Methods and systems for authentication and authorization

US 8,566,249 B2
Filed: 12/04/2003
Issued: 10/22/2013
Est. Priority Date: 02/07/2002
Status: Active Grant

First Claim

Patent Images

1. A method for ensuring non-repudiation of a payment request obtained from a first party to have a payment made to a second party, the method comprising:

receiving, at the one or more computer systems, a payment request from the first party identifying the second party as at least one payee together with a digital certificate having a first portion comprising information identifying the first party as having originated the payment request and a second portion comprising a first list of specific payees to which to first party is authorized to request payment and a first maximum payment amount that the first party can request;

performing, with one or more processors associated with the one or more computer systems, an authentication of the first party using the first portion of the digital certificate;

retrieving, with the one or more processors associated with the one or more computer systems, stored authority information from a store of authority information maintained by a financial services provider in response to performing the authentication of the first party using the first portion of the digital certificate, the authority information in the store of authority information including a second list of specific payees that have been registered with the financial services provider to whom the first party can request payment and a second maximum payment amount registered with the financial services provider that the first party can request;

validating, with the one or more processors associated with the one or more computer systems, whether the digital certificate comprises valid authority information based on a comparison between first list of specific payees and the first maximum payment amount presented in the digital certificate and the second list of specific payees and the second maximum payment amount in the authority information retrieved from the store of authority information maintained by the financial services provider; and

generating, with the one or more processors associated with the one or more computer systems, information authorizing the payment request in response to the first party being authenticated by the financial service provider and possessing valid authority to issue the payment request to the second party.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A computer-implemented method for ensuring non-repudiation of a payment request and/or other action may include a step of receiving, over a network, the payment request together with a digital certificate identifying a user having caused the payment request to be generated. The certificate may include certificate-identifying information, user-identifying information, authority information that defines and delimits the authority of the user to make the payment request. The certificate-identifying information and the user-identifying information included within the received certificate may be validated. The authority information included within the received certificate may then be validated. The payment request and/or other action is then only executed when the certificate-identifying information, the user-identifying information and the authority information within the received certificate are successfully validated.

Citations

15 Claims

1. A method for ensuring non-repudiation of a payment request obtained from a first party to have a payment made to a second party, the method comprising:
- receiving, at the one or more computer systems, a payment request from the first party identifying the second party as at least one payee together with a digital certificate having a first portion comprising information identifying the first party as having originated the payment request and a second portion comprising a first list of specific payees to which to first party is authorized to request payment and a first maximum payment amount that the first party can request;
  
  performing, with one or more processors associated with the one or more computer systems, an authentication of the first party using the first portion of the digital certificate;
  
  retrieving, with the one or more processors associated with the one or more computer systems, stored authority information from a store of authority information maintained by a financial services provider in response to performing the authentication of the first party using the first portion of the digital certificate, the authority information in the store of authority information including a second list of specific payees that have been registered with the financial services provider to whom the first party can request payment and a second maximum payment amount registered with the financial services provider that the first party can request;
  
  validating, with the one or more processors associated with the one or more computer systems, whether the digital certificate comprises valid authority information based on a comparison between first list of specific payees and the first maximum payment amount presented in the digital certificate and the second list of specific payees and the second maximum payment amount in the authority information retrieved from the store of authority information maintained by the financial services provider; and
  
  generating, with the one or more processors associated with the one or more computer systems, information authorizing the payment request in response to the first party being authenticated by the financial service provider and possessing valid authority to issue the payment request to the second party.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The method of claim 1, wherein generating the information authorizing the payment request comprises authorizing the payment request when the maximum payment amount is recognized by the financial service provide as valid and at least greater than or equal to a predetermined amount associated with the payment request.
  - 3. The method of claim 1, wherein the received digital certificate conforms to the X.509 standard.
  - 4. The method of claim 1, wherein the second portion within the received digital certificate is configured as XML code.
  - 5. The method of claim 1, wherein the XML code is compliant with a DSML standard.

