Non-Patent Literature 
WIPO Prior Art 
EP Prior Art 
US Prior Art 
CN Prior Art 
JP Prior Art 
KR Prior Art | Ground | Reference | Owner of the Reference | Title | Semantic Mapping | Basis | Anticipation | Challenged Claims | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 1 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | ||||||||
| 1 | IEEE WIRELESS COMMUNICATIONS. 9 (3): 22-30 JUN 2002 (Li, 2002) | Thomson Multimedia Inc | Public Access Mobility LAN: Extending The Wireless Internet Into The LAN Environment | ▪ access point, access code ≈ wireless access points ▪ first user ≈ service provider ▪ computing system ≈ different air ▪ first authentication method ≈ wireless LAN | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X | ||||||
| 2 | 1977 IEEE INTERNATIONAL PERFORMANCE, COMPUTING AND COMMUNICATIONS CONFERENCE. : 546-553 1997 (Davis, 1997) | Iowa State University of Science and Technology | An Implementation Of MLS On A Network Of Workstations Using X.500/509 | ▪ second authentication, second user authentication information ≈ access control mechanism ▪ first authentication method ≈ security service ▪ access code, user access ≈ Access control | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X | ||||||
| 3 | COMPUTERS & SECURITY. 16 (6): 543-549 1997 (Labuschagne, 1997) | The Rand Afrikaans University (RAU) South Africa | Improved System-access Control Using Complementary Technologies | ▪ second authentication, second user authentication information ≈ access control mechanism ▪ time expires ≈ up control | X | X | X | X | X | X | X | X | X | X | ||||||||||||
| 4 | 1997 CERN SCHOOL OF COMPUTING. 97 (8): 47-71 1997 (Johnston, 1997) | University of California—Berkeley | A Use-condition Centered Approach To Authenticated Global Capabilities: Security Architectures For Large-scale Distributed Collaboratory Environments | ▪ second authentication, second user authentication information ≈ access control mechanism ▪ first authentication method ≈ security service | X | X | X | X | X | X | X | X | X | X | ||||||||||||
| 5 | US20020004833A1 (Toshio Tonouchi, 2002) | (Original Assignee) NEC Corp (Current Assignee) NEC Corp | System for and a method of providing an online time period reserving service, which can protect an excessive load from being applied to a communication system, in order to provide a stable communication to a user | ▪ time expires ≈ same time period ▪ second user, second user authentication information ≈ said time | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(b) ▪ 35 U.S.C. 102(e) | ▪ discloses sending essentially identical tasks to multiple servers with differing processing loads to find the most… ▪ discloses the method system and computer readable medium of claim… ▪ teaches a data processing system that provides substantial throughput for consolidation integration structuring… ▪ teaches a communication interface between a peripheral comprising the intelligent network interface card INIC… | X | X | X | X | X | X | X | X | X | X | ||||||||||
| 6 | US20020004727A1 (William Knaus, 2002) | (Original Assignee) Knaus William A.; Marks Richard D. | Broadband computer-based networked systems for control and management of medical records | ▪ second authentication ≈ digital signatures ▪ first user ≈ service provider, said portion ▪ computing device, computer system ≈ electronic data ▪ second user, user device ≈ said database | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(b) ▪ 35 U.S.C. 102(e) | ▪ discloses transmitting information to a cellular telephone col… ▪ discloses wherein each of said patient s medical status comprises an expected departure date and updating the database… ▪ teaches a patient monitoring system as previously explained but does not expressly disclose that the patient monitor… ▪ teaches uses an estimated value for the determination of what time a hyper or hypoglycemic event will occur column… | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X | |||||
| 7 | US6076167A (Stephen J. Borza, 2000) | (Original Assignee) DEW Engineering and Development ULC (Current Assignee) ActivCard Ireland Ltd | Method and system for improving security in network applications | ▪ user device access, user access ≈ predetermined limit ▪ external network ≈ signal indicative, produce data ▪ second authentication, second authentication method ≈ false acceptance ▪ first authentication ≈ biometric input | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(b) | ▪ teaches a method and system for tokenless authorization of commercial transactions where a buyer registers with a… ▪ teaches system and method for managing data privacy in a database management system that allows the storing of one or… ▪ teaches linking the results of genetic testing with the biometric data and a unique correlating code col… ▪ teaches that during the transmission step when a buyer accepts a seller proposal transaction the computer system… | X | X | X | X | X | X | ||||||||||||||
| 8 | US20010031066A1 (Joel Meyer, 2001) | (Original Assignee) Digimarc Corp (Current Assignee) Digimarc Corp | Connected audio and other media objects | ▪ second authentication, second authentication method ≈ reference number ▪ user device ≈ user device | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(e) ▪ 35 U.S.C. 102(b) | ▪ discloses an identifier may be placed in the content package by steganographically encoding it in the media signal A… ▪ teaches a mathematical operation being used to modify the samples… ▪ teaches embedded information such as watermarks that may be embedded in a video by various entities at different times… ▪ discloses a system for providing lyrics for a plurality of digital audio files… | X | X | X | |||||||||||||||||
| 9 | US20010032100A1 (Khalid Mahmud, 2001) | (Original Assignee) American Telecare Inc (Current Assignee) American Telecare Inc | Dynamic remotely accessible medical record | ▪ second user, second user authentication information ≈ audio capture ▪ user device ≈ medical staff | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(b) ▪ 35 U.S.C. 102(e) | ▪ teaches a patient monitoring system as previously explained but does not expressly disclose that the patient monitor… ▪ discloses a method of maintaining records at a medical facility said method comprising the steps of providing mobile… ▪ discloses electronically displaying pictorial ergonomic actuators abstract and… ▪ teaches the need for an auditable validation process which is ostensibly met by validation criteria ie data edits… | X | X | X | X | X | X | X | X | X | X | ||||||||||
| 10 | WO9960483A1 (Jennifer French, 1999) | (Original Assignee) Equifax Inc. | System and method for authentication of network users | ▪ readable storage, readable storage medium containing instructions ≈ information comprises information ▪ second authentication ≈ second authentication ▪ first authentication ≈ first authentication, biometric input ▪ user device ≈ input interface | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(e) ▪ 35 U.S.C. 102(b) | ▪ teaches use of identity validation form as part of user authentication in account creation see figures… ▪ teaches that receiving an initial data request sending a query to the client and providing the information in response… ▪ teaches computing a probability that the financial transaction will be compromised based on a securityrelated sensor… ▪ discloses method for accessing media content using a mobile communications device said method comprising the steps of… | X | X | X | |||||||||||||||||
| 11 | WO9962037A1 (Yves Louis Gabriel Audebert, 1999) | (Original Assignee) Activcard | Terminal et systeme pour la mise en oeuvre de transactions electroniques securisees | ▪ end storage device, end server ≈ third interface ▪ second user ≈ said server | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(e) | ▪ discloses wherein communicating the controlled content comprises communicating an access authorization token… ▪ discloses an authentication method similar and with the same elements as… ▪ teaches the processor uses an encryption key to encrypt the information sent to the server… ▪ teaches a data communications system using public key cryptography in a web environment in which users must register… | X | X | X | X | X | X | X | X | X | X | ||||||||||
| 12 | US6161139A (Teresa Win, 2000) | (Original Assignee) Encommerce Inc (Current Assignee) Entrust Ltd | Administrative roles that govern access to administrative functions | ▪ different communication ≈ more processor ▪ second user ≈ second user ▪ first user ≈ first user, two users | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(e) ▪ 35 U.S.C. 102(b) | ▪ discloses a system and method for distributed access management of information resources the system and method having… ▪ teaches the invention as claimed including access and registry servers to provide secure access to clients see… ▪ teaches the claimed subject matter as discussed above except that… ▪ discloses using flags within XML fields in order to figure out which field to execute… | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X | |||||
| 13 | US6205478B1 (Hiroyasu Sugano, 2001) | (Original Assignee) Fujitsu Ltd (Current Assignee) Fujitsu Ltd | System for exchanging user information among users | ▪ second authentication ≈ access control information ▪ end server ≈ said network | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(e) ▪ 35 U.S.C. 102(b) | ▪ discloses one or more interfaces to one or more communications channels that may include one or more interfaces to user… ▪ discloses administering registration of a personal information in a database in a manner tending to assure integrity of… ▪ discloses encoding content for conversion into visionenabled content… ▪ discloses about a system and a method for secure transaction management and electronic rights protection… | X | X | X | |||||||||||||||||
| 14 | US6308203B1 (Tatsuo Itabashi, 2001) | (Original Assignee) Sony Corp (Current Assignee) Sony Corp | Information processing apparatus, information processing method, and transmitting medium | ▪ communication path ≈ processing apparatus ▪ readable storage ≈ delivery address ▪ end server ≈ said network | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(e) ▪ 35 U.S.C. 102(b) | ▪ discloses the video entertainment passes from the remote headend to the proxy server and the proxy server delivers the… ▪ discloses a system for providing and billing for third party applications or services to the wireless devices of… ▪ discloses displaying to the user a YES and button when the user agrees that the server can provide the personal… ▪ discloses wherein a processing steps employ information previously supplied by a mobile subscriber abstract paragraph… | X | |||||||||||||||||||
| 15 | US6266649B1 (Gregory D. Linden, 2001) | (Original Assignee) Amazon com Inc (Current Assignee) Amazon Technologies Inc | Collaborative recommendations using item-to-item similarity mappings | ▪ second authentication method, end storage device ≈ following steps ▪ computer system ≈ computer system, like products ▪ different communication ≈ requiring use ▪ user access ≈ user access | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(b) ▪ 35 U.S.C. 102(e) | ▪ discloses use of product viewing histories of users to identify related products… ▪ discloses content personalization based on actions performed during a current browsing session… ▪ teaches receiving the endorsement information comprises receiving the endorsement information from the first user who… ▪ discloses that social network research shows that people tend to share similar preferences with others with low degree… | X | X | X | X | X | X | ||||||||||||||
| 16 | US6278449B1 (Basuki Afandi Sugiarto, 2001) | (Original Assignee) Sony Corp; Sony Electronics Inc (Current Assignee) Sony Corp ; Sony Electronics Inc | Apparatus and method for designating information to be retrieved over a computer network | ▪ computer system ≈ computer system ▪ computing system ≈ single display | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(e) ▪ 35 U.S.C. 102(b) | ▪ teaches a similar method for querying a database and providing information services to users based on their… ▪ teaches an indication of an amount of time an estimated download time… ▪ discloses detecting identification of the mobile user paragraph… ▪ teaches a method for providing content the method comprising receiving at a computer content from a first independent… | X | |||||||||||||||||||
