Method and system for managing access to protected computer resources provided via an internet protocol network

US 20080066168A1
Filed: 10/30/2007
Published: 03/13/2008
Est. Priority Date: 06/11/1997
Status: Active Grant

First Claim

Patent Images

1. A system for securing transactions between at least one client computer device and at least one server via an Internet Protocol network, wherein said transactions are authorized by at least one clearinghouse based upon authentication of identity data associated with said at least one client computer device, said system comprising:

said at least one clearinghouse having an associated database to store said identity data;

at least one access key associated with said at least one client computer device, said identity data being derived from said at least one access key;

said at least one server adapted to receive at least a portion of said identity data from said at least one client computer device;

said at least one server adapted to forward to said at least one clearinghouse, said at least a portion of said identity data received from said at least one client computer device;

said at least one clearinghouse adapted to authenticate said at least a portion of said identity data responsive to a request by said at least one server, said authentication being based upon said identity data stored in said database; and

said at least one clearinghouse adapted to authorize said transactions based on an outcome of said authentication.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and system for controlling access, by an authentication server, to protected computer resources provided via an Internet Protocol network that includes storing (i) a digital identification associated with at least one client computer device, and (ii) data associated with the protected computer resources in at least one database associated with the authentication server; authenticating, by the authentication server, the digital identification forwarded by at least one access server; authorizing, by the authentication server, the at least one client computer device to receive at least a portion of the protected computer resources requested by the at least one client computer device, based on the stored data associated with the requested protected computer resources; and permitting access, by the authentication server, to the at least the portion of the protected computer resources upon successfully authenticating the digital identification and upon successfully authorizing the at least once client computer device.

144 Citations

View as Search Results

86 Claims

1. A system for securing transactions between at least one client computer device and at least one server via an Internet Protocol network, wherein said transactions are authorized by at least one clearinghouse based upon authentication of identity data associated with said at least one client computer device, said system comprising:
- said at least one clearinghouse having an associated database to store said identity data;
  
  at least one access key associated with said at least one client computer device, said identity data being derived from said at least one access key;
  
  said at least one server adapted to receive at least a portion of said identity data from said at least one client computer device;
  
  said at least one server adapted to forward to said at least one clearinghouse, said at least a portion of said identity data received from said at least one client computer device;
  
  said at least one clearinghouse adapted to authenticate said at least a portion of said identity data responsive to a request by said at least one server, said authentication being based upon said identity data stored in said database; and
  
  said at least one clearinghouse adapted to authorize said transactions based on an outcome of said authentication.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The system of claim 1, wherein said access key is one of (i) connected to, and (ii) built into said at least one client computer device.
  - 3. The system of claim 1, wherein said at least one server is adapted to receive said identity data wirelessly.
  - 4. The system of claim 1, wherein said access key includes at least one of (i) at least one hardware component built into said at least one client computer device, said at least a portion of said identity data being derived by said at least one hardware component, and (ii) at least one hardware memory device associated with said at least one client computer device, said at least a portion of said identity data being stored on said at least one hardware memory device.
  - 5. The system of claim 1, wherein said identity data comprises at least one of (i) a user name, and (ii) a password, and (iii) a one time password, and (iv) hardware identification data, and (v) a digital certificate, and (vi) card based data, and (vii) user account data, and (viii) biometric data.
  - 6. The system of claim 1, wherein said at least a portion of said identity data comprises any combination of a user name, a password, a one time password, hardware identification data, a digital certificate, card based data, user account data, and biometric data.
  - 7. The system of claim 1, wherein said at least a portion of said identity data is encrypted.
  - 8. The system of claim 1, further comprising (i) said at least one clearinghouse having an associated database to store server identity data associated with said at least one server, and (ii) said at least one server adapted to forward its identity data and said at least a portion of said identity data derived from said at least one access key, to said at least one clearinghouse, and (iii) said at least one clearinghouse adapted to authenticate said server identity data responsive to a request by said at least one server, said authentication of said server identity data being based upon said server identity data stored in said database, and (iv) said at least one clearinghouse adapted to authorize said transactions based on an outcome of said authentication of said server identity data.
  - 9. The system of claim 1, further comprising at least one of (i) said at least one server being adapted to (a) store said identity data, and (b) request said at least one client computer device to forward said identity data to said at least one server, and (c) authenticate said at least one client computer device based upon said identity data stored by said at least one server, and (ii) said at least one server being adapted to (a) store clearinghouse identity data associated with said at least one clearinghouse, and (b) request said at least one clearinghouse to forward clearinghouse identity data associated with said at least one clearinghouse to said at least one server, and (c) authenticate said at least one clearinghouse based upon said clearinghouse identity data stored by said at least one server.
  - 10. The system of claim 1, further comprising (i) said at least one clearinghouse having an associated database to store transaction data associated with said transactions, and (ii) said at least one server adapted to forward said at least a portion of said transaction data to said at least one clearinghouse, wherein said transaction data includes at least one of billing data, demographic data and usage tracking data associated with said transactions.
  - 11. The system of claim 1, wherein a second clearinghouse having an associated database is adapted to (i) store said identity data, and (ii) authenticate said at least a portion of said identity data responsive to a request by said at least one server, said authentication being based upon said identity data stored in said database associated with said second clearinghouse, and (iii) authorize said transactions based on an outcome of said authentication by said second clearinghouse.

