by said user utilizing said user identifier; b. transmitting a service request requiring execution of a sequence of command language statements to provide secure access to said data base from said terminal without transferring said user identifier; c. receiving said service request by said remote data base management system; d. determining a security profile corresponding to said sequence of command language statements utilizing an administration module by a manager having authority to access said administration module; e. requesting said first identifier from said user terminal; f. comparing said security profile with said first identifier; and g. honoring said service request if and only if said first identifier corresponds to said security profile. - View Dependent Claims (12, 13, 14, 15)
-
-
16. An apparatus comprising:
-
a. permitting means located at a site having a first identifier for permitting a user having a user identifier to interact with a data base responsively coupled via a publicly accessible digital data communication network; b. offering means responsively coupled to said permitting means via said publicly accessible digital data communication network for offering data processing services involving access to said data base in response to said service request by executing a sequence of command language script; c. providing means located within said offering means for providing an authorized manager to assign a particular security level to each of said data processing services; and d. preventing means responsively coupled to said offering means and said providing means for preventing said offering means from offering said data processing services to said user in response to said service request unless said site corresponds to a security profile associated with said particular security level assigned by said authorized manager to said sequence of command language script and maintained by said administration module wherein said security profile permits access to said data base without access to said user identifier. - View Dependent Claims (17, 18, 19, 20)
-
Specification