6. A non-transitory computer-readable medium storing code for ensuring non-repudiation of a payment request obtained from a first party to have a payment made to a second party that when executed by a processor of a computer system causes the processor to perform the steps comprising:
- receiving a payment request from the first party identifying the second party as at least one payee together with a digital certificate having a first portion comprising information identifying the first party as having originated the payment request and a second portion comprising a first list of specific payees to which to first party is authorized to request payment and a first maximum payment amount that the first party can request;
  
  performing an authentication of the first party using the first portion of the digital certificate;
  
  retrieving stored authority information from a store of authority information maintained by a financial services provider in response to performing the authentication of the first party using the first portion of the digital certificate, the authority information in the store of authority information including a second list of specific payees that have been registered with the financial services provider to whom the first party can request payment and a second maximum payment amount registered with the financial services provider that the first party can request;
  
  validating whether the digital certificate comprises valid authority information based on a comparison between first list of specific payees and the first maximum payment amount presented in the digital certificate and the second list of specific payees and the second maximum payment amount in the authority information retrieved from the store of authority information maintained by the financial services provider; and
  
  generating information authorizing the payment request in response to the first party being authenticated by the financial service provider and possessing valid authority to issue the payment request to the second party.
- View Dependent Claims (7, 8, 9, 10)
- - 7. The non-transitory computer-readable medium of claim 6, wherein generating the information authorizing the payment request comprises authorizing the payment request when the maximum payment amount is recognized by the financial service provide as valid and at least greater than or equal to a predetermined amount associated with the payment request.
  - 8. The non-transitory computer-readable medium of claim 6, wherein the received digital certificate conforms to the X.509 standard.
  - 9. The non-transitory computer-readable medium of claim 6, wherein the second portion within the received digital certificate is configured as XML code.
  - 10. The non-transitory computer-readable medium of claim 6, wherein the XML code is compliant with a DSML standard.

11. A system for ensuring non-repudiation of a payment request obtained from a first party to have a payment made to a second party, the system comprising:
- a processor; and
  
  a memory, in communication with the processor, and storing a set of computer-executable instructions that when executed by the processor cause the processor to perform the steps comprising;
  
  receiving a payment request from the first party identifying the second party as at least one payee together with a digital certificate having a first portion comprising information identifying the first party as having originated the payment request and a second portion comprising a first list of specific payees to which to first party is authorized to request payment and a first maximum payment amount that the first party can request;
  
  performing an authentication of the first party using the first portion of the digital certificate;
  
  retrieving stored authority information from a store of authority information maintained by a financial services provider in response to performing the authentication of the first party using the first portion of the digital certificate, the authority information in the store of authority information including a second list of specific payees that have been registered with the financial services provider to whom the first party can request payment and a second maximum payment amount registered with the financial services provider that the first party can request;
  
  validating whether the digital certificate comprises valid authority information based on a comparison between first list of specific payees and the first maximum payment amount presented in the digital certificate and the second list of specific payees and the second maximum payment amount in the authority information retrieved from the store of authority information maintained by the financial services provider; and
  
  generating information authorizing the payment request in response to the first party being authenticated by the financial service provider and possessing valid authority to issue the payment request to the second party.
- View Dependent Claims (12, 13, 14, 15)
- - 12. The system of claim 11, wherein to generate the information authorizing the payment request the processor is further caused to authorize the payment request when the maximum payment amount is recognized by the financial service provide as valid and at least greater than or equal to a predetermined amount associated with the payment request.
  - 13. The system of claim 11, wherein the received digital certificate conforms to the X.509 standard.
  - 14. The system of claim 11, wherein the second portion within the received digital certificate is configured as XML code.
  - 15. The system of claim 11, wherein the XML code is compliant with a DSML standard.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Oracle International Corporation (Oracle Corporation)
Original Assignee
Oracle International Corporation (Oracle Corporation)
Inventors
Johnson, Richard C.
Primary Examiner(s)
Agwumezie, Charles C

Application Number

US10/727,409
Publication Number

US 20040111375A1
Time in Patent Office

3,610 Days
Field of Search

705/64, 705/75, 713/158, 713/173, 713/176
US Class Current

705/64
CPC Class Codes

G06Q 20/06   Private payment circuits, e...

G06Q 20/0855   involving a third party

G06Q 20/102   Bill distribution or payments

G06Q 20/367   involving electronic purses...

G06Q 20/382   insuring higher security of...

G06Q 20/3821   Electronic credentials

G06Q 20/38215   Use of certificates or encr...

G06Q 20/40   Authorisation, e.g. identif...

G06Q 20/401   Transaction verification

G06Q 40/00   Finance; Insurance; Tax str...

G06Q 40/12   Accounting

Methods and systems for authentication and authorization

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

15 Claims

Specification

Solutions

Use Cases

Quick Links

Methods and systems for authentication and authorization

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

15 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links