Internet server access control and monitoring systems

US 5,708,780 A
Filed: 06/07/1995
Issued: 01/13/1998
Est. Priority Date: 06/07/1995
Status: Expired due to Term

- Alert
- Pin

Associated Cases

Associated Defendants

First Claim

Patent Images

1. A method of processing service requests from a client to a server system through a network, said method comprising the steps of:

forwarding a service request from the client to the server system, wherein communications between the client and server system are according to hypertext transfer protocol;

returning a session identifier from the server system to the client; and

appending as part of a path name in a uniform resource locator the session identifier to the request and to subsequent service requests from the client to the server system within a session of requests.

View all claims

11 Assignments

Timeline View

Assignment View

Litigations

0 Petitions

Reexamination

Accused Products

Abstract

This invention relates to methods for controlling and monitoring access to network servers. In particular, the process described in the invention includes client-server sessions over the Internet involving hypertext files. In the hypertext environment, a client views a document transmitted by a content server with a standard program known as the browser. Each hypertext document or page contains links to other hypertext pages which the user may select to traverse. When the user selects a link that is directed to an access-controlled file, the server subjects the request to a secondary server which determines whether the client has an authorization or valid account. Upon such verification, the user is provided with a session identification which allows the user to access to the requested file as well as any other files within the present protection domain.

1999 Citations

45 Claims

1. A method of processing service requests from a client to a server system through a network, said method comprising the steps of:
- forwarding a service request from the client to the server system, wherein communications between the client and server system are according to hypertext transfer protocol;
  
  returning a session identifier from the server system to the client; and
  
  appending as part of a path name in a uniform resource locator the session identifier to the request and to subsequent service requests from the client to the server system within a session of requests.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21)
- - 2. A method as claimed in claim 1 wherein the session identifier includes a user identifier.
  - 3. A method as claimed in claim 1 wherein the session identifier includes an expiration time for the session.
  - 4. A method as claimed in claim 1 wherein the server system records information from the session identifier in a transaction log in the server system.
  - 5. A method as claimed in claim 4 wherein the server system tracks the access history of sequences of service requests within a session of requests.
  - 6. A method as claimed in claim 5 wherein the server system tracks the access history to determine service requests leading to a purchase made within the session of requests.
  - 7. A method as claimed in claim 4 wherein the server system counts requests to particular services exclusive of repeated requests from a common client.
  - 8. A method as claimed in claim 4 wherein the server system maintains a data base relating customer information to access patterns.
  - 9. A method as claimed in claim 8 wherein the information includes customer demographics.
  - 10. A method as claimed in claim 1 wherein the server system assigns the session identifier to an initial service request to the server system.
  - 11. A method as claimed in claim 1 wherein the server system subjects the client to an authorization routine prior to issuing the session identifier and the session identifier is protected from forgery.
  - 12. A method as claimed in claim 1 wherein the server system comprises plural servers including an authentication server which provides session identifiers for service requests to multiple servers.
  - 13. A method as claimed in claim 12 wherein:
    - a client directs a service request to a first server which is to provide the requested service;
      
      the first server checks the service request for a session identifier and only services a service request having a valid session identifier, and where the service request has no valid identifier;
      
      the first server redirects the service request from the client to the authorization server;
      
      the authorization server subjects the client to the authorization routine and issues the session identifier to be appended to the service request to the first server;
      
      the client forwards the service request appended with the session identifier to the first server; and
      
      the first server recognizes the session identifier and services the service request to the client; and
      