| 17 | US6311162B1 (Ernst F. Reichwein, 2001) | (Original Assignee) Ernst F. Reichwein; Joseph G. White (Current Assignee) REICHWEIN - WHITE ENTERPRISES Inc | Interactive symptomatic recording system and methods | ▪ computing device ≈ computing device ▪ readable storage medium containing instructions ≈ program product | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(b) ▪ 35 U.S.C. 102(e) | ▪ discloses a method and system for monitoring electronic transactions of an enterprise and detect exceptions indicating… ▪ teaches information terminal comprises a bar code reader which reads a bar code put on a repair card on which a check… ▪ discloses this limitation in an analogous art for the purpose of showing that a rules database is created and used in a… ▪ teaches providing over a network shared information regarding a transaction wherein the transaction comprises one or… | X | X | ||||||||||||||||||
| 18 | US6321334B1 (Michael S. Jerger, 2001) | (Original Assignee) Microsoft Corp (Current Assignee) Microsoft Technology Licensing LLC | Administering permissions associated with a security zone in a computer system security model | ▪ communication path, readable storage medium containing instructions ≈ computer readable medium ▪ access point, user access ≈ high security | X | X | X | |||||||||||||||||||
| 19 | US6182142B1 (Teresa Win, 2001) | (Original Assignee) Encommerce Inc (Current Assignee) Entrust Ltd | Distributed access management of information resources | ▪ first user ≈ second information ▪ different communication ≈ more processor ▪ user device ≈ more function ▪ user access ≈ user access | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(e) ▪ 35 U.S.C. 102(b) | ▪ discloses a system and method for distributed access management of information resources the system and method having… ▪ teaches the invention as claimed including access and registry servers to provide secure access to clients see… ▪ teaches the claimed subject matter as discussed above except that… ▪ discloses using flags within XML fields in order to figure out which field to execute… | X | X | X | X | X | X | X | X | X | X | X | |||||||||
| 20 | US6141778A (Kevin J. Kane, 2000) | (Original Assignee) MCI Communications Corp (Current Assignee) Verizon Patent and Licensing Inc | Method and apparatus for automating security functions in a computer system | ▪ computer system ≈ computer system ▪ time expires ≈ key base | X | X | X | |||||||||||||||||||
| 21 | US6185567B1 (Paul J. Ratnaraj, 2001) | (Original Assignee) University of Pennsylvania Penn (Current Assignee) University of Pennsylvania Penn | Authenticated access to internet based research and data services | ▪ second authentication method ≈ requesting user ▪ computer system ≈ computer system ▪ access code ≈ checking step | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(b) ▪ 35 U.S.C. 102(e) | ▪ teaches that typical optimizers use statistics that are an average across all tenants of the database… ▪ teaches the authentication of users in a secure search system in which storage time for security credentials is… ▪ teaches a method for grouping data objects to improve data analysis… ▪ teaches a tangible computerreadable medium according to claim… | X | X | X | X | X | X | X | X | X | X | X | X | ||||||||
| 22 | US5920848A (Daniel Schutzer, 1999) | (Original Assignee) Citibank NA (Current Assignee) Citibank NA | Method and system for using intelligent agents for financial transactions, services, accounting, and advice | ▪ second user ≈ said server ▪ user access ≈ user access | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(b) ▪ 35 U.S.C. 102(e) | ▪ teaches these as magnetic stripe card reader encodes the magnetic strip and sensor pad see atleast… ▪ discloses targeting advertising in a home retail banking delivery service… ▪ discloses scanning a bill for various image features and comparing them with stored information… ▪ discloses a system method and computer program product for optimization and acceleration of data transport and… | X | X | X | X | X | X | X | X | X | X | ||||||||||
| 23 | US6016476A (Stephane Herman Maes, 2000) | (Original Assignee) International Business Machines Corp (Current Assignee) Toshiba Global Commerce Solutions Holdings Corp | Portable information and transaction processing system and method utilizing biometric authorization and digital certificate security | ▪ readable storage ≈ transaction terminal ▪ first user ≈ service provider | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(b) ▪ 35 U.S.C. 102(e) | ▪ teaches a means of linking the audio data in digital format… ▪ discloses an ID system which authorizes user with biometric input including signature or other writing col… ▪ discloses wherein the module is to send to a financial party the financial data associated with funds of the user… ▪ discloses a method and system of enabling a user to access a computer system comprising the steps of capturing biometric… | X | X | X | X | X | X | X | X | X | X | X | |||||||||
| 24 | US6003032A (William Bunney, 1999) | (Original Assignee) Sony International Europe GmbH (Current Assignee) Sony International Europe GmbH | Data communication system | ▪ user access ≈ system administrator ▪ end server ≈ said network ▪ second user ≈ said server | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(b) | ▪ teaches user name authentication for gateway clients accessing a proxy cache server see abstract… ▪ discloses receiving web page display data corresponding to said web page from a second server FIG… ▪ discloses the ability to reformat a document to match the display parameters of the display device based on device… ▪ discloses disclose that said second language comprises at least one of hypertext markup language and wireless markup… | X | X | X | X | X | X | X | X | X | X | ||||||||||
| 25 | US6105131A (Robert B. Carroll, 2000) | (Original Assignee) International Business Machines Corp (Current Assignee) International Business Machines Corp | Secure server and method of operation for a distributed information system | ▪ readable storage medium containing instructions ≈ authenticated user ▪ readable storage ≈ management system ▪ first user ≈ service provider ▪ user access ≈ user access ▪ second authentication, second authentication method ≈ access key ▪ time expires ≈ key base | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(b) ▪ 35 U.S.C. 102(e) | ▪ discloses derivative products involving a collection a list and a directory structure license requesting means for… ▪ discloses a permission negotiation engine to negotiate permissions that haven t been approved by the rights holder… ▪ teaches a method and system for verifying the execution of a computer program the program is split into at least two… ▪ teaches a method and device provided for controlling access to data wherein portions of data are protected and rules… | X | X | X | X | X | X | X | X | X | X | X | |||||||||
| 26 | US6275937B1 (Brent Tzion Hailpern, 2001) | (Original Assignee) International Business Machines Corp (Current Assignee) Trend Micro Inc | Collaborative server processing of content and meta-information with application to virus checking in a server network | ▪ communication path ≈ communication path ▪ second user ≈ said server | X | X | X | X | X | X | X | X | X | X | X | |||||||||||
| 27 | US6092196A (Albert Reiche, 2000) | (Original Assignee) Nortel Networks Ltd (Current Assignee) RPX Clearinghouse LLC | HTTP distributed remote user authentication system | ▪ first authentication method ≈ verification unit ▪ different communication, different communication channel ≈ inquiry message ▪ second user, user device ≈ said database, said server ▪ end server ≈ said network | X | X | X | X | X | X | X | X | X | X | X | X | X | |||||||||
| 28 | US6151601A (Karen A. Papierniak, 2000) | (Original Assignee) NCR Corp (Current Assignee) NCR Corp | Computer architecture and method for collecting, analyzing and/or transforming internet and/or electronic commerce data for storage into a data storage area | ▪ first authentication, first authentication method ≈ computer instructions ▪ computer system ≈ computer system | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(e) ▪ 35 U.S.C. 102(b) | ▪ discloses one or more interfaces to one or more communications channels that may include one or more interfaces to user… ▪ discloses an interactive electronic representation of a page of a publicationbroadcast or of a photographic scene and… ▪ teaches a method of ranking article identifiers of a result set from an implicit query implied from a user s current… ▪ discloses wherein the digital rights information is a pointer to link a user to a property rights database… | X | X | X | |||||||||||||||||
| 29 | US6269369B1 (Brian D. Robertson, 2001) | (Original Assignee) Amazon Corporate LLC (Current Assignee) Amazon Corporate LLC | Networked personal contact manager | ▪ second user ≈ second user ▪ first user ≈ first user | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(e) ▪ 35 U.S.C. 102(b) | ▪ discloses a networked personal contact manager title comprising address books for multiple users where users can link to… ▪ teaches displaying an email address as a unique string col… ▪ teaches the processor normalizes the communication contact information… ▪ teaches wherein the on line community is private and the information management system is in communication with… | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X | |||||
| 30 | WO9814896A1 (Thomas J. Traughber, 1998) | (Original Assignee) Sterling Software, Inc. | Web server data/process integrator | ▪ computer system ≈ computer system ▪ second user ≈ said server | X | X | X | X | X | X | X | X | X | X | ||||||||||||
| 31 | US5983267A (Leon Shklar, 1999) | (Original Assignee) Information Architects Corp (Current Assignee) PENCON SYSTEMS Inc ; Information Architects Corp | System for indexing and displaying requested data having heterogeneous content and representation | ▪ access code ≈ source data ▪ computer system ≈ stored data | X | X | X | X | X | X | X | X | X | X | ||||||||||||
| 32 | US5956720A (Maria F. Fernandez, 1999) | (Original Assignee) AT&T Corp (Current Assignee) AT&T Intellectual Property II LP | Method and apparatus for web site management | ▪ end server ≈ said network ▪ second user ≈ said server | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(b) ▪ 35 U.S.C. 102(e) | ▪ discloses the above limitation but does not expressly teach a dissimilar feature setting area for setting a… ▪ teaches keyword searching and semantic searching of the data item column… ▪ teaches that the of appearances of the word in the document and case law textual objects are organized in a conceptual… ▪ teaches all the claimed subject matter as discussed above with respect to claim… | X | X | X | X | X | X | X | X | X | X | ||||||||||
| 33 | US5956730A (Tracy Kim Burroughs, 1999) | (Original Assignee) International Business Machines Corp (Current Assignee) International Business Machines Corp | Legacy subclassing | ▪ computer system ≈ computer system ▪ readable storage medium containing instructions ≈ program product | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(e) ▪ 35 U.S.C. 102(b) | ▪ discloses the apparatus for the execution of the method of claim… ▪ teaches that it is known to customize browser interfaces with… ▪ teaches the method for managing tax return information according to claim… ▪ discloses the claimed aspect of timesensitivebased on specification… | X | |||||||||||||||||||
| 34 | WO9808344A2 (James Sachs, 1998) | (Original Assignee) Softbook Press, Inc. | Method and apparatus for viewing electronic reading materials | ▪ first authentication ≈ receiving input ▪ readable storage, readable storage medium ≈ unique code | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(b) | ▪ discloses displaying at least a portion of the electronic document to the user as an immersive reading page the… ▪ teaches the invention substantially as claimed as noted above… ▪ discloses that the appliance could be a personal computer but does not specify a PDA or cell phone… ▪ discloses encrypting data in a service related product column… | X | X | X | |||||||||||||||||
