Facilitating access to information stored on a network using an extended network universal resource locator

US 7,415,610 B2
Filed: 07/26/2006
Issued: 08/19/2008
Est. Priority Date: 12/23/1999
Status: Expired due to Fees

First Claim

Patent Images

1. A method comprising:

receiving, from a network entity that controls access to stored information associated with a user, by a service provider, a network address associated with the stored information and a first message component, wherein the first message component is encrypted with a first crypto-key associated with the network entity and can be decrypted by the network entity, wherein the first message component includes user identity information and integrity information, wherein the user identity information is associated with the stored information and the integrity information is associated with the user identity information;

receiving, from an access portal associated with the user, by the service provider, a request for information enabling access to the stored information;

responsive to the request, generating, by the service provider, a response, wherein the response includes the network address and the first message component; and

transmitting, to the access portal, by the service provider, the generated response, wherein the response is extensible by the access portal to include a second message component and a third message component, wherein the second message component is encrypted with a second crypto-key associated with the access portal, and wherein the extended response is usable to obtain access to the stored information;

wherein the third message component is encrypted with a third crypto-key associated with the service provider, and wherein the third crypto-key can be decrypted by the network entity that controls access to the stored information associated with the user;

wherein content of the third message component includes first relationship information indicative of a relationship between the service provider and the network entity, wherein the first relationship information indicates that the user identity information and the integrity information were received by the service provider from the network entity; and

wherein the content of the third message component includes second relationship information indicative of a relationship between the service provider and the access portal, wherein the second relationship information indicates that the user identity information and the integrity information were transmitted by the service provider to the access portal.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems and methods for facilitating access to stored information associated with a user, where a service provider receives, from a network entity controlling access to the stored information, a first message component encrypted with a first crypto-key associated with the network entity that can be decrypted by the network entity and a network address associated with the stored information. The service provider then receives a request for information enabling access to the stored information from an access portal associated with the user. Next, the service provider generates a response that includes the network address and the first message component and transmits the response to the access portal. The generated response is extensible by the access portal to include a second message component. The second message component is encrypted with a second crypto-key associated with the access portal. The extended response is usable to obtain access to the stored information.

30 Citations

View as Search Results

21 Claims

1. A method comprising:
- receiving, from a network entity that controls access to stored information associated with a user, by a service provider, a network address associated with the stored information and a first message component, wherein the first message component is encrypted with a first crypto-key associated with the network entity and can be decrypted by the network entity, wherein the first message component includes user identity information and integrity information, wherein the user identity information is associated with the stored information and the integrity information is associated with the user identity information;
  
  receiving, from an access portal associated with the user, by the service provider, a request for information enabling access to the stored information;
  
  responsive to the request, generating, by the service provider, a response, wherein the response includes the network address and the first message component; and
  
  transmitting, to the access portal, by the service provider, the generated response, wherein the response is extensible by the access portal to include a second message component and a third message component, wherein the second message component is encrypted with a second crypto-key associated with the access portal, and wherein the extended response is usable to obtain access to the stored information;
  
  wherein the third message component is encrypted with a third crypto-key associated with the service provider, and wherein the third crypto-key can be decrypted by the network entity that controls access to the stored information associated with the user;
  
  wherein content of the third message component includes first relationship information indicative of a relationship between the service provider and the network entity, wherein the first relationship information indicates that the user identity information and the integrity information were received by the service provider from the network entity; and
  
  wherein the content of the third message component includes second relationship information indicative of a relationship between the service provider and the access portal, wherein the second relationship information indicates that the user identity information and the integrity information were transmitted by the service provider to the access portal.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
- - 2. The method of claim 1, wherein the access portal and the service provider are supported by different network stations.
  - 3. The method of claim 1, further comprises:
    - receiving, from the network entity, summary data associated with the stored information; and
      