12. A method of securing a transaction between at least one client computer device and at least one server via an Internet Protocol network, the method comprising:
- storing, by at least one clearinghouse, identity data associated with the at least one client computer device;
  
  deriving the identity data from an access key associated with the at least one client computer device;
  
  receiving, at the at least one server, the identity data from the at least one client computer device;
  
  transmitting, by the at least one server to the at least one clearinghouse, a request for authorization of the transaction, the request including at least a portion of the identity data received from the at least one client computer device;
  
  receiving, by the at least one clearinghouse, the request from the at least one server for authorization of the transaction;
  
  authenticating, by the at least one clearinghouse, the at least a portion of the identity data transmitted by the at least one server; and
  
  authorizing, by the at least one clearinghouse, the transaction based upon an outcome of the authentication.
- View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21)
- - 13. The method of claim 12, wherein deriving the identity data includes the access key being one of connected to and built into the at least one client computer device.
  - 14. The method of claim 12, wherein receiving, by the at least one server, the identity data from the at least one client computer device includes wirelessly receiving the identity data.
  - 15. The method of claim 12, wherein the access key includes at least of one of (i) at least one hardware component built into the at least one client computer device, said at least a portion of said identity data being derived by said at least one hardware component, and (ii) at least one hardware memory device associated with the at least one client computer device, said at least a portion of said identity data being stored on said hardware memory device.
  - 16. The method of claim 12, wherein the identity data is at least one of (i) a user name, and (ii) a password, and (iii) a one time password, and (iv) hardware identification data, and (v) a digital certificate, and (vi) card based data, and (vii) user account data, and (viii) biometric data.
  - 17. The method of claim 12, further comprising encrypting at least a portion of the identity data.
  - 18. The method of claim 12, further comprising (i) storing, by the clearinghouse, server identity data associated with the at least one server, and (ii) forwarding, by the at least one server to the clearinghouse, the server identity data and the at least a portion of said identity data of the at least one client computer device, and (iii) authenticating, by the clearinghouse, the server identity data responsive to a request by the at least one server, the authentication of the server identity data being based upon the server identity data stored by the clearinghouse, and (iv) authorizing, by the clearinghouse, the transactions based on an outcome of the authentication of the server identity data.
  - 19. The method of claim 12, further comprising at least one of (i) the at least one client computer device (a) storing server identity data associated with said at least one server, and (b) requesting the at least one server to forward the server identity data to the at least one client computer device, and (c) authenticating the at least one server based upon the server identity data stored by the at least one client computer device, and (ii) the at least one server (a) storing the identity data, and (b) requesting the at least one client computer device to forward the identity data to the at least one server, and (c) authenticating the at least one client computer device based upon the identity data stored by the at least one server, and (iii) the at least one server (a) storing clearinghouse identity data associated with the at least one clearinghouse, and (b) requesting the at least one clearinghouse to forward the clearinghouse identity data associated with the at least one clearinghouse to the at least one server, and (c) authenticating the at least one clearinghouse based upon the clearinghouse identity data stored by the at least one server.
  - 20. The method of claim 12, further comprising (i) storing, by the at least one clearinghouse, transaction data associated with said transactions, and (ii) forwarding, by the at least one server, the at least a portion of the transaction data to the at least one clearinghouse, wherein the transaction data includes at least one of (a) billing data, and (b) demographic data, and (c) usage tracking data associated with said transactions.
  - 21. The method of claim 12, further comprising (i) storing, by a second clearinghouse having an associated database, the identity data, and (ii) authenticating, by the second clearinghouse, the at least a portion of the identity data responsive to a request by the at least one server, the authentication by the second clearinghouse being based upon the identity data stored in the database associated with the second clearinghouse, and (iii) authorizing, by the second clearinghouse, the transactions based on an outcome of the authentication by the second clearinghouse.