| 35 | US5933816A (James Zeanah, 1999) | (Original Assignee) Citicorp Development Center Inc (Current Assignee) Citicorp Credit Services Inc USA | System and method for delivering financial services | ▪ second authentication ≈ receiving messages ▪ first user ≈ service provider ▪ time expires ≈ touch point | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(e) ▪ 35 U.S.C. 102(b) | ▪ teaches a system and method including verifying software on a gaming machine… ▪ teaches a method of treating browser data as an alphanumeric string column… ▪ teaches transaction level data comprising an issuer identifier for an issuer of an account a merchant identifier… ▪ teaches wherein the TML supports string integer date and opaque variables… | X | X | X | X | X | X | X | X | X | X | X | |||||||||
| 36 | US5987440A (Kevin O'Neil, 1999) | (Original Assignee) CYVA Res Corp (Current Assignee) CYVA RESEARCH HOLDINGS LLC | Personal information security and exchange tool | ▪ communication path, readable storage medium containing instructions ≈ computer readable medium ▪ readable storage ≈ management system ▪ computing device ≈ computing device ▪ computer system ≈ computer system ▪ first user, second user ≈ action request | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(e) ▪ 35 U.S.C. 102(b) | ▪ teaches the method for managing tax return information according to claim… ▪ discloses the link between the user of the first set of PIM data and the user of the second set of PIM data is… ▪ teaches host computer sends a webpage which a welcome screen that introduces the user to the site which includes a… ▪ teaches repeating the filtering and determining steps when the results are not sufficiently similar col… | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X | ||||
| 37 | US6044372A (Eric J. Rothfus, 2000) | (Original Assignee) Dazel Corp (Current Assignee) Google LLC ; Dazel Corp | Method and apparatus for publishing information to a communications network and enabling subscriptions to such information | ▪ readable storage medium ≈ readable storage medium ▪ computer system ≈ computer system ▪ readable storage medium containing instructions ≈ program product ▪ first user, second user ≈ action request | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(e) ▪ 35 U.S.C. 102(b) | ▪ teaches the product code translator can respond to a query containing a designation of one or more universal product… ▪ discloses a networked personal contact manager title comprising address books for multiple users where users can link to… ▪ teaches displaying an email address as a unique string col… ▪ teaches that providing anonymity enables eg an employee to search for a job without their employer knowing about it… | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X | |||||
| 38 | US6185551B1 (Andrew D. Birrell, 2001) | (Original Assignee) Digital Equipment Corp (Current Assignee) Google LLC | Web-based electronic mail service apparatus and method using full text and label indexing | ▪ readable storage medium ≈ readable storage medium ▪ computer system ≈ computer system ▪ readable storage medium containing instructions ≈ program product | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(e) ▪ 35 U.S.C. 102(b) | ▪ teaches the directory service being provided at one or more nodes within the network and including routing information… ▪ teaches teach the indicia search is effected using a directory server networked between the first device and the… ▪ teaches saving composition states of a message onto the computer… ▪ discloses a header component con gured to process a header portion of the message… | X | |||||||||||||||||||
| 39 | US6070243A (Michael E. See, 2000) | (Original Assignee) Xylan Corp (Current Assignee) Alcatel USA Sourcing LP ; Alcatel USA Marketing Inc | Deterministic user authentication service for communication network | ▪ end server ≈ authentication session ▪ access code ≈ authentication method ▪ second user ≈ said server | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(b) ▪ 35 U.S.C. 102(e) | ▪ discloses administering registration of a personal information in a database in a manner tending to assure integrity of… ▪ teaches that upon receipt of such as a request management processor module removes the entry from device records and… ▪ teaches the claimed limitation a step of recording data concerning operating status of said second computer of said… ▪ discloses encoding content for conversion into visionenabled content… | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X | ||||
| 40 | US5987454A (Allen Hobbs, 1999) | (Original Assignee) Hobbs; Allen (Current Assignee) Red Hat Inc | Method and apparatus for selectively augmenting retrieved text, numbers, maps, charts, still pictures and/or graphics, moving pictures and/or graphics and audio information from a network resource | ▪ first authentication ≈ first authentication ▪ second user, second user authentication information ≈ viewing area | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(b) ▪ 35 U.S.C. 102(e) | ▪ teaches method and apparatus for selectively augmenting retrieved text information from the network see abstract in… ▪ discloses that the information on the update logs is going to be inputted and used to update the replica database… ▪ teaches identifying by the computer first and second calendaring systems the first and second calendaring systems are… ▪ teaches displaying the second user interface configured to permit a user to select ones of the plurality of incoming… | X | X | X | X | X | X | X | X | X | X | ||||||||||
| 41 | US6161123A (Julia J. Renouard, 2000) | (Original Assignee) Intermec IP Corp (Current Assignee) Intermec IP Corp | Providing reliable communication over an unreliable transport layer in a hand-held device using a persistent session | ▪ time expires ≈ sequence numbers ▪ different communication, different communication channel ≈ first packet | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(e) ▪ 35 U.S.C. 102(b) | ▪ discloses that access rights can be individually assigned to files pages… ▪ teaches a method where the hash is generated from a concatenation of random and an index… ▪ discloses a method and system for secure wireless communications comprising redirecting a requesting node to a portal… ▪ discloses that the selecting of the one of the plurality of TCP connections see… | X | X | X | |||||||||||||||||
| 42 | US5869819A (Carl Harry Knowles, 1999) | (Original Assignee) Metrologic Instruments Inc (Current Assignee) Metrologic Instruments Inc | Internet-based system and method for tracking objects bearing URL-encoded bar code symbols | ▪ readable storage ≈ management system ▪ computer system ≈ computer system | X | |||||||||||||||||||||
| 43 | US6055570A (Jakob Nielsen, 2000) | (Original Assignee) Sun Microsystems Inc (Current Assignee) Oracle America Inc | Subscribed update monitors | ▪ second user, user access ≈ said database, said server ▪ first user ≈ service provider ▪ readable storage medium containing instructions ≈ program product ▪ end server ≈ said network | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X | |||||||
| 44 | US5983268A (Matthew P. Freivald, 1999) | (Original Assignee) NetMind Technologies Inc (Current Assignee) NetMind Technologies Inc ; Netmind Services Inc | Spreadsheet user-interface for an internet-document change-detection tool | ▪ time expires ≈ user selections ▪ readable storage medium containing instructions ≈ program product | X | X | X | |||||||||||||||||||
| 45 | US5838916A (Steven D. Domenikos, 1998) | (Original Assignee) EPICON Inc (Current Assignee) RPX Clearinghouse LLC ; Nortel Networks Applications Management Solutions Inc | Systems and methods for executing application programs from a memory device linked to a server | ▪ user access ≈ operating environment ▪ first user ≈ said portion ▪ second user ≈ said server | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(e) ▪ 35 U.S.C. 102(b) | ▪ teaches application program within host device can use the storage device of slave in the same manner of using a… ▪ discloses wherein a device is configured to send an acknowledge payload ACK in response to receiving a return payload… ▪ discloses of a system that uses a computer to connect to a server an… ▪ teaches the network management system as set forth in claim… | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X | |||||
| 46 | US6131090A (Micheal R. Basso, 2000) | (Original Assignee) Pitney Bowes Inc (Current Assignee) Pitney Bowes Inc | Method and system for providing controlled access to information stored on a portable recording medium | ▪ second user, user device ≈ said database ▪ different communication, different communication channel ≈ new access | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(b) ▪ 35 U.S.C. 102(e) | ▪ discloses the repeated encryption of a on a smartcard making it usable in conjunction with a trusted authority see… ▪ teaches in an analogous art a validity period during which the digital certificate and key is valid and authentication… ▪ teaches wherein the encrypted personal data further includes at least one access code which when decrypted by the… ▪ teaches a methodsystemstorage device of securely storing and accessing personal data relating to an individual said… | X | X | X | X | X | X | X | X | X | X | X | X | X | |||||||
| 47 | US5908469A (Patrick Samuel Botz, 1999) | (Original Assignee) International Business Machines Corp (Current Assignee) Google LLC | Generic user authentication for network computers | ▪ readable storage medium containing instructions ≈ program product ▪ end server ≈ said network ▪ second user ≈ said server | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(e) ▪ 35 U.S.C. 102(b) | ▪ teaches the invention substantially as claimed including enterprise application platform see abstract… ▪ teaches how a style sheet satisfies the document type root element name and root element attribute name… ▪ teaches performing said assigning and further assigning steps by specifying a class attribute for each of said focused… ▪ teaches computer data storage medium having program code means eg in paragraphs… | X | X | X | X | X | X | X | X | X | X | ||||||||||
| 48 | US5892909A (Charles A. Grasso, 1999) | (Original Assignee) Diffusion Inc (Current Assignee) Open Text SA | Intranet-based system with methods for co-active delivery of information to multiple users | ▪ readable storage ≈ delivery address ▪ computer system ≈ computer system | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(e) ▪ 35 U.S.C. 102(b) | ▪ teaches the memory storing the status report for a predefined length of time after the status report is transmitted to… ▪ teaches the status report transmitted from the mobile unit to the user interface unit according to one of SMTP POP… ▪ teaches a receiver for receiving positioning data from satellites allowing the processor to use the positioning data… ▪ teaches it detects if the message C incoming email message is a command message then the user acts upon the command or… | X | |||||||||||||||||||
| 49 | US6076109A (Dan Kikinis, 2000) | (Original Assignee) Lextron Systems Inc (Current Assignee) Hanger Solutions LLC | Simplified-file hyper text protocol | ▪ readable storage, readable storage medium ≈ transferring data ▪ computing system ≈ computing system ▪ first user ≈ first number | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(e) ▪ 35 U.S.C. 102(b) | ▪ teaches generating a list of unacceptable remote locations and wirelessly transmitting the electronic information to… ▪ discloses that said interactive effects include a plurality of pre programmed movements abstract… ▪ teaches a method for providing performance features for mobile subscribers via a communications network… ▪ discloses collecting data from different sources and caching data content in the cache eg… | X | X | X | X | X | X | X | X | X | X | X | |||||||||
| 50 | US5875296A (Shaw-Ben Shi, 1999) | (Original Assignee) International Business Machines Corp (Current Assignee) Alibaba Group Holding Ltd | Distributed file system web server user authentication with cookies | ▪ readable storage medium ≈ readable storage medium ▪ readable storage medium containing instructions ≈ authenticated user, program product ▪ first user, second user ≈ action request ▪ second user authentication information, second authentication method ≈ access rights | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(e) ▪ 35 U.S.C. 102(b) | ▪ discloses one or more interfaces to one or more communications channels that may include one or more interfaces to user… ▪ discloses wherein the digital rights information is a pointer to link a user to a property rights database… ▪ discloses the user enters the starting date and time and ending date and time the market performance management system… ▪ teaches an intranet based reporting system infrastructure col… | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X | |||||
