Method for managing access to protected computer resources
First Claim
1. A method for controlling access, by at least one authentication server, to protected computer resources provided via an Internet Protocol network, the method comprising:
- receiving, at the at least one authentication server from at least one access server, identity data associated with at least one client computer device;
comparing, by the at least one authentication server, the identity data associated with the at least one client computer device to identity data stored in a database associated with the at least one authentication server;
sending, by the at least one access server to the at least one client computer device, a challenge;
receiving, at the at least one access server, a response from the at least one client computer device;
comparing, at the at least one access server, the challenge and the response;
receiving, by at least one server associated with the at least one authentication server, a request for the protected computer resources from the at least one client computer device;
authorizing, by one of the at least one server associated with the at least one authentication server and another at least one server associated with the at least one authentication server, the at least one client computer device to receive at least a portion of the protected computer resources requested by the at least one client computer device based on data associated with the protected computer resources stored in at least one database associated with one of the at least one server associated with the at least one authentication server and the another at least one server associated with the at least one authentication server; and
controlling access, by one of the at least one server associated with the at least one authentication server, the another at least one server associated with the at least one authentication server, and yet another at least one server associated with the at least one authentication server, to the at least a portion of the protected computer resources upon successfully comparing the identity data associated with the at least one client computer device and the identity data stored in the database associated with the at least one authentication server, and upon successful authorization of the at least one client computer device.
3 Assignments
0 Petitions
Accused Products
Abstract
A system for securing and tracking usage of transaction services or computer resources by a client computer from a first server computer, which includes clearinghouse means for storing identity data of the first server computer and the client computer(s); server software means and client software means adapted to forward its identity data and identity data of the client computer(s) to the clearinghouse means at the beginning of an operating session; and a hardware key connected to the client computer, the key being adapted to generate a digital identification as part of the identity data; wherein the hardware key is implemented using a hardware token access system, a magnetic card access system, a smart card access system, a biometric identification access system or a central processing unit with a unique embedded digital identification.
-
Citations
55 Claims
-
1. A method for controlling access, by at least one authentication server, to protected computer resources provided via an Internet Protocol network, the method comprising:
-
receiving, at the at least one authentication server from at least one access server, identity data associated with at least one client computer device; comparing, by the at least one authentication server, the identity data associated with the at least one client computer device to identity data stored in a database associated with the at least one authentication server; sending, by the at least one access server to the at least one client computer device, a challenge; receiving, at the at least one access server, a response from the at least one client computer device; comparing, at the at least one access server, the challenge and the response; receiving, by at least one server associated with the at least one authentication server, a request for the protected computer resources from the at least one client computer device; authorizing, by one of the at least one server associated with the at least one authentication server and another at least one server associated with the at least one authentication server, the at least one client computer device to receive at least a portion of the protected computer resources requested by the at least one client computer device based on data associated with the protected computer resources stored in at least one database associated with one of the at least one server associated with the at least one authentication server and the another at least one server associated with the at least one authentication server; and controlling access, by one of the at least one server associated with the at least one authentication server, the another at least one server associated with the at least one authentication server, and yet another at least one server associated with the at least one authentication server, to the at least a portion of the protected computer resources upon successfully comparing the identity data associated with the at least one client computer device and the identity data stored in the database associated with the at least one authentication server, and upon successful authorization of the at least one client computer device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21)
-
-
22. A method for controlling access, by at least one authentication server, to protected computer resources provided via an Internet Protocol network, the method comprising:
-
receiving, at the at least one authentication server from at least one access server, identity data associated with the at least one access server; comparing, by the at least one authentication server, the identity data associated with the at least one access server to identity data stored in a database associated with the at least one authentication server; receiving, at the at least one authentication server from the at least one access server, identity data associated with at least one client computer device; comparing, by the at least one authentication server, the identity data associated with the at least one client computer device to identity data stored in another database associated with the at least one authentication server; sending, by the at least one access server to the at least one client computer device, a challenge; receiving, at the at least one access server, a response from the at least one client computer device; comparing, at the at least one access server, the challenge and the response; receiving, by at least one server associated with the at least one authentication server, a request for the protected computer resources from the at least one client computer device; authorizing, by one of the at least one server associated with the at least one authentication server and another at least one server associated with the at least one authentication server, the at least one client computer device to receive at least a portion of the protected computer resources requested by the at least one client computer device based on data associated with the protected computer resources stored in at least one database associated with one of the at least one server associated with the at least one authentication server and the another at least one server associated with the at least one authentication server; and controlling access, by one of the at least one server associated with the at least one authentication server, the another at least one server associated with the at least one authentication server, and yet another at least one server associated with the at least one authentication server, to the at least a portion of the protected computer resources upon successfully comparing the identity data associated with the at least one client computer device and the identity data stored in the another database associated with the at least one authentication server, and upon successful authorization of the at least one client computer device. - View Dependent Claims (23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38)
-
-
39. A method for controlling access, by at least one authentication server, to protected computer resources provided via an Internet Protocol network, the method comprising:
-
receiving, at the at least one authentication server from at least one access server, identity data associated with the at least one access server; comparing, by the at least one authentication server, the identity data associated with the at least one access server to identity data stored in a database associated with the at least one authentication server; receiving, at the at least one authentication server from the at least one access server, identity data associated with at least one client computer device; comparing, by the at least one authentication server, the identity data associated with the at least one client computer device to identity data stored in another database associated with the at least one authentication server; sending, by the at least one access server to the at least one client computer device, a challenge; receiving, at the at least one access server, a response from the at least one client computer device; comparing, at the at least one access server, the challenge and the response; receiving, by at least one server associated with the at least one authentication server, a request for the protected computer resources from the at least one client computer device; authorizing, by the at least one server associated with the at least one authentication server, the at least one client computer device to receive at least a portion of the protected computer resources requested by the at least one client computer device; and controlling access, by the at least one server associated with the at least one authentication server, to the at least a portion of the protected computer resources upon successfully comparing the identity data associated with the at least one client computer device and the identity data stored in the database associated with the at least one authentication server, and upon successful authorization of the at least one client computer device. - View Dependent Claims (40, 41, 42)
-
-
43. A method for controlling access, by at least one authentication server, to protected computer resources provided via an Internet Protocol network, the method comprising:
-
receiving, at the at least one authentication server from at least one access server, identity data associated with at least one client computer device; comparing, by the at least one authentication server, the identity data associated with the at least one client computer device to identity data stored in a database associated with the at least one authentication server; sending, by the at least one access server to the at least one client computer device, a challenge; receiving, at the at least one access server, a response from the at least one client computer device; comparing, at the at least one access server, the challenge and the response; receiving, by at least one server associated with the at least one authentication server, a request for the protected computer resources from the at least one client computer device; authorizing, by the at least one server associated with the at least one authentication server, the at least one client computer device to receive at least a portion of the protected computer resources requested by the at least one client computer device; and controlling access, by the at least one server associated with the at least one authentication server, to the at least a portion of the protected computer resources upon successful comparison of the identity data associated with the at least one client computer device and the identity data stored in the database associated with the at least one authentication server, and upon successful authorization of the at least one client computer device. - View Dependent Claims (44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55)
-
Specification