Method and system for secure, authorized e-mail based transactions

US 7,266,840 B2
Filed: 07/12/2001
Issued: 09/04/2007
Est. Priority Date: 07/12/2001
Status: Active Grant

First Claim

Patent Images

1. A method of conducting a secure transaction with an on-line service while offline comprising the steps of:

issuing a transaction authorization token to a user from an application server for the on-line service while the user is online with the on-line service;

preparing an off-line transaction object containing data to specify and request the secure transaction;

sending a message to the on-line service, said message containing the off-line transaction object and the transaction authorization token;

upon receipt of said message, the application server validating the transaction authorization token to authenticate the user and to authorize the secure transaction, wherein the application server performs said validating while the user is offline from the on-line service; and

executing the off-line transaction object if the secure transaction is authorized.

View all claims

12 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Method and system for secure off-line transactions using a security access token for authentication and authorization of transactions. The user requests and receives the token from an application server of a desired service while on-line, logs off, prepares a transaction for entry into the system, and sends a message to the application server. The message contains a transaction object, such as a transaction, a query, an entry, an update, a revision, or the like combined with transaction data and the token previously supplied by the server. The server validates the token and executes the transaction object if the user is authorized for the transaction.

32 Citations

View as Search Results

31 Claims

1. A method of conducting a secure transaction with an on-line service while offline comprising the steps of:
- issuing a transaction authorization token to a user from an application server for the on-line service while the user is online with the on-line service;
  
  preparing an off-line transaction object containing data to specify and request the secure transaction;
  
  sending a message to the on-line service, said message containing the off-line transaction object and the transaction authorization token;
  
  upon receipt of said message, the application server validating the transaction authorization token to authenticate the user and to authorize the secure transaction, wherein the application server performs said validating while the user is offline from the on-line service; and
  
  executing the off-line transaction object if the secure transaction is authorized.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30)
- - 2. The method of claim 1, wherein the transaction authorization token is issued to the user via an e-mail message sent from the application server for the on-line service.
  - 3. The method of claim 2, wherein the application server receives an incoming message including the transaction authorization token, checks the transaction authorization token for validity, and accepts or rejects the transaction authorization token.
  - 4. The method of claim 3, wherein said sending a message to the on-line service containing the transaction authorization token and off-line transaction object comprises sending an e-mail message delivered, to the application server via an asynchronous e-mail delivery method.
  - 5. The method of claim 4 where the asynchronous delivery mechanism is database record synchronization.
  - 6. The method of claim 5 where the asynchronous e-mail delivery method comprises a synchronization of data between a portable computing device and an on-line service.
  - 7. The method of claim 5, wherein the application server authorizes a specific transaction by a specific user on specific data objects such that the transaction authorization token can be used only once.
  - 8. The method of claim 1, wherein the transaction authorization token is issued to the user via a download operation while the user is on-line with the on-line service.
  - 9. The method of claim 1, wherein the user prepares the off-line transaction object while the user is off-line from the on-line service.
  - 10. The method of claim 1, further comprising requesting a transaction authorization token, wherein the user requests the transaction authorization token for the secure transaction from the application server for the Qn-tine service.
  - 11. The method of claim 10, wherein the on-line service comprises the application server, and wherein the application server accesses a database.
  - 12. The method of claim 1, wherein said issuing a transaction authorization token comprises generating a unique identifier when the token is issued, wherein said generating is performed by the on-line service.
  - 13. The method of claim 1, wherein the transaction authorization token is a one-way encryption of at least one of an identity of the user, a transaction type, and a data object for which the transaction is authorized.
  - 14. The method of claim 1, wherein the transaction authorization token includes data representing a time period during which the transaction authorization token is valid.
  - 15. The method of claim 1, wherein the transaction authorization token includes data representing a valid access duration for the transaction authorization token.
  - 16. The method of claim 1, wherein the transaction authorization token specifies an e-mail audit signature, and said transaction authorization token is valid only if the transaction is sent from an e-mail program via an e-mail delivery path that matches the e-mail audit signature.
  - 17. The method of claim 16, wherein an e-mail address to which the message is sent varies according to an authorized data object and transaction type.
  - 18. The method of claim 1, further comprising encrypting the off-line transaction object.
  - 19. The method of claim 18, wherein said encrypting comprises issuing a temporary public key that is a one-way encryption function of an address to which the secure transaction is to be sent for encryption of the off-line transaction object.
  - 20. The method of claim 1, wherein the transaction authorization token is contained in a body or a header of an e-mail message.
  - 21. The method of claim 1, wherein the transaction authorization token and the off-line transaction object are attachments to an e-mail message.
  - 22. The method of claim 1, wherein the application server is a web-based application server.
  - 23. The method of claim 1, wherein said secure transaction is selected from the group consisting of a database modification, update, adding a file, and editing a file.
  - 24. The method of claim 1, wherein said secure transaction is selected from the group consisting of a database modification, update, adding a file, editing a file, checking out a file, editing the file off-line, and checking in the file as an e-mail attachment.
  - 25. The method of claim 1, further comprising authenticating a user such that the user is online with the on-line service, wherein said authenticating is performed with a password and a network identity while the user is logging-on to the on-line service.
  - 26. The method of claim 1, wherein the user comprises a software agent adapted to conduct the transaction on behalf of the user.
  - 27. The method of claim 1, wherein the user sends the message to the on-line service while the user is offline from the online service.
  - 28. The method of claim 27, wherein the message to the on-line service is sent via email.
  - 29. The method of claim 1, wherein the transaction object includes an instruction to execute a function at the application server.
  - 30. The method of claim 29, wherein the authorization token is a separate object from the off-line transaction object.

31. A method of conducting a secure transaction with an on-line service while offline comprising the steps of:
- issuing a transaction authorization token to a user from an application server for the on-line service while the user is online with the on-line service;
  
  preparing an off-line transaction object containing data to specify and request the secure transaction;
  
  sending a message to the on-line service, said message containing the off-line transaction object and the transaction authorization token;
  
  receiving said message, and upon receipt of said message, the application server for the on-line service validating the transaction authorization token to authenticate the user and to authorize the secure transaction; and
  
  executing the off-line transaction object upon validation of the transaction authorization token, wherein the user is not required to be online with the on-line service for any one or more of the group comprising;
  
  said preparing, said sending, said receiving, or said executing.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Ip Ot Sub Ulc
Original Assignee
Vignette Corporation (Open Text Corporation)
Inventors
Gruber, Thomas Robert
Primary Examiner(s)
Moazzami; Nasser
Assistant Examiner(s)
Hoffman; Brandon S

Application Number

US09/905,401
Publication Number

US 20030014633A1
Time in Patent Office

2,245 Days
Field of Search

713/201
US Class Current

726/9
CPC Class Codes

H04L 63/0823 using certificates cryptogr...

H04L 63/10 for controlling access to d...

Method and system for secure, authorized e-mail based transactions

First Claim

12 Assignments

0 Petitions

Accused Products

Abstract

32 Citations

31 Claims

Specification

Solutions

Use Cases

Quick Links

Method and system for secure, authorized e-mail based transactions

First Claim

12 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

32 Citations

31 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links