| 51 | US5961593A (Eran Gabber, 1999) | (Original Assignee) Nokia of America Corp (Current Assignee) Nokia of America Corp | System and method for providing anonymous personalized browsing by a proxy system in a network | ▪ computer system ≈ computer system ▪ end server ≈ said network | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(e) ▪ 35 U.S.C. 102(b) | ▪ teaches a proxy system generates and provides substitute identifiers ie pseudonyms which allow users to access the… ▪ discloses a computer system having a plurality of servers abs col… ▪ teaches storing the identity information in local or central directories… ▪ teaches A method operative within a federated environment in which a point of contact serves as an intermediary… | X | |||||||||||||||||||
| 52 | US6119101A (Douglas L. Peckover, 2000) | (Original Assignee) Personal Agents Inc (Current Assignee) Hanger Solutions LLC | Intelligent agents for electronic commerce | ▪ computing system ≈ other components ▪ computer system ≈ computer system | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(e) ▪ 35 U.S.C. 102(b) | ▪ discloses the ad template comprises at least one formatting instruction for a graphical advertisement based on the… ▪ discloses the advertisement comprises an online ad banner see col… ▪ discloses wherein the optimization logic is operable to aggregate a plurality of lower priced cost per click keywords to… ▪ discloses matching products and services ltering of sellers buyer inputs location institutions schools ie obvious can… | X | |||||||||||||||||||
| 53 | US6175831B1 (Andrew P. Weinreich, 2001) | (Original Assignee) six degrees Inc (Current Assignee) DEGREES OF CONNECTION LLC ; MACROVIEW COMMUNICATIONS CORP ; six degrees Inc | Method and apparatus for constructing a networking database and system | ▪ end server ≈ said network ▪ first user ≈ first user | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(e) ▪ 35 U.S.C. 102(b) | ▪ discloses the limitations substantially as claimed as described in claim… ▪ discloses providing job and recruitment services provided via the… ▪ discloses the electronic file including a predetermined listing of links of documents… ▪ teaches a computer system with various hardware arrangements column… | X | X | X | X | X | X | X | X | X | X | X | |||||||||
| 54 | WO9726612A1 (Douglas L. Peckover, 1997) | (Original Assignee) Personal Agents, Inc. | Intelligent agents for electronic commerce | ▪ computing system ≈ other components ▪ computer system ≈ computer system | X | |||||||||||||||||||||
| 55 | EP0848336A1 (William Bunney, 1998) | (Original Assignee) Sony Deutschland GmbH (Current Assignee) Sony Deutschland GmbH | Server with automatic update tracking | ▪ second user ≈ said server ▪ user access ≈ user access | X | X | X | X | X | X | X | X | X | X | ||||||||||||
| 56 | US6005939A (Keith Neil Fortenberry, 1999) | (Original Assignee) International Business Machines Corp (Current Assignee) Google LLC | Method and apparatus for storing an internet user's identity and access rights to world wide web resources | ▪ computer system ≈ computer system ▪ readable storage medium containing instructions ≈ program product ▪ second authentication, second authentication method ≈ third parties ▪ end storage device ≈ one pass ▪ time expires ≈ key base | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(b) ▪ 35 U.S.C. 102(e) | ▪ teaches and describes a method of enabling a site server and a customer to share at least one of a contents encryption… ▪ discloses the method and computer readable medium as set forth in claims… ▪ discloses a method and system of signing electronic documents with the concept of a signature image capture component… ▪ describes a printer coupled to the communication network directly via the… | X | X | X | |||||||||||||||||
| 57 | US5793302A (Leon Stambler, 1998) | (Original Assignee) Stambler; Leon | Method for securing information relevant to a transaction | ▪ access code ≈ control program ▪ computer system ≈ computer system | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(b) ▪ 35 U.S.C. 102(e) | ▪ discloses a method and apparatus for an electronic transaction between a network and a portable electronic device… ▪ discloses the automated teller device as described in paragraph… ▪ teaches the using encrypted password to access the application onto the smart card to access the application onto the… ▪ discloses a query from the network operator to the user in which said query is intended to be a form of ensuring the… | X | X | X | X | X | X | X | X | X | X | ||||||||||
| 58 | US5933604A (Hiroya Inakoshi, 1999) | (Original Assignee) Fujitsu Ltd (Current Assignee) Fujitsu Ltd | Network resource monitoring system and method for providing notice of changes in resources in a network | ▪ readable storage medium ≈ readable storage medium ▪ user device ≈ input interface ▪ readable storage medium containing instructions ≈ first location | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(e) ▪ 35 U.S.C. 102(b) | ▪ discloses a providing service control device according to claim… ▪ discloses generating the policy using the set of policy data see… ▪ teaches a system for using network polices to handle network traf c… ▪ teaches includes within the messages particular protocol versions variations or extensions see… | X | X | X | |||||||||||||||||
| 59 | US5855018A (Ben-Zion Chor, 1998) | (Original Assignee) Yeda Research and Development Co Ltd (Current Assignee) Yeda Research and Development Co Ltd | Private information retrieval | ▪ second authentication method, end storage device ≈ following steps ▪ second user, user device ≈ said database | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(e) | ▪ teaches a method for delivering published information a schemabased contacts service for… ▪ discloses an HTTP server existing as at least one of a plurality of virtual servers… ▪ discloses wherein a nodekey associated with each of a one or more access nodes is accessible by all the users in a… ▪ discloses wherein decrypting the user data comprises decrypting the user data for the current user and moving the… | X | X | X | X | X | X | X | X | X | X | ||||||||||
| 60 | US6181803B1 (Derek L. Davis, 2001) | (Original Assignee) Intel Corp (Current Assignee) Intel Corp | Apparatus and method for securely processing biometric information to control access to a node | ▪ computer system ≈ data capture, stored data ▪ user access ≈ user access | X | X | ||||||||||||||||||||
| 61 | US5862325A (Drummond Shattuck Reed, 1999) | (Original Assignee) Intermind Corp (Current Assignee) Intermind Corp | Computer-based communication system and method using metadata defining a control structure | ▪ second authentication ≈ access control information, digital signatures ▪ computing system ≈ user identity information ▪ first user ≈ second information ▪ readable storage, readable storage medium ≈ server address ▪ end server ≈ said network ▪ second user ≈ said server | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(b) ▪ 35 U.S.C. 102(e) | ▪ teaches a similar control system wherein the external control device comprises a storage duration management device… ▪ discloses the system for electronically exchanging messages of claim… ▪ teaches that data exchange event initiated either manually by the consumer or automatically column… ▪ teaches a computing device further comprising one or more events that are configured to receive information concerning… | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X | |||||
| 62 | US6018343A (Shou-Chung Wang, 2000) | (Original Assignee) Timecruiser Computing Corp (Current Assignee) Vivint Inc | Web calendar architecture and uses thereof | ▪ computing system ≈ receiving seat ▪ user access ≈ user access | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(b) | ▪ teaches a link to an image such that clicking the image retrieves the image for display at the location of the item or… ▪ teaches that the user assigns time values to items in the todo list suggesting that each cell is associated with a… ▪ discloses an onscreen interactive display with a selection and comparison section for a plurality of carriers with a… ▪ teaches the user can select individual event categories andor subdivisions for display in… | X | X | ||||||||||||||||||
| 63 | US5930759A (James G. Moore, 1999) | (Original Assignee) Symbol Technologies LLC; OPTIMUM Inc (Current Assignee) Symbol Technologies LLC ; OPTIMUM Inc | Method and system for processing health care electronic data transactions | ▪ second user ≈ dimensional bar code ▪ readable storage, readable storage medium ≈ transferring data, management system ▪ computing device, computer system ≈ electronic data, computer system ▪ first authentication ≈ receiving input ▪ access code ≈ control program | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(b) ▪ 35 U.S.C. 102(e) | ▪ discloses an adjudication processor that includes a rules processor used at the point of sale to determine the amount… ▪ teaches wherein the individual is a healthcare recipient and the medical information includes information selected… ▪ teaches a method comprising wherein respective structured message templates correspond to a specialized message type… ▪ teaches providing supporting documents associated with an insurance claim… | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X | ||||
| 64 | US5845073A (Richard K. Carlin, 1998) | (Original Assignee) Telescan Inc (Current Assignee) TD Ameritrade IP Co Inc | Interactive system for remoting creating, editing and administrating an online communcation system for a plurality of online service providers | ▪ readable storage medium, readable storage ≈ readable storage medium, transferring data ▪ communication path ≈ second list ▪ computer system ≈ stored data | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(b) ▪ 35 U.S.C. 102(e) | ▪ discloses a method of performing an inventory audit of a plurality of articles contained in an article dispensing… ▪ discloses the claimed invention but fails to disclose based on an evaluation of item information that is included in the… ▪ discloses wherein and electronic funds transfer EFT network permits a central controller to transfer funds among… ▪ teaches an operating to remove the object from a repository… | X | X | ||||||||||||||||||
| 65 | US5815665A (Jeffrey A. Teper, 1998) | (Original Assignee) Microsoft Corp (Current Assignee) Microsoft Technology Licensing LLC | System and method for providing trusted brokering services over a distributed network | ▪ readable storage medium containing instructions ≈ response messages ▪ first user ≈ service provider ▪ user access ≈ user access | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(b) ▪ 35 U.S.C. 102(e) | ▪ discloses administering registration of a personal information in a database in a manner tending to assure integrity of… ▪ discloses encoding content for conversion into visionenabled content… ▪ discloses a payment system coupled on a communication network see… ▪ teaches storing shipping information and displaying the shipping information on the updateable electronic display… | X | X | X | X | X | X | X | X | X | X | X | |||||||||
| 66 | US5838910A (Steven D. Domenikos, 1998) | (Original Assignee) EPICON Inc (Current Assignee) EPICON Inc ; RPX Clearinghouse LLC ; Nortel Networks Applications Management Solutions Inc | Systems and methods for executing application programs from a memory device linked to a server at an internet site | ▪ access code ≈ control program ▪ readable storage, readable storage medium ≈ server address ▪ end server ≈ said network | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(e) ▪ 35 U.S.C. 102(b) | ▪ teaches application program within host device can use the storage device of slave in the same manner of using a… ▪ discloses wherein a device is configured to send an acknowledge payload ACK in response to receiving a return payload… ▪ discloses of a system that uses a computer to connect to a server an… ▪ teaches the network management system as set forth in claim… | X | X | X | X | X | X | X | X | X | |||||||||||