22. A system for collection and storage of transaction data associated with transactions between at least one server and at least one client computer device via an Internet Protocol network, wherein said transactions are authorized by at least one clearinghouse based upon authentication of identity data associated with said at least one client computer device, said system comprising:
- said at least one clearinghouse having an associated database to store (i) said identity data, and (ii) at least a portion of said transaction data;
  
  said at least one server client computer device adapted to forward receive at least a portion of said identity data to said at least one server during said transactions from said at least one client computer device;
  
  said at least one server adapted to forward to said at least one clearinghouse, said at least a portion of said identity data received from said at least one client computer device;
  
  said at least one clearinghouse adapted to authenticate said at least a portion of said identity data responsive to a request by said at least one server, said authentication being based upon said identity data stored in said database;
  
  said at least one clearinghouse further adapted to authorize said transactions based on an outcome of said authentication;
  
  said at least one server further adapted to forward at least a portion of said transaction data to said at least one clearinghouse responsive to said authorization; and
  
  said at least one clearinghouse further adapted to store said at least a portion of said transaction data received from said at least one server based upon said authorization.
- View Dependent Claims (23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33)
- - 23. The system of claim 22, wherein said at least one client computer device server is adapted to receive wirelessly forwards said identity data to said at least one server wirelessly.
  - 24. The system of claim 22, wherein said identity data comprises at least one of (i) a user name, and (ii) a password, and (iii) a one time password, and (iv) a hardware identification data, and (v) a hash of hardware identification data, and (vi) a digital certificate, and (vii) credit/debit card card based data, and (viii) proxy credit debit card data, and (ix) limited use credit/debit card data, and (xvii) user account data, and (xviii) biometric data.
  - 25. The system of claim 22, wherein said at least a portion of said transaction data comprises at least one of (i) a user name, and (ii) a password, and (iii) a one time password, and (iv) hardware identification data, and (v) a hash of hardware identification data, and (vi) a digital certificate, and (vii) credit/debit card card based data, and (viii) proxy credit debit card data, and (ix) limited use credit/debit card data, and (xvii) user account data, and (xviii) biometric data.
  - 26. The system of claim 22, wherein said at least a portion of said identity data is encrypted.
  - 27. The system of claim 22, further comprising (i) said at least one clearinghouse adapted to forward said transaction data to at least one second clearinghouse, and (ii) said at least one a second clearinghouse having an associated database to store said transaction data.
  - 28. The system of claim 22, wherein said transaction data includes at least one of (i) user billing data, and (ii) demographic data, and (iii) usage tracking data.
  - 29. The system of claim 28, further comprising said at least one clearinghouse adapted to (i) generate at least one of (a) an electronic invoice, and (b) a paper invoice from said billing data, and (ii) forward said at least one of an said electronic invoice and a said paper invoice to at least one of (a) said at least one server, and (b) said at least one client computer device.
  - 30. The system of claim 22, wherein said at least one client computer device having has an associated access key, said identity data being derived from said access key.
  - 31. The system of claim 30, wherein said access key is one of (i) connected to, and (ii) built into said at least one client computer device.
  - 32. The system of claim 30, wherein said access key includes at least one of (i) at least one hardware component built into said at least one client computer device, said at least a portion of said identity data being derived from said at least one hardware component, and (ii) at least one hardware memory device associated with the at least one client computer device, said at least a portion of said identity data being stored on said hardware memory device.
  - 33. The system of claim 22, further comprising (i) said at least one clearinghouse having an associated database to store server identity data associated with said at least one server, and (ii) said at least one server adapted to forward the said server identity data and said at least a portion of said identity data of said at least one client computer device to said at least one clearinghouse, and (iii) said at least one clearinghouse adapted to authenticate said server identity data responsive to a request by said at least one server, said authentication of said server identity data being based upon said server identity data stored in said database, and (iv) said at least one clearinghouse adapted to authorize said transactions based on an outcome of said authentication of said server identity data.