      the client appends the session identifier to subsequent service requests to the server system and is serviced without further authorization.
  - 14. A method as claimed in claim 13 wherein the session identifier includes a user identifier.
  - 15. A method as claimed in claim 13 wherein the session identifier includes an expiration time for the session.
  - 16. A method as claimed in claim 13 wherein the session identifier provides access to a protected domain to which the session has access authorization.
  - 17. A method as claimed in claim 16 wherein the session identifier is modified for access to a different protected domain.
  - 18. A method as claimed in claim 13 wherein the session identifier provides a key identifier for key management.
  - 19. A method as claimed in claim 13 wherein the server system records information from the session identifier in a transaction log in the server system.
  - 20. A method as claimed in claim 13 wherein the client modifies the path name of a current uniform resource locator using relative addressing and retains the session identifier portion of the path name unmodified for successive requests in the session.
  - 21. A method as claimed in claim 1 wherein:
    - the server system subjects the client to an authorization routine prior to issuing the session identifier and the session identifier is protected from forgery, records information from the session identifier in a transaction log in the server system, tracks request paths relative to hypertext pages, and maintains a data base relating customer demographics to access patterns; and
      
      the client modifies the path name of a current uniform resource locator using relative addressing and retains the session identifier portion of the path name unmodified for successive requests in a session.

22. A method of processing service requests from a client to a server system through a network, said method comprising the steps of:
- appending as part of a path name in a uniform resource locator a session identifier to the request, wherein communications between the client and server system are according to hypertext transfer protocol;
  
  responding to requests for hypertext pages received from a client through the network by returning the requested hypertext pages to the client;
  
  responding to further client requests related to links in the hypertext pages; and
  
  tracking the further client requests related to a particular hypertext page.
- View Dependent Claims (23)
- - 23. A method as claimed in claim 22 wherein the requests include a common session identifier and the server system tracks client requests within a session of requests.

24. A method of processing service requests from a client to a server system through a network, said method comprising the steps of:
- appending a session identifier to the request as part of a path name in a uniform resource locator, wherein communications between the client and server system are according to hypertext transfer protocol; and
  
  responding to requests for documents received from the client through the network by returning the requested documents wherein the documents are customized for a particular user based on a user profile.

25. A method of processing service requests from a client to a server system through a network, said method comprising the steps of:
- responding to a request for a document received from the client through the network, wherein communications between the client and server system are according to hypertext transfer protocol;
  
  appending a session identifier, which includes a user identification to the request as part of a path name in a uniform resource locator; and
  
  returning the requested document wherein the document is customized for a particular user based on the user identification of the session identifier.

26. A method of processing service requests from a client to a server system through a network, said method comprising the steps of:
- appending a session identifier to the request as part of a path name in a uniform resource locator, wherein communications between the client and server system are according to hypertext transfer protocol;
  
  responding to requests for information received from the client through the network by returning the requested information to the client; and
  
  counting requests to particular information exclusive of repeated requests from a common client.
- View Dependent Claims (27)
- - 27. A method as claimed in claim 26 comprising excluding from the counting requests made for information from the client within a defined period of time.

28. A method of processing service requests for a document received from a client through a network in which the document has been purchased by a user, said method comprising the steps of:
- responding to a request for a document received from a client through the network in which the document has been purchased by the user wherein communications between the client and server system are according to hypertext transfer protocol;
  
  appending an authorization identifier to the request as part of a path name in a uniform resource locator; and
  
  returning the requested document if the authorization identifier indicates that the user is authorized to access the document.
- View Dependent Claims (29)
- - 29. A method as claimed in claim 28, wherein the authorization identifier is encoded within a session identifier which is appended to the request as part of a path name in a uniform resource locator.

30. A method of processing service requests from a client to a server system through a network, said method comprising the steps of:
- responding to a request for a document received from a client through the network, wherein communications between the client and server system are according to hypertext transfer protocol;
  
  appending as part of a path name in a uniform resource locator a session identifier to the request;
  
  returning the requested document to the client, and;
  
  charging the user identified in the session identifier for access to the document.
- View Dependent Claims (31)
- - 31. A method as claimed in claim 30, wherein a user identifier is encoded within a session identifier which is appended to the request.