| 67 | US6006333A (Jakob Nielsen, 1999) | (Original Assignee) Sun Microsystems Inc (Current Assignee) Oracle America Inc | Password helper using a client-side master password which automatically presents the appropriate server-side password to a particular remote server | ▪ second user, user device ≈ said database ▪ end server ≈ said network | X | X | X | X | X | X | X | X | X | X | ||||||||||||
| 68 | US5878219A (Robert B. Vance, 1999) | (Original Assignee) America Online Inc (Current Assignee) Facebook Inc | System for integrating access to proprietary and internet resources | ▪ external network ≈ based product ▪ second user ≈ said server | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(e) ▪ 35 U.S.C. 102(b) | ▪ discloses wherein the transmitting of the second message comprises transmitting the second message in parallel to the… ▪ teaches all the claimed subject matters as discussed in claim… ▪ discloses providing an interface to applications involved in the transmission between devices over a bus or network… ▪ discloses an electronic shopping method as set forth in claim… | X | X | X | X | X | X | X | X | X | X | X | X | X | |||||||
| 69 | US5974389A (Melanie Ann Clark, 1999) | (Original Assignee) Glaxo Wellcome Inc; Intelligent Medical Systems Inc (Current Assignee) GlaxoSmithKline LLC ; Intelligent Medical Systems Inc | Medical record management system and process with improved workflow features | ▪ computer system ≈ second terminals ▪ first user ≈ said portion | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(b) ▪ 35 U.S.C. 102(e) | ▪ teaches a data retrieval systemmethod wherein receiving data in the patient s records comprises accessing procedure… ▪ teaches wherein the imaging study is a computed tomography CT scan see for example… ▪ discloses receiving sensor data from a continuous glucose sensor to generate a glucose value paragraphs… ▪ teaches an intensivist proceeding through a scoring algorithm which scores a patient s alertness movement and… | X | X | X | X | X | X | X | X | X | X | X | |||||||||
| 70 | US5790664A (Christopher D. Coley, 1998) | (Original Assignee) Network Engr Software Inc (Current Assignee) GraphOn Corp | Automated system for management of licensed software | ▪ communication path, readable storage medium containing instructions ≈ computer readable medium ▪ readable storage ≈ management system ▪ second authentication method, end storage device ≈ following steps ▪ computer system ≈ computer system ▪ first authentication ≈ shared key | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(b) ▪ 35 U.S.C. 102(e) | ▪ discloses systems and methods for secure transaction management and electronic rights protection… ▪ discloses wherein the electronic content associated with said user s purchase is accessed by the user through the user s… ▪ teaches the license information exchange client device according to claim… ▪ discloses receiving a use enabling data via a communication unit of the system col… | X | X | X | X | ||||||||||||||||
| 71 | US5867821A (Douglas J. Ballantyne, 1999) | (Original Assignee) Paxton Devs Inc (Current Assignee) Care Innovations LLC | Method and apparatus for electronically accessing and distributing personal health care information and services in hospitals and homes | ▪ access code ≈ server computer system ▪ computer system ≈ monitoring data ▪ readable storage medium containing instructions ≈ computer device ▪ user device ≈ medical staff ▪ user access ≈ user access ▪ readable storage ≈ TV program | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(b) ▪ 35 U.S.C. 102(e) | ▪ teaches a patient monitoring system that includes a PDA for health care providers which provides reminders and… ▪ discloses transmitting information to a cellular telephone col… ▪ discloses further comprising extracting said medical records from a hospital database prior to formatting said medical… ▪ discloses wherein each of said patient s medical status comprises an expected departure date and updating the database… | X | X | X | X | X | X | X | X | X | X | ||||||||||
| 72 | US6047327A (Michael Man-Hak Tso, 2000) | (Original Assignee) Intel Corp (Current Assignee) Dialogic Corp | System for distributing electronic information to a targeted group of users | ▪ readable storage ≈ management system ▪ second user, user device ≈ said database, said server ▪ end server ≈ said network ▪ access code ≈ source data | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X | ||||||
| 73 | US5848426A (Ynjiun P. Wang, 1998) | (Original Assignee) Metanetics Corp (Current Assignee) Symbol Technologies LLC | Automatic data translation between different business systems | ▪ first user ≈ different program ▪ second authentication method, end storage device ≈ following steps ▪ first user authentication information ≈ different app | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(b) | ▪ discloses system and method of reducing or eliminating change in cash transaction by crediting at least part of change… ▪ discloses all the elements of the claimed invention but does not explicitly disclose electronic receipt with a customer… ▪ teaches a method for converting a physical document into an electronic document see… ▪ teaches the steps of receiving information from the consumer computer… | X | X | X | X | X | X | X | X | X | X | X | |||||||||
| 74 | US6041362A (Randall F. Mears, 2000) | (Original Assignee) Electronic Data Systems LLC (Current Assignee) Hewlett Packard Enterprise Development LP | Method and system for integrating disparate information technology applications and platforms across an enterprise | ▪ end server ≈ enterprise network ▪ second authentication method, end storage device ≈ following steps | X | X | X | |||||||||||||||||||
| 75 | US5765152A (John S. Erickson, 1998) | (Original Assignee) Dartmouth College (Current Assignee) Dartmouth College ; Digimarc Corp | System and method for managing copyrighted electronic media | ▪ second authentication, second user authentication information ≈ authorization server ▪ second user, user access ≈ data head | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(b) ▪ 35 U.S.C. 102(e) | ▪ teaches an information processing apparatus method and a program storage medium storing a program for performing… ▪ discloses wherein the electronic content associated with said user s purchase is accessed by the user through the user s… ▪ teaches a predetermined interval that runs from the start time to the expiration time… ▪ teaches limiting a software application s access to peripheral devices column… | X | X | X | X | X | X | X | X | X | X | ||||||||||
| 76 | US5767853A (Kenichi Yoshida, 1998) | (Original Assignee) Hitachi Ltd (Current Assignee) Hitachi Ltd | Computer operating method and computer operated thereby | ▪ access code ≈ control program ▪ readable storage medium containing instructions ≈ user relative ▪ communication path ≈ data paths | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(b) ▪ 35 U.S.C. 102(e) | ▪ teaches graphically by clicking on an icon representing that operation to change the properties or attributes of the… ▪ discloses that the values can be shown as text instead of another mark… ▪ discloses a remote control service processing device in a home network environment… ▪ discloses further step of communicating to a hash engine that the failed or unreliable NIC has recovered… | X | X | X | X | X | X | X | X | X | |||||||||||
| 77 | US5899998A (James L. McGauley, 1999) | (Original Assignee) Medcard Systems Inc (Current Assignee) Medcard Systems Inc | Method and system for maintaining and updating computerized medical records | ▪ readable storage, readable storage medium ≈ transferring data ▪ computer system ≈ computer system | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(b) ▪ 35 U.S.C. 102(e) | ▪ discloses each node represents a cost center within an enterprise… ▪ teaches wherein said computer readable storage medium further having stored thereon sixth program instructions… ▪ teaches a medical information system comprising at least one main database containing medical records of a plurality… ▪ discloses a method for storing health data in a portable electronic health record comprising a providing a personal… | X | |||||||||||||||||||
| 78 | US5634053A (William B. Noble, 1997) | (Original Assignee) Hughes Aircraft Co (Current Assignee) Raytheon Co | Federated information management (FIM) system and method for providing data site filtering and translation for heterogeneous databases | ▪ user device, user device access ≈ central location, said database ▪ second authentication method ≈ requesting user | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(e) ▪ 35 U.S.C. 102(b) | ▪ teaches a method for controlling access to a relational database comprising receiving a user request for data from the… ▪ teaches the user is determined to be authorized to access the retrieved row only if the user security label… ▪ teaches establishing an expression column in the database table populating the expression column with an access… ▪ teaches the user security label is one of plurality of security labels arranged in a hierarchy of security levels fig… | X | X | X | X | X | X | X | X | X | X | ||||||||||
| 79 | US5706507A (Robert Jeffrey Schloss, 1998) | (Original Assignee) International Business Machines Corp (Current Assignee) Activision Publishing Inc | System and method for controlling access to data located on a content server | ▪ second user, user device ≈ said database ▪ first user ≈ said portion | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(e) ▪ 35 U.S.C. 102(b) | ▪ teaches speci c examples that the content count unit may be in bytes or words in col… ▪ teaches wherein facilitating a compensation arrangement between a data provider and a data consumer regarding one or… ▪ teaches inputting a size of a jitter buffer and setting a redundancy for generating the redundant data in accordance… ▪ discloses the user requesting to continue playback of a movie which includes the rendering state of where the user… | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X | |||||
| 80 | US5644711A (Sean T. Murphy, 1997) | (Original Assignee) Intel Corp (Current Assignee) Intel Corp | Multi-privileged level directory access on the AT&T worldworxsm personal conferencing service | ▪ second user, user device ≈ said database, access rights ▪ end server ≈ said network | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(b) | ▪ discloses the secure network wherein all data transmitted from one network device to another network device traverses… ▪ teaches secure access to selected directories using user ID and a password see col… ▪ teaches that particular requester characteristics or attributes such as terminal location and type of information… ▪ teaches if user desire contract to have advertising inserted for subscription current actual cost per unit time is… | X | X | X | X | X | X | X | X | X | X | ||||||||||
| 81 | US5555303A (Leon Stambler, 1996) | (Original Assignee) Stambler; Leon | Secure transaction system and method utilized therein | ▪ computer system ≈ computer system ▪ access code ≈ control program ▪ first user ≈ said portion | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(b) ▪ 35 U.S.C. 102(e) | ▪ discloses a method and apparatus for an electronic transaction between a network and a portable electronic device… ▪ discloses the automated teller device as described in paragraph… ▪ teaches the using encrypted password to access the application onto the smart card to access the application onto the… ▪ discloses a query from the network operator to the user in which said query is intended to be a form of ensuring the… | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X | |||||
| 82 | US5646998A (Leon Stambler, 1997) | (Original Assignee) Stambler; Leon | Secure transaction system and method utilized therein | ▪ readable storage ≈ communication medium ▪ first user ≈ second information | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(b) ▪ 35 U.S.C. 102(e) | ▪ discloses a method and apparatus for an electronic transaction between a network and a portable electronic device… ▪ discloses the automated teller device as described in paragraph… ▪ teaches the using encrypted password to access the application onto the smart card to access the application onto the… ▪ discloses a query from the network operator to the user in which said query is intended to be a form of ensuring the… | X | X | X | X | X | X | X | X | X | X | X | |||||||||