34. A method for collecting and storing transaction data associated with transactions between at least one server and at least one client computer device via an Internet Protocol network, wherein said transactions are authorized by at least one clearinghouse based upon authentication of identity data associated with the at least one client computer device, the method comprising:
- storing, by the at least one clearinghouse having an associated database (i) the identity data, and (ii) at least a portion of the transaction data;
  
  forwarding receiving, by the at least one client computer device server, the at least a portion of the identity data to the at least one server during the transactions from the client computer device;
  
  forwarding, by the at least one server, the at least a portion of the identity data received from the at least one client computer device to the at least one clearinghouse;
  
  authenticating, by the at least one clearinghouse, the at least a portion of the identity data responsive to a request by the at least one server, the authentication being based upon the identity data stored in the database;
  
  authorizing, by the at least one clearinghouse the transactions based on an outcome of the authentication;
  
  forwarding, by the at least one server, the at least a portion of the transaction data to the at least one clearinghouse responsive to the authorization; and
  
  storing, by the at least one clearinghouse, the at least a portion of the transaction data received from the at least one server based upon the authorization.
- View Dependent Claims (35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45)
- - 35. The method of claim 34, wherein the at least one client computer device server receives wirelessly forwards the identity data to the at least one server wirelessly.
  - 36. The method of claim 34, wherein the identity data comprises at least one of (i) a user name, and (ii) a password, and (iii) a one time password, and (iv) a hardware identification data, and (v) a hash of hardware identification data, and (vi) a digital certificate, and (vii) credit/debit card card based data, and (viii) proxy credit debit card data, and (ix) limited use credit/debit card data, and (xvii) user account data, and (xviii) biometric data.
  - 37. The method of claim 34, wherein the at least a portion of the transaction data comprises at least one of (i) a user name, and (ii) a password, and (iii) a one time password, and (iv) hardware identification data, and (v) a hash of hardware identification data, and (vi) a digital certificate, and (vii) credit/debit card card based data, and (viii) proxy credit debit card data, and (ix) limited use credit/debit card data, and (xvii) user account data, and (xviii) biometric data.
  - 38. The method of claim 34, wherein the at least a portion of the identity data is encrypted.
  - 39. The method of claim 34, further comprising (i) forwarding, by the at least one clearinghouse, the transaction data to at least one second clearinghouse having an associated database, and (ii) storing, by the at least one a second clearinghouse, the transaction data.
  - 40. The method of claim 34, wherein the transaction data includes at least one of (i) user billing data, and (ii) demographic data, and (iii) usage tracking data.
  - 41. The method of claim 40, further comprising the at least one clearinghouse (i) generating at least one of (a) an electronic invoice, and (b) a paper invoice from said billing data, and (ii) forwarding the at least one of the electronic invoice and the paper invoice to at least one of (a) the at least one server, and (b) the at least one client computer device.
  - 42. The method of claim 40, further comprising the at least one client computer device having an associated access key, the identity data being derived from the access key.
  - 43. The method of claim 42, wherein the access key is one of (i) connected to, and (ii) built into the at least one client computer device.
  - 44. The method of claim 42, wherein the access key includes at least one of (i) at least one hardware component built into the at least one client computer device, the at least a portion of the identity data being derived by the at least one hardware component, and (ii) at least one hardware memory device associated with the at least one client computer device, the at least a portion of the identity data being stored on the hardware memory device.
  - 45. The method of claim 34, further comprising (i) storing, by the at least one clearinghouse, server identity data associated with the at least one server, and (ii) forwarding, by the at least one server, the server identity data and at least a portion of the identity data of the at least one client computer device to the at least one clearinghouse, and (iii) authenticating, by the at least one clearinghouse, the server identity data responsive to a request by the at least one server, the authentication of the server identity data being based upon the server identity data stored in the database, and (iv) authorizing, by the at least one clearinghouse, the transactions based on an outcome of the authentication of the server identity data.