32. An information system on a network, comprising:
- means for receiving service requests from clients and for determining whether a service request includes a session identifier, wherein communications between the client and server system are according to hypertext transfer protocol;
  
  means for appending the session identifier as part of a path name in a uniform resource locator in response to an initial service request in a session of requests; and
  
  means for servicing service requests from a client which include the session identifier, the subsequent service request being processed in the session.
- View Dependent Claims (33, 34, 35, 36, 37, 38, 39)
- - 33. An information system as claimed in claim 32 wherein the means for providing the session identifier is in a server system which services the requests.
  - 34. An information system as claimed in claim 32 further comprising an authorization routine for authorizing the client prior to issuing the session identifier and means for protecting the session identifier from forgery.
  - 35. An information server system as claimed in claim 32 further comprising a transaction log for recording information from the session identifier.
  - 36. An information system as claimed in claim 32 further comprising means for tracking access history of sequences of service requests within the session of requests.
  - 37. An information system as claimed in claim 32 further comprising means for counting requests to particular services exclusive of repeated requests from a common client.
  - 38. An information system as claimed in claim 32 further comprising a data base relating customer information to access patterns.
  - 39. An information system as claimed in claim 38 wherein the information includes customer demographics.

40. An information server on a network, comprising:
- means for appending a session identifier as part of a path name in a uniform resource locator, wherein communications between the client and server system are according to hypertext transfer protocol;
  
  means for responding to requests for hypertext pages received from a client through the network by returning the requested hypertext pages to the client;
  
  means for responding to further requests derived from links in the hypertext pages; and
  
  means for tracking the further requests derived from a particular hypertext page.
- View Dependent Claims (41, 42)
- - 41. A server as claimed in claim 40 wherein the requests include a common session identifier and the server tracks requests within a session of requests.
  - 42. A server as claimed in claim 41 further comprising a data base relating customer demographics to access patterns.

43. An information server on a network, comprising:
- means for appending the session identifier as part of a path name in a uniform resource locator, wherein communications between the client and server system are according to hypertext transfer protocol;
  
  means for responding to requests for service received from a client through a network by returning the requested service to the client; and
  
  means for counting requests to particular service exclusive of repeated requests from a common client.
- View Dependent Claims (44, 45)
- - 44. A server as claimed in claim 43 wherein the requests include a common session identifier and the server tracks requests within a session of requests.
  - 45. A server as claimed in claim 43 further comprising means for excluding requests made to a service from the client within a defined period of time.

Specification

Resources

Litigation Campaign Assessment

Litigation Data

Current Assignee
Soverain IP, LLC
Original Assignee
Open Market, Inc. (Divine Technology Ventures)
Inventors
Treese, George Winfield, Levergood, Thomas Mark, Stewart, Lawrence C., Morris, Stephen Jeffrey, Payne, Andrew C.
Primary Examiner(s)
Treat, William M.
Assistant Examiner(s)
Winder, Patrice L.

Application Number

US08/474,096
Time in Patent Office

951 Days
Field of Search

395/200.11, 395/200.12, 395/200.02, 395/200.05, 395/200.06, 395/200.09, 395/200.15, 380/23, 380/24, 380/25, 380/49, 340/825.34
US Class Current

709/229
CPC Class Codes

G06F 21/41   where a single sign-on prov...

G06F 21/6218   to a system of files or obj...

G06F 2221/2119   Authenticating web pages, e...

H04L 63/0815   providing single-sign-on or...

H04L 63/102   Entity profiles

Internet server access control and monitoring systems

First Claim

11 Assignments

Litigations

0 Petitions

Reexamination

Accused Products

Abstract

1999 Citations

45 Claims

Specification

Use Cases

Quick Links

Others

Internet server access control and monitoring systems

First Claim

11 Assignments

Subscription Required

Subscription Required

Litigations

0 Petitions

Subscription Required

Reexamination

Accused Products

Subscription Required

Abstract

1999 Citations

45 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others