| 83 | US5608874A (Stuart S. Ogawa, 1997) | (Original Assignee) AutoEntry OnLine Inc (Current Assignee) AutoEntry OnLine Inc | System and method for automatic data file format translation and transmission having advanced features | ▪ computer system ≈ distributed computer system ▪ first user authentication information ≈ transmission signal ▪ readable storage, readable storage medium ≈ transferring data ▪ different communication channel ≈ error condition | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(b) ▪ 35 U.S.C. 102(e) | ▪ teaches a system for transferring image data to a data destination… ▪ discloses the print service featuring the limitations of claim… ▪ discloses wherein the step of integrating includes the step of moving a transaction represented by the structured… ▪ discloses the external processing apparatus comprises a display unit which displays the image from the image sensing… | X | X | X | X | X | X | X | X | X | X | X | |||||||||
| 84 | US5870552A (Linda T. Dozier, 1999) | (Original Assignee) America Online Inc (Current Assignee) Oath Inc | Method and apparatus for publishing hypermedia documents over wide area networks | ▪ second authentication method, end storage device ≈ following steps ▪ access point ≈ control device | X | X | X | X | ||||||||||||||||||
| 85 | WO9519593A1 (Michael Jeremy Kew, 1995) | (Original Assignee) Michael Jeremy Kew; James Simon Love | A computer security system | ▪ computer system ≈ computer system ▪ second user ≈ second user ▪ access code ≈ access code | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(b) ▪ 35 U.S.C. 102(e) | ▪ discloses wherein the email message is transmitted to a device connected to the consumer information server via a… ▪ discloses a method for authenticating a client to a communication system including receiving a subscriber identity from… ▪ teaches the transaction is a commercial transaction conducted through a call center… ▪ discloses the concept of utilizing the secret a SIM card on a mobile phone in electronic transaction… | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X | ||||
| 86 | US5742905A (David Matthew Pepe, 1998) | (Original Assignee) Telcordia Technologies Inc (Current Assignee) Access Co Ltd | Personal communications internetworking | ▪ different communication ≈ different communication ▪ readable storage ≈ communication medium ▪ first user ≈ service provider ▪ computing system ≈ generic data ▪ second user ≈ said server | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(b) ▪ 35 U.S.C. 102(e) | ▪ teaches forwarding of emails to the wireless device in column… ▪ teaches a system and method for delivering a message to a mobile communications subscriber including email or voice… ▪ teaches that a priority alert signal is a regular call waiting tone column… ▪ discloses the claimed invention except that the error is determined to be an application failure if the response is… | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X | |||||
| 87 | US5428778A (Cyril Brookes, 1995) | (Original Assignee) Office Express Pty Ltd (Current Assignee) Oracle America Inc | Selective dissemination of information | ▪ computer system ≈ computer system ▪ second user, user device ≈ said database | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(e) ▪ 35 U.S.C. 102(b) | ▪ teaches keywords searches of structured databases including searching an index of keywords to identify said input… ▪ teaches a method for automatic web page thumbnail generation comprising receiving keyword col… ▪ teaches the claimed limitation wherein migration overhead information includes information about which attributes will… ▪ discloses a contract between an access broker and a customer at… | X | X | X | X | X | X | X | X | X | X | ||||||||||
| 88 | US5666534A (Jeremy H. Gilbert, 1997) | (Original Assignee) Bull HN Information Systems Inc (Current Assignee) Bull HN Information Systems Inc | Method and appartus for use by a host system for mechanizing highly configurable capabilities in carrying out remote support for such system | ▪ computer system ≈ computer system ▪ first authentication method ≈ said organ | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(b) ▪ 35 U.S.C. 102(e) | ▪ discloses a system for automatically updating software on a computer in a networked clientserver environment see summary… ▪ discloses the process wherein the resource information data includes a current utilized amount of the storage memory and… ▪ teaches the appliance information transmittingreceiving system as set forth in claim… ▪ discloses the client storing image to draw to an image store page… | X | X | X | |||||||||||||||||
| 89 | US5267314A (Leon Stambler, 1993) | (Original Assignee) Leon Stambler | Secure transaction system and method utilized therein | ▪ readable storage ≈ communication medium ▪ computing system ≈ other components ▪ first user ≈ first number | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(b) ▪ 35 U.S.C. 102(e) | ▪ discloses a method and apparatus for an electronic transaction between a network and a portable electronic device… ▪ discloses the automated teller device as described in paragraph… ▪ teaches the using encrypted password to access the application onto the smart card to access the application onto the… ▪ discloses a query from the network operator to the user in which said query is intended to be a form of ensuring the… | X | X | X | X | X | X | X | X | X | X | X | |||||||||
| 90 | US5204897A (Robert M. Wyman, 1993) | (Original Assignee) Digital Equipment Corp (Current Assignee) Hewlett Packard Development Co LP | Management interface for license management system | ▪ computer system ≈ computer system ▪ end server ≈ said network ▪ second user ≈ said server | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(b) ▪ 35 U.S.C. 102(e) | ▪ discloses attaching usage rights to a digital work such as a video col… ▪ teaches a distributed system includes a of processor nodes tied together in a network of servers and clients each node… ▪ discloses a contents distribution system wherein the user terminal comprises a data sink that receives encrypted… ▪ teaches a termination message indicating the program has stopped executing… | X | X | X | X | X | X | X | X | X | X | ||||||||||
| 91 | US5694590A (Bhavani Marienne Thuraisingham, 1997) | (Original Assignee) Mitre Corp (Current Assignee) Green Wireless LLC | Apparatus and method for the detection of security violations in multilevel secure databases | ▪ computing system ≈ resolving conflicts ▪ readable storage ≈ management system | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(b) ▪ 35 U.S.C. 102(e) | ▪ teaches that there is a need for a simple and useful graphical interface to permit users to trade securities that is… ▪ describes some property rule or security constraint associated with the entity it represents… ▪ discloses the use of multiple stargroups in a stargroup schema as a way to organize data column… ▪ discloses the parallel data processing architecture of claim… | X | |||||||||||||||||||
| 92 | US5710578A (Gary Michael Beauregard, 1998) | (Original Assignee) International Business Machines Corp (Current Assignee) International Business Machines Corp | Computer program product for utilizing fast polygon fill routines in a graphics display system | ▪ computer system ≈ computer system ▪ different communication, different communication channel ≈ one boundary | X | X | X | X | ||||||||||||||||||
| 93 | US4956769A (Robert D. Smith, 1990) | (Original Assignee) Sysmith Inc (Current Assignee) Sysmith Inc | Occurence and value based security system for computer databases | ▪ computer system ≈ computer system ▪ different communication channel ≈ selected users ▪ user access ≈ user access ▪ first user ≈ first user | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(b) ▪ 35 U.S.C. 102(e) | ▪ teaches an access control database has access control objects that collectively store information that specifies… ▪ teaches the datastore further comprises a fifth data structure to information describing a plurality of types of… ▪ discloses wherein said at least one domain identifier was manually reviewed and included in the second set of domain… ▪ teaches a method for delivering published information a schemabased contacts service for… | X | X | ||||||||||||||||||
| 94 | USRE31302E (Leon Stambler, 1983) | Validation systems for credit card or the like | ▪ first user ≈ second information ▪ external network ≈ signal indicative ▪ access code ≈ decode signal ▪ communication path ≈ top surface | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(b) | ▪ teaches speci c examples that the content count unit may be in bytes or words in col… ▪ teaches wherein facilitating a compensation arrangement between a data provider and a data consumer regarding one or… ▪ discloses the claimed invention as detailed above in the previous claims… ▪ discloses wherein the client terminal does not store an inventory of PINS… | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X | |||
| US8869249B2 Filed: 2002-01-18 Issued: 2014-10-21 Protecting information on a computer system using multiple authentication methods (Original Assignee) PeopleChart Corp (Current Assignee) PeopleChart Corp R. David Holvey, Arthur Douglas Jopling | IEEE WIRELESS COMMUNICATIONS. 9 (3): 22-30 JUN 2002 Publication Year: 2002 Public Access Mobility LAN: Extending The Wireless Internet Into The LAN Environment Thomson Multimedia Inc Li, Weinstein, Zhang, Tu |
|---|---|
| US8869249B2 CLAIM 1 . A method comprising : receiving , for a user , first user (service provider) authentication information for a first authentication method (wireless LAN) ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving , by a computing device , a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
Public Access Mobility LAN : Extending The Wireless Internet Into The LAN Environment . Public wireless communications will increasingly extend into wireless LAN (first authentication method) environments in order to meet the ubiquitous access , high data rate , and local services demands of future Internet appliances . This article offers architectural guidelines for relatively large-scale IP-based WLAN environments configured to accept public access by mobile/portable appliances . By relying on IP-level service mechanisms at the access point , independent of the wireless medium access technology , the WLAN can simultaneously support different air interfaces , franchises for multiple service provider (first user) s with effective authentication and billing , and a multisegment LAN environment including handoffs . QoS across the air interface is not addressed ; this article rather concerns architecture of the wired LAN environment in which wireless access points are imbedded , and its capabilities for QoS and support of the business model . |
| US8869249B2 CLAIM 4 . The method of claim 1 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user (service provider) authentication information and the second user authentication information are authenticated . |
Public Access Mobility LAN : Extending The Wireless Internet Into The LAN Environment . Public wireless communications will increasingly extend into wireless LAN environments in order to meet the ubiquitous access , high data rate , and local services demands of future Internet appliances . This article offers architectural guidelines for relatively large-scale IP-based WLAN environments configured to accept public access by mobile/portable appliances . By relying on IP-level service mechanisms at the access point , independent of the wireless medium access technology , the WLAN can simultaneously support different air interfaces , franchises for multiple service provider (first user) s with effective authentication and billing , and a multisegment LAN environment including handoffs . QoS across the air interface is not addressed ; this article rather concerns architecture of the wired LAN environment in which wireless access points are imbedded , and its capabilities for QoS and support of the business model . |
| US8869249B2 CLAIM 6 . The method of claim 5 , wherein : the external network includes the Internet , and the internal network is not directly accessible from any access point (wireless access points) connected to the external network . |