46. A system for processing an application from at least one client computer device for access to transaction services provided by at least one server, said access provided via an Internet Protocol network, the system comprising:
- at least one clearinghouse having an associated database to store (i) at least one verification criteria, and (ii) application data associated with said application, and (iii) identity data associated with said application, said identity data being derived from an access key associated with said at least one client computer device;
  
  said at least one server adapted to receive said application data from at least one applicant applying for access to said transaction services, said at least one application being associated with said at least one client computer device;
  
  said at least one server adapted to forward said application data to said at least one clearinghouse;
  
  said at least one clearinghouse adapted to verify said application data received from said server, said verification being based upon said verification criteria stored in said database;
  
  said at least one clearinghouse adapted to forward the a result of said verification to at least one of (i) said at least one server, and (ii) said at least one client computer device, and (iii) said at least one applicant associated with said application; and
  
  said at least one clearinghouse adapted to forward at least one of (i) said identity data, and (ii) said access key, to at least one of (i) said at least one server, and (ii) said at least one client computer device, and (iii) said at least one applicant, upon a successful outcome of said verification.
- View Dependent Claims (47, 48, 49, 50, 51, 52, 53)
- - 47. The system of claim 46, wherein said access key is one of (i) connected to, and (ii) built into said at least one client computer device.
  - 48. The system of claim 46, wherein said access key includes at least one of (i) at least one hardware component built into the said at least one client computer device, at least a portion of said identity data being derived by said at least one hardware component, and (ii) at least one hardware memory device associated with the at least one client computer device, said at least a portion of said identity data being stored on said hardware memory device.
  - 49. The system of claim 46, wherein said identity data comprises at least one of (i) a user name, and (ii) a password, and (iii) a one time password, and (iv) a hardware identification data, and (v) a hash of hardware identification data, and (vi) a digital certificate, and (vii) credit/debit card card based data, and (viii) proxy credit debit card data, and (ix) limited use credit/debit card data, and (xvii) user account data, and (xviii) biometric data.
  - 50. The system of claim 49, wherein said application data includes at least a portion of said identity data.
  - 51. The system of claim 46, wherein at least a portion of (i) said identity data, and (ii) said application data, is encrypted.
  - 52. The system of claim 46, wherein said verification by said at least one clearinghouse is one of (i) automated, and (ii) manual.
  - 53. The system of claim 46, wherein said forwarding by said at least one clearinghouse is one of (i) automated, and (ii) manual.

54. A method of processing an application from at least one client computer device for access to transaction services provided by at least one server, the access provided via an Internet Protocol network, the method comprising:
- storing, by at least one clearinghouse, (i) at least one verification criteria, and (ii) application data associated with the said application, and (iii) identity data associated the application, the identity data being derived from an access key associated with the at least one client computer device;
  
  receiving, by the at least one server, the application data from at least one applicant applying for access to said transaction services, the at least one applicant being associated with the at least one client computer device;
  
  forwarding, by the at least one server, the application data to the at least one clearinghouse;
  
  verifying, by the at least one clearinghouse, the application data received from the server, the verification being based upon the verification criteria stored by the at least one clearinghouse;
  
  forwarding, by the at least one clearinghouse, the a result of the verification to at least one of (i) the at least one server, and (ii) the at least one client computer device, and (iii) the at least one applicant; and
  
  forwarding, by the at least one clearinghouse, at least one of (i) the identity data, and (ii) the access key, to at least one of (i) the at least one server, and (ii) the at least one client computer device, and (iii) the at least one applicant, upon a successful outcome of said verification.
- View Dependent Claims (55, 56, 57, 58, 59, 60, 61)
- - 55. The method of claim 54, wherein the access key is one of (i) connected to, and (ii) built into the at least one client computer device.
  - 56. The method of claim 54, wherein the access key includes at least one of (i) at least one hardware component built into the at least one client computer device, at least a portion of the identity data being derived by the at least one hardware component, and (ii) at least one hardware memory device associated with the at least one client computer device, the at least a portion of the identity data being stored on the hardware memory device.
  - 57. The method of claim 54, wherein the identity data includes at least one of (i) a user name, and (ii) a password, and (iii) a one time password, and (iv) a hardware identification data, and (v) a hash of hardware identification data, and (vi) a digital certificate, and (vii) credit/debit card card based data, and (viii) proxy credit debit card data, and (ix) limited use credit/debit card data, and (xvii) user account data, and (xviii) biometric data.
  - 58. The method of claim 57, wherein the application data includes at least a portion of the identity data.
  - 59. The method of claim 54, further comprising encrypting at least a portion of (i) the identity data, and (ii) the application data.
  - 60. The method of claim 54, wherein the verifying by the at least one clearinghouse includes one of (i) automatically verifying, and (ii) manually verifying.
  - 61. The method of claim 54, wherein the forwarding by the at least one clearinghouse includes one of (i) automatically forwarding, and (ii) manually forwarding.