      wherein the response includes summary information associated with the summary data, and wherein the summary information is configurable to be presented to the user associated with the access portal.
  - 4. The method of claim 1, wherein the network entity is a biller.
  - 5. The method of claim 1, wherein the network address associated with the stored information is the network address of the network entity.
  - 6. The method according to claim 1, wherein the first crypto-key is a symmetric crypto-key.
  - 7. The method according to claim 6, wherein the symmetric crypto-key is known only to the network entity.
  - 8. The method according to claim 1, wherein the first message component further includes an identifier associated with the stored information.
  - 9. The method according to claim 1, wherein the integrity information includes a hash of the user identity information.
  - 10. The method according to claim 1, wherein the first message component includes a digital signature.
  - 11. The method according to claim 1, wherein the second message component can be decrypted by the network entity.
  - 12. The method according to claim 1, wherein the second crypto-key is a private crypto-key of a joint private-public crypto-key pair associated with the access portal.
  - 13. The method according to claim 1, wherein the second message component includes voucher information, wherein the voucher information indicates that the access portal has authenticated the user.
  - 14. The method according to claim 1, wherein the second message component includes a digital signature.
  - 15. The method according to claim 1, wherein the second message component includes a timestamp corresponding to a time at which the summary information is transmitted to the user by the access portal.
  - 16. The method according to claim 1, wherein the third crypto-key is a private crypto-key of a joint private-public crypto-key pair associated with the service provider.
  - 17. The method according to claim 1, wherein the third message component includes a digital signature.

18. A system comprising:
- a memory, wherein the memory is operable to locally store data received from a remotely located network entity;
  
  an interface capable of communicating with an access portal and the network entity; and
  
  a processor, wherein the processor is configured to;
  
  receive, from the network entity, a first message component and a network address associated with the network entity, wherein the first message component is encrypted with a first crypto-key associated with the network entity and can be decrypted by the network entity, wherein the first message component includes user identity information and integrity information,receive, from an access portal, a request for information enabling access to remotely stored data associated with the network entity, responsive to the request,responsive to the request, generate a response, wherein the response includes the network address and the first message component, and transmit, to the access portal, the response, wherein the response is extensible by the access portal to include a second message component and a third message component, wherein the second message component is encrypted with a second crypto-key associated with the access portal, and wherein the response is usable to obtain access to the stored information,wherein the third message component is encrypted with a third crypto-key associated with the service provider, wherein the third crypto-key can be decrypted by the network entity,wherein content of the generated third message component includes first relationship information indicative of a relationship between the service provider and the network entity, wherein the first relationship information indicates that the user identity information and the integrity information were received by the service provider from the network entity, andwherein the content of the generated third message component includes second relationship information indicative of a relationship between the service provider and the access portal, wherein the second relationship information indicates that the user identity information and the integrity information were transmitted by the service provider to the access portal.
- View Dependent Claims (19, 20, 21)
- - 19. The system according to claim 18, wherein the processor is further configured to receive summary data from the network entity and to direct the storage of the received summary data and the first message component to the memory.
  - 20. The system according to claim 18, wherein the third crypto-key is a private crypto-key of a joint private-public crypto-key pair associated with the service provider.
  - 21. The system according to claim 18, wherein the third message component includes a digital signature.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Checkfree Corporation (Fiserv Incorporated)
Original Assignee
Checkfree Corporation (Fiserv Incorporated)
Inventors
Ganesan, Ravi, Lewis, Matt, Hobday, Kenneth
Primary Examiner(s)
NGUYEN, MINH DIEU T

Application Number

US11/493,340
Publication Number

US 20070016525A1
Time in Patent Office

755 Days
Field of Search

713/168, 713/193, 705/40, 705/53, 705/77, 709/217
US Class Current

713/168
CPC Class Codes

G06F 21/445   by mutual authentication, e...

G06F 2221/2115   Third party

G06Q 20/00   Payment architectures, sche...

G06Q 20/085   involving remote charge det...

G06Q 20/102   Bill distribution or payments

G06Q 20/14   specially adapted for billi...

G06Q 20/3823   combining multiple encrypti...

G06Q 20/3829   involving key management

H04L 2463/102   applying security measure f...

H04L 63/0442   wherein the sending and rec...

H04L 63/0823   using certificates cryptogr...

H04L 63/123   received data contents, e.g...

Facilitating access to information stored on a network using an extended network universal resource locator

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

30 Citations

21 Claims

Specification

Use Cases

Quick Links

Others

Facilitating access to information stored on a network using an extended network universal resource locator

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

30 Citations

21 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others