Public Access Mobility LAN : Extending The Wireless Internet Into The LAN Environment . Public wireless communications will increasingly extend into wireless LAN environments in order to meet the ubiquitous access , high data rate , and local services demands of future Internet appliances . This article offers architectural guidelines for relatively large-scale IP-based WLAN environments configured to accept public access by mobile/portable appliances . By relying on IP-level service mechanisms at the access point , independent of the wireless medium access technology , the WLAN can simultaneously support different air interfaces , franchises for multiple service providers with effective authentication and billing , and a multisegment LAN environment including handoffs . QoS across the air interface is not addressed ; this article rather concerns architecture of the wired LAN environment in which wireless access points (access point, access code) are imbedded , and its capabilities for QoS and support of the business model . |
| US8869249B2 CLAIM 7 . The method of claim 1 , wherein the second user authentication information comprises an access code (wireless access points) . |
Public Access Mobility LAN : Extending The Wireless Internet Into The LAN Environment . Public wireless communications will increasingly extend into wireless LAN environments in order to meet the ubiquitous access , high data rate , and local services demands of future Internet appliances . This article offers architectural guidelines for relatively large-scale IP-based WLAN environments configured to accept public access by mobile/portable appliances . By relying on IP-level service mechanisms at the access point , independent of the wireless medium access technology , the WLAN can simultaneously support different air interfaces , franchises for multiple service providers with effective authentication and billing , and a multisegment LAN environment including handoffs . QoS across the air interface is not addressed ; this article rather concerns architecture of the wired LAN environment in which wireless access points (access point, access code) are imbedded , and its capabilities for QoS and support of the business model . |
| US8869249B2 CLAIM 8 . The method of claim 7 , further comprising sending the access code (wireless access points) to the user upon receiving the first user (service provider) authentication information . |
Public Access Mobility LAN : Extending The Wireless Internet Into The LAN Environment . Public wireless communications will increasingly extend into wireless LAN environments in order to meet the ubiquitous access , high data rate , and local services demands of future Internet appliances . This article offers architectural guidelines for relatively large-scale IP-based WLAN environments configured to accept public access by mobile/portable appliances . By relying on IP-level service mechanisms at the access point , independent of the wireless medium access technology , the WLAN can simultaneously support different air interfaces , franchises for multiple service provider (first user) s with effective authentication and billing , and a multisegment LAN environment including handoffs . QoS across the air interface is not addressed ; this article rather concerns architecture of the wired LAN environment in which wireless access points (access point, access code) are imbedded , and its capabilities for QoS and support of the business model . |
| US8869249B2 CLAIM 9 . The method of claim 8 , wherein the access code (wireless access points) is sent to the user via a communication path that has been previously established . |
Public Access Mobility LAN : Extending The Wireless Internet Into The LAN Environment . Public wireless communications will increasingly extend into wireless LAN environments in order to meet the ubiquitous access , high data rate , and local services demands of future Internet appliances . This article offers architectural guidelines for relatively large-scale IP-based WLAN environments configured to accept public access by mobile/portable appliances . By relying on IP-level service mechanisms at the access point , independent of the wireless medium access technology , the WLAN can simultaneously support different air interfaces , franchises for multiple service providers with effective authentication and billing , and a multisegment LAN environment including handoffs . QoS across the air interface is not addressed ; this article rather concerns architecture of the wired LAN environment in which wireless access points (access point, access code) are imbedded , and its capabilities for QoS and support of the business model . |
| US8869249B2 CLAIM 10 . The method of claim 8 , wherein the access code (wireless access points) is sent to the user via a different communication channel from which the first user (service provider) authentication information is received . |
Public Access Mobility LAN : Extending The Wireless Internet Into The LAN Environment . Public wireless communications will increasingly extend into wireless LAN environments in order to meet the ubiquitous access , high data rate , and local services demands of future Internet appliances . This article offers architectural guidelines for relatively large-scale IP-based WLAN environments configured to accept public access by mobile/portable appliances . By relying on IP-level service mechanisms at the access point , independent of the wireless medium access technology , the WLAN can simultaneously support different air interfaces , franchises for multiple service provider (first user) s with effective authentication and billing , and a multisegment LAN environment including handoffs . QoS across the air interface is not addressed ; this article rather concerns architecture of the wired LAN environment in which wireless access points (access point, access code) are imbedded , and its capabilities for QoS and support of the business model . |
| US8869249B2 CLAIM 11 . A non-transitory computer-readable storage medium containing instructions for controlling a computer system to be configured for : receiving , for a user , first user (service provider) authentication information for a first authentication method (wireless LAN) ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing system (different air) , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
Public Access Mobility LAN : Extending The Wireless Internet Into The LAN Environment . Public wireless communications will increasingly extend into wireless LAN (first authentication method) environments in order to meet the ubiquitous access , high data rate , and local services demands of future Internet appliances . This article offers architectural guidelines for relatively large-scale IP-based WLAN environments configured to accept public access by mobile/portable appliances . By relying on IP-level service mechanisms at the access point , independent of the wireless medium access technology , the WLAN can simultaneously support different air (computing system) interfaces , franchises for multiple service provider (first user) s with effective authentication and billing , and a multisegment LAN environment including handoffs . QoS across the air interface is not addressed ; this article rather concerns architecture of the wired LAN environment in which wireless access points are imbedded , and its capabilities for QoS and support of the business model . |
| US8869249B2 CLAIM 12 . The non-transitory computer-readable storage medium of claim 11 , further configured for : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user (service provider) authentication information and the second user authentication information are authenticated . |
Public Access Mobility LAN : Extending The Wireless Internet Into The LAN Environment . Public wireless communications will increasingly extend into wireless LAN environments in order to meet the ubiquitous access , high data rate , and local services demands of future Internet appliances . This article offers architectural guidelines for relatively large-scale IP-based WLAN environments configured to accept public access by mobile/portable appliances . By relying on IP-level service mechanisms at the access point , independent of the wireless medium access technology , the WLAN can simultaneously support different air interfaces , franchises for multiple service provider (first user) s with effective authentication and billing , and a multisegment LAN environment including handoffs . QoS across the air interface is not addressed ; this article rather concerns architecture of the wired LAN environment in which wireless access points are imbedded , and its capabilities for QoS and support of the business model . |
| US8869249B2 CLAIM 13 . The non-transitory computer-readable storage medium of claim 11 , wherein the second user authentication information comprises an access code (wireless access points) . |
Public Access Mobility LAN : Extending The Wireless Internet Into The LAN Environment . Public wireless communications will increasingly extend into wireless LAN environments in order to meet the ubiquitous access , high data rate , and local services demands of future Internet appliances . This article offers architectural guidelines for relatively large-scale IP-based WLAN environments configured to accept public access by mobile/portable appliances . By relying on IP-level service mechanisms at the access point , independent of the wireless medium access technology , the WLAN can simultaneously support different air interfaces , franchises for multiple service providers with effective authentication and billing , and a multisegment LAN environment including handoffs . QoS across the air interface is not addressed ; this article rather concerns architecture of the wired LAN environment in which wireless access points (access point, access code) are imbedded , and its capabilities for QoS and support of the business model . |
| US8869249B2 CLAIM 14 . The non-transitory computer-readable storage medium of claim 13 , wherein the access code (wireless access points) is sent to the user via a different communication channel from which the first user (service provider) authentication information is received . |
Public Access Mobility LAN : Extending The Wireless Internet Into The LAN Environment . Public wireless communications will increasingly extend into wireless LAN environments in order to meet the ubiquitous access , high data rate , and local services demands of future Internet appliances . This article offers architectural guidelines for relatively large-scale IP-based WLAN environments configured to accept public access by mobile/portable appliances . By relying on IP-level service mechanisms at the access point , independent of the wireless medium access technology , the WLAN can simultaneously support different air interfaces , franchises for multiple service provider (first user) s with effective authentication and billing , and a multisegment LAN environment including handoffs . QoS across the air interface is not addressed ; this article rather concerns architecture of the wired LAN environment in which wireless access points (access point, access code) are imbedded , and its capabilities for QoS and support of the business model . |
| US8869249B2 CLAIM 15 . A method comprising : receiving , for a user , first user (service provider) authentication information for a first authentication method (wireless LAN) ; upon authenticating the first user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device after receiving , for the user , a second user authentication information , wherein the front-end storage device is accessible to a user device for the user via a network and the back-end storage device is not directly connected to the network ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the second user authentication information , enabling , by a computing device , user access to the subset of data that has been moved to the front-end storage device via the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
Public Access Mobility LAN : Extending The Wireless Internet Into The LAN Environment . Public wireless communications will increasingly extend into wireless LAN (first authentication method) environments in order to meet the ubiquitous access , high data rate , and local services demands of future Internet appliances . This article offers architectural guidelines for relatively large-scale IP-based WLAN environments configured to accept public access by mobile/portable appliances . By relying on IP-level service mechanisms at the access point , independent of the wireless medium access technology , the WLAN can simultaneously support different air interfaces , franchises for multiple service provider (first user) s with effective authentication and billing , and a multisegment LAN environment including handoffs . QoS across the air interface is not addressed ; this article rather concerns architecture of the wired LAN environment in which wireless access points are imbedded , and its capabilities for QoS and support of the business model . |