62. A system for activating an account in response to a request by at least one client computer device for access to transaction services provided by at least one server, said access provided via an Internet Protocol network, the system comprising:
- at least one clearinghouse having an associated database to store (i) activation data associated with said account, and (ii) identity data associated with said account, said identity data being derived from an access key associated with said at least one client computer device;
  
  said at least one clearinghouse adapted to receive from said at least one server, said identity data and said activation data;
  
  said at least one clearinghouse adapted to compare at least a portion of (i) said identity data, and (ii) said activation data, received from said at least one server, with said activation data and said identity data stored by said at least one clearinghouse; and
  
  said at least one clearinghouse adapted to activate said account based upon an outcome of the comparison, said activation allowing said at least one client computer device to access said transaction services.
- View Dependent Claims (63, 64, 65, 66, 67, 68, 69)
- - 63. The system of claim 62, wherein said access key is one of (i) connected to, and (ii) built into said at least one client computer device.
  - 64. The system of claim 62, wherein said access key includes at least one of (i) at least one hardware component built into said at least one client computer device, at least a portion of said identity data being derived by said at least one hardware component, and (ii) at least one hardware memory device associated with said at least one client computer device, said at least a portion of said identity data being stored on said hardware memory device.
  - 65. The system of claim 62, wherein said identity data comprises at least one of (i) a user name, and (ii) a password, and (iii) a one time password, and (iv) hardware identification data, and (v) a digital certificate, and (vi) card based data, and (vii) user account data, and (viii) biometric data.
  - 66. The system of claim 65, wherein said activation data includes at least a portion of said identity data.
  - 67. The system of claim 62, wherein said activation data includes at least one of (i) a limited use activation code, and (ii) a response to a challenge question, and (iii) a pass code.
  - 68. The system of claim 62, wherein at least a portion of (i) said identity data, and (ii) said activation data, is encrypted.
  - 69. The system of claim 62, wherein said activation by said at least one clearinghouse is one of (i) automated, and (ii) manual.

70. A method of activating an account in response to a request by at least one client computer device for access to transaction services provided by at least one server, the access provided via an Internet Protocol network, the method comprising:
- storing, by at least one clearinghouse, (i) activation data associated with the account, and (ii) identity data associated with the account, the identity data being derived from an access key associated with the at least one client computer device;
  
  receiving, by the at least one clearinghouse from the at least one server, the identity data and the activation data;
  
  comparing, by the at least one clearinghouse, at least a portion of (i) the identity data, and (ii) the activation data, received from the at least one server, with the activation data and the identity data stored by the at least one clearinghouse; and
  
  activating, by the at least one clearinghouse, the account based upon an outcome of the comparison, the activation allowing the at least one client computer device to access the transaction services.
- View Dependent Claims (71, 72, 73, 74, 75, 76, 77)
- - 71. The method of claim 70, wherein the access key is one of (i) connected to, and (ii) built into the at least one client computer device.
  - 72. The method of claim 70, wherein the access key includes at least one of (i) at least one hardware component built into the at least one client computer device, at least a portion of the identity data being derived by the at least one hardware component, and (ii) at least one hardware memory device associated with the at least one client computer device, the at least a portion of the identity data being stored on the hardware memory device.
  - 73. The method of claim 70, wherein the identity data includes at least one of (i) a user name, and (ii) a password, and (iii) a one time password, and (iv) hardware identification data, and (v) a digital certificate, and (vi) card based data, and (vii) user account data, and (viii) biometric data.
  - 74. The method of claim 72, wherein the activation data includes at least a portion of the identity data.
  - 75. The method of claim 70, wherein the activation data includes at least one of (i) a limited use activation code, and (ii) a response to a challenge question, and (iii) a pass code.
  - 76. The method of claim 70, further comprising encrypting at least a portion of (i) the identity data, and (ii) the activation data.
  - 77. The method of claim 70, wherein the activating by the at least one clearinghouse includes one of (i) automatically activating, and (ii) manually activating.

