Method and apparatus for a web application server to provide for web user validation

US 7,263,523 B1
Filed: 11/24/1999
Issued: 08/28/2007
Est. Priority Date: 11/24/1999
Status: Expired due to Term

First Claim

Patent Images

1. In a data processing environment having a user with a first user identifier, which uniquely identifies said user, at a terminal located at a particular site, the improvement comprising:

a. wherein said terminal includes a second user identifier which uniquely identifies said particular site and wherein said user utilizes said terminal to generate a particular one of a plurality of service requests the honoring of which requiring access to secure data responsively coupled via a publicly accessible digital data communication network to a data base management system having at least one data base containing said secure data which honors said particular one of said plurality of service requests by executing a sequence of command language script corresponding to said particular one of said plurality of service requests;

b. an administration module located within said data base management system for permitting a manager having authority to access said administration module to associate a particular security level which each of said plurality of service requests; and

c. a security profile indicative of said particular security level maintained by said administration module and stored in association with said sequence of command language script corresponding to said sequence of command language script whereby said data base management system permits said user to access said secure data from said at least one data base from said terminal at said particular site without transfer of said first user identifier uniquely identifying said user via said publicly accessible digital data communication network if said second user identifier corresponds to said security profile.

View all claims

13 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An apparatus for and method of utilizing an internet terminal coupled to the world wide web to access an existing proprietary data base management system having a dialog-based request format. The user request is received by a web server from the world wide web and converted into one or more sequenced data base management commands stored as corresponding to the service request. If a particular service request requires access to secured data and/or services, the request may be granted in relationship to a particular user security profile. This security profile is determined through a special field indicative of the internet user transferred in conjunction with the service request.

Citations

20 Claims

1. In a data processing environment having a user with a first user identifier, which uniquely identifies said user, at a terminal located at a particular site, the improvement comprising:
- a. wherein said terminal includes a second user identifier which uniquely identifies said particular site and wherein said user utilizes said terminal to generate a particular one of a plurality of service requests the honoring of which requiring access to secure data responsively coupled via a publicly accessible digital data communication network to a data base management system having at least one data base containing said secure data which honors said particular one of said plurality of service requests by executing a sequence of command language script corresponding to said particular one of said plurality of service requests;
  
  b. an administration module located within said data base management system for permitting a manager having authority to access said administration module to associate a particular security level which each of said plurality of service requests; and
  
  c. a security profile indicative of said particular security level maintained by said administration module and stored in association with said sequence of command language script corresponding to said sequence of command language script whereby said data base management system permits said user to access said secure data from said at least one data base from said terminal at said particular site without transfer of said first user identifier uniquely identifying said user via said publicly accessible digital data communication network if said second user identifier corresponds to said security profile.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The improvement according to claim 1 wherein said security profile is generated by said data base management system.
  - 3. The improvement according to claim 2 further comprising a portion of said second user identifier whereby said data base management system is notified that said second user identifier corresponds to said particular site rather than corresponding to said user.
  - 4. The improvement according to claim 3 wherein said publicly accessible digital data communication network further comprises the Internet.
  - 5. The improvement according to claim 4 wherein said data base management system is MAPPER.

6. An apparatus comprising:
- a. a terminal located at a particular location having a first identifier which uniquely identifies said terminal and a user with a second identifier which uniquely identifies said user and which generates a particular one of a plurality of service requests;
  
  b. a data base management system having access to a data base responsively coupled to said terminal via a publicly accessible digital data communication network and which executes a sequence of command language script to honor said particular one of said plurality of service requests;
  
  c. an administration module located within said data base management system which may be utilized by a manager having authority to access said administration module to assign a particular security level to each of said plurality of service requests; and
  
  d. a security profile generated by said data base management system corresponding to said sequence of command language script whereby said data base management system executes said sequence of command language script to provide access to a particular secure portion of said data base corresponding to said location specific security profile without transfer of said second identifier via said publicly accessible digital data communication network if said first identifier corresponds to said security profile.
- View Dependent Claims (7, 8, 9, 10)
- - 7. The apparatus of claim 6 wherein said terminal accesses said data base by transferring said particular one of said plurality of service requests to said data base management system.
  - 8. The apparatus of claim 7 wherein said first identifier further comprises a special portion corresponding to said particular location.
  - 9. The apparatus of claim 8 wherein said data base management system further comprises MAPPER.
  - 10. The apparatus of claim 9 wherein said publicly accessible digital data communication network further comprises the world wide web.

11. A method of utilizing a terminal having a first identifier and having a user with a user identifier which uniquely identifies said user located at a particular site to securely access a remote data base management system having a data base via a publicly accessible digital data communication network comprising:
- a. signing on to said terminal by said user utilizing said user identifier;
  
  b. transmitting a service request requiring execution of a sequence of command language statements to provide secure access to said data base from said terminal without transferring said user identifier;
  
  c. receiving said service request by said remote data base management system;
  
  d. determining a security profile corresponding to said sequence of command language statements utilizing an administration module by a manager having authority to access said administration module;
  
  e. requesting said first identifier from said user terminal;
  
  f. comparing said security profile with said first identifier; and
  
  g. honoring said service request if and only if said first identifier corresponds to said security profile.
- View Dependent Claims (12, 13, 14, 15)
- - 12. A method according to claim 11 wherein said transmitting step further comprises transmitting a portion of said first identifier identifying said particular site.
  - 13. A method according to claim 12 wherein said determining step further comprises generating said security profile corresponding to said sequence of command language statements.
  - 14. A method according to claim 13 wherein said publicly accessible digital data communication network further comprises the Internet.
  - 15. A method according to claim 14 wherein said remote data base management system further comprises the MAPPER data base management system.

16. An apparatus comprising:
- a. permitting means located at a site having a first identifier for permitting a user having a user identifier to interact with a data base responsively coupled via a publicly accessible digital data communication network;
  
  b. offering means responsively coupled to said permitting means via said publicly accessible digital data communication network for offering data processing services involving access to said data base in response to said service request by executing a sequence of command language script;
  
  c. providing means located within said offering means for providing an authorized manager to assign a particular security level to each of said data processing services; and
  
  d. preventing means responsively coupled to said offering means and said providing means for preventing said offering means from offering said data processing services to said user in response to said service request unless said site corresponds to a security profile associated with said particular security level assigned by said authorized manager to said sequence of command language script and maintained by said administration module wherein said security profile permits access to said data base without access to said user identifier.
- View Dependent Claims (17, 18, 19, 20)
- - 17. An apparatus according to claim 16 wherein said publicly accessible digital data communication network further comprises the Internet.
  - 18. An apparatus according to claim 17 wherein said permitting means further comprises means for transmitting a portion of said first identifier corresponding to said site.
  - 19. An apparatus according to claim 18 wherein said offering means further comprises MAPPER data base management system.
  - 20. An apparatus according to claim 19 wherein said permitting means further comprises an industry standard personal computer.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Unisys Corporation
Original Assignee
Unisys Corporation
Inventors
Guhl, Timothy J., Gretter, Eugene J., Kress, Daryl J., Behr, Gail L., Germscheid, Paul S.
Primary Examiner(s)
Wassum; Luke S

Application Number

US09/448,154
Time in Patent Office

2,834 Days
Field of Search

713200-201, 707/10, 709/225, 709/227, 709/229
US Class Current

1/1
CPC Class Codes

G06F 16/951 Indexing; Web crawling tech...

Y10S 707/99939 Privileged access

Method and apparatus for a web application server to provide for web user validation

First Claim

13 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Method and apparatus for a web application server to provide for web user validation

First Claim

13 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links