78. A system for activating an account in response to a request by at least one client computer device for access to transaction services provided by at least one server, said access provided via an Internet Protocol network, the system comprising:
- at least one clearinghouse having an associated database to store an activation code associated with (i) activation data associated with said account, and (ii) identity data associated with said account, said identity data being derived from an access key associated with said at least one client computer device;
  
  said at least one clearinghouse adapted to receive said activation code from at least one of (i) said at least one server, and (ii) said at least one client computer device, responsive to a request by said at least one client computer device for access to said transaction services;
  
  said at least one clearinghouse adapted to compare said activation code received with said activation code stored by said at least one clearinghouse; and
  
  said at least one clearinghouse adapted to activate said account based upon an outcome of the comparison, said activation allowing said at least one client computer device to access said transaction services.
- View Dependent Claims (79, 80, 81)
- - 79. The system of claim 78, wherein said access key is one of (i) connected to, and (ii) built into said at least one client computer device.
  - 80. The system of claim 78, wherein said identity data comprises at least one of (i) a user name, and (ii) a password, and (iii) a one time password, and (iv) hardware identification data, and (v) a digital certificate, and (vi) card based data, and (vii) user account data, and (viii) biometric data.
  - 81. The system of claim 78, wherein said activation by said at least one clearinghouse is one of (i) automated, and (ii) manual.

82. A method of activating an account in response to a request by at least one client computer device for access to transaction services provided by at least one server, the access provided via an Internet Protocol network, the method comprising:
- storing, by at least one clearinghouse, an activation code associated with (i) account data associated with the account, and (ii) identity data associated with the account, the identity data being derived from an access key associated with the at least one client computer device;
  
  receiving, by the at least one clearinghouse from at least one of (i) the at least one server, and (ii) the at least one subscriber client computer, the activation code;
  
  comparing, by the at least one clearinghouse, the activation code, received with the activation code stored by the at least one clearinghouse; and
  
  activating, by the at least one clearinghouse, the account based upon an outcome of the comparison, the activation allowing the at least one client computer device to access the transaction services.
- View Dependent Claims (83, 84, 85, 86)
- - 83. The method of claim 82, wherein the access key is one of (i) connected to, and (ii) built into the at least one client computer device.
  - 84. The method of claim 82, wherein the identity data includes at least one of (i) a user name, and (ii) a password, and (iii) a one time password, and (iv) hardware identification data, and (v) a digital certificate, and (vi) card based data, and (vii) user account data, and (viii) biometric data.
  - 85. The method of claim 82, further comprising encrypting at least a portion of (i) the identity data, and (ii) the activation data.
  - 86. The method of claim 82, wherein the activating by the at least one clearinghouse includes one of (i) automatically activating, and (ii) manually activating.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Prism Technologies LLC (Prism Technologies Group, Inc.)
Original Assignee
Prism Technologies LLC (Prism Technologies Group, Inc.)
Inventors
Gregg, Richard, Goeke, Timothy, Giri, Sandeep

Granted Patent

US 8,127,345 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/7
CPC Class Codes

G06F 21/335   for accessing specific reso...

G06F 21/44   Program or device authentic...

G06F 2221/2101   Auditing as a secondary aspect

G06F 2221/2129   Authenticate client device ...

G06F 2221/2135   Metering

G06F 2221/2141   Access rights, e.g. capabil...

G06F 2221/2149   Restricted operating enviro...

G06Q 2220/00   Business processing using c...

H04L 2463/102   applying security measure f...

H04L 63/08   for authentication of entit...

H04L 63/0823   using certificates cryptogr...

H04L 63/083   using passwords cryptograph...

H04L 63/0853   using an additional device,...

H04L 63/10   for controlling access to d...

Method and system for managing access to protected computer resources provided via an internet protocol network

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

144 Citations

86 Claims

Specification

Solutions

Use Cases

Quick Links

Method and system for managing access to protected computer resources provided via an internet protocol network

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

144 Citations

86 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links