| US8869249B2 CLAIM 16 . The method of claim 15 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user (service provider) authentication information and the second user authentication information are authenticated . |
Public Access Mobility LAN : Extending The Wireless Internet Into The LAN Environment . Public wireless communications will increasingly extend into wireless LAN environments in order to meet the ubiquitous access , high data rate , and local services demands of future Internet appliances . This article offers architectural guidelines for relatively large-scale IP-based WLAN environments configured to accept public access by mobile/portable appliances . By relying on IP-level service mechanisms at the access point , independent of the wireless medium access technology , the WLAN can simultaneously support different air interfaces , franchises for multiple service provider (first user) s with effective authentication and billing , and a multisegment LAN environment including handoffs . QoS across the air interface is not addressed ; this article rather concerns architecture of the wired LAN environment in which wireless access points are imbedded , and its capabilities for QoS and support of the business model . |
| US8869249B2 CLAIM 18 . The method of claim 15 , wherein the second user authentication information comprises an access code (wireless access points) . |
Public Access Mobility LAN : Extending The Wireless Internet Into The LAN Environment . Public wireless communications will increasingly extend into wireless LAN environments in order to meet the ubiquitous access , high data rate , and local services demands of future Internet appliances . This article offers architectural guidelines for relatively large-scale IP-based WLAN environments configured to accept public access by mobile/portable appliances . By relying on IP-level service mechanisms at the access point , independent of the wireless medium access technology , the WLAN can simultaneously support different air interfaces , franchises for multiple service providers with effective authentication and billing , and a multisegment LAN environment including handoffs . QoS across the air interface is not addressed ; this article rather concerns architecture of the wired LAN environment in which wireless access points (access point, access code) are imbedded , and its capabilities for QoS and support of the business model . |
| US8869249B2 CLAIM 19 . The method of claim 18 , further comprising sending the access code (wireless access points) to the user upon receiving the first user (service provider) authentication information . |
Public Access Mobility LAN : Extending The Wireless Internet Into The LAN Environment . Public wireless communications will increasingly extend into wireless LAN environments in order to meet the ubiquitous access , high data rate , and local services demands of future Internet appliances . This article offers architectural guidelines for relatively large-scale IP-based WLAN environments configured to accept public access by mobile/portable appliances . By relying on IP-level service mechanisms at the access point , independent of the wireless medium access technology , the WLAN can simultaneously support different air interfaces , franchises for multiple service provider (first user) s with effective authentication and billing , and a multisegment LAN environment including handoffs . QoS across the air interface is not addressed ; this article rather concerns architecture of the wired LAN environment in which wireless access points (access point, access code) are imbedded , and its capabilities for QoS and support of the business model . |
| US8869249B2 CLAIM 20 . The method of claim 19 , wherein the access code (wireless access points) is sent to the user via a different communication channel from which the first user (service provider) authentication information is received . |
Public Access Mobility LAN : Extending The Wireless Internet Into The LAN Environment . Public wireless communications will increasingly extend into wireless LAN environments in order to meet the ubiquitous access , high data rate , and local services demands of future Internet appliances . This article offers architectural guidelines for relatively large-scale IP-based WLAN environments configured to accept public access by mobile/portable appliances . By relying on IP-level service mechanisms at the access point , independent of the wireless medium access technology , the WLAN can simultaneously support different air interfaces , franchises for multiple service provider (first user) s with effective authentication and billing , and a multisegment LAN environment including handoffs . QoS across the air interface is not addressed ; this article rather concerns architecture of the wired LAN environment in which wireless access points (access point, access code) are imbedded , and its capabilities for QoS and support of the business model . |
| US8869249B2 Filed: 2002-01-18 Issued: 2014-10-21 Protecting information on a computer system using multiple authentication methods (Original Assignee) PeopleChart Corp (Current Assignee) PeopleChart Corp R. David Holvey, Arthur Douglas Jopling | 1977 IEEE INTERNATIONAL PERFORMANCE, COMPUTING AND COMMUNICATIONS CONFERENCE. : 546-553 1997 Publication Year: 1997 An Implementation Of MLS On A Network Of Workstations Using X.500/509 Iowa State University of Science and Technology Davis, Jacobson, Bridges, Wright, Ieee |
|---|---|
| US8869249B2 CLAIM 1 . A method comprising : receiving , for a user , first user authentication information for a first authentication method (security service) ; receiving , for the user , second user authentication information (access control mechanism) for a second authentication (access control mechanism) method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving , by a computing device , a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
An Implementation Of MLS On A Network Of Workstations Using X . 500/509 . In this paper , we describe a project whose goal is to provide a secure distributed access control mechanism (second authentication, second user authentication information, second authentication method) for user tasks in a heterogeneous network of computing resources . This is accomplished by implementing a UNIX-based Multi-Level Security (MLS) scheme where users and resources are labeled with a security level and a group . Access control is enforced by an access list server that uses X . 500 directory and X . 509 authentication services . Groundwork is laid for the next step of the project , which is to extend the security service (first authentication method) s for migrating tasks so that workstations are protected from security threats posed by incoming tasks , and also to protect tasks from threats originating from the workstation . |
| US8869249B2 CLAIM 3 . The method of claim 1 , wherein the period of time starts upon authenticating the second user authentication information (access control mechanism) as long as the second user authentication information is authenticated within a prescheduled period of time . |
An Implementation Of MLS On A Network Of Workstations Using X . 500/509 . In this paper , we describe a project whose goal is to provide a secure distributed access control mechanism (second authentication, second user authentication information, second authentication method) for user tasks in a heterogeneous network of computing resources . This is accomplished by implementing a UNIX-based Multi-Level Security (MLS) scheme where users and resources are labeled with a security level and a group . Access control is enforced by an access list server that uses X . 500 directory and X . 509 authentication services . Groundwork is laid for the next step of the project , which is to extend the security services for migrating tasks so that workstations are protected from security threats posed by incoming tasks , and also to protect tasks from threats originating from the workstation . |
| US8869249B2 CLAIM 4 . The method of claim 1 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user authentication information and the second user authentication information (access control mechanism) are authenticated . |
An Implementation Of MLS On A Network Of Workstations Using X . 500/509 . In this paper , we describe a project whose goal is to provide a secure distributed access control mechanism (second authentication, second user authentication information, second authentication method) for user tasks in a heterogeneous network of computing resources . This is accomplished by implementing a UNIX-based Multi-Level Security (MLS) scheme where users and resources are labeled with a security level and a group . Access control is enforced by an access list server that uses X . 500 directory and X . 509 authentication services . Groundwork is laid for the next step of the project , which is to extend the security services for migrating tasks so that workstations are protected from security threats posed by incoming tasks , and also to protect tasks from threats originating from the workstation . |
| US8869249B2 CLAIM 7 . The method of claim 1 , wherein the second user authentication information (access control mechanism) comprises an access code (Access control) . |
An Implementation Of MLS On A Network Of Workstations Using X . 500/509 . In this paper , we describe a project whose goal is to provide a secure distributed access control mechanism (second authentication, second user authentication information, second authentication method) for user tasks in a heterogeneous network of computing resources . This is accomplished by implementing a UNIX-based Multi-Level Security (MLS) scheme where users and resources are labeled with a security level and a group . Access control (access code, user access) is enforced by an access list server that uses X . 500 directory and X . 509 authentication services . Groundwork is laid for the next step of the project , which is to extend the security services for migrating tasks so that workstations are protected from security threats posed by incoming tasks , and also to protect tasks from threats originating from the workstation . |
| US8869249B2 CLAIM 8 . The method of claim 7 , further comprising sending the access code (Access control) to the user upon receiving the first user authentication information . |
An Implementation Of MLS On A Network Of Workstations Using X . 500/509 . In this paper , we describe a project whose goal is to provide a secure distributed access control mechanism for user tasks in a heterogeneous network of computing resources . This is accomplished by implementing a UNIX-based Multi-Level Security (MLS) scheme where users and resources are labeled with a security level and a group . Access control (access code, user access) is enforced by an access list server that uses X . 500 directory and X . 509 authentication services . Groundwork is laid for the next step of the project , which is to extend the security services for migrating tasks so that workstations are protected from security threats posed by incoming tasks , and also to protect tasks from threats originating from the workstation . |
| US8869249B2 CLAIM 9 . The method of claim 8 , wherein the access code (Access control) is sent to the user via a communication path that has been previously established . |
An Implementation Of MLS On A Network Of Workstations Using X . 500/509 . In this paper , we describe a project whose goal is to provide a secure distributed access control mechanism for user tasks in a heterogeneous network of computing resources . This is accomplished by implementing a UNIX-based Multi-Level Security (MLS) scheme where users and resources are labeled with a security level and a group . Access control (access code, user access) is enforced by an access list server that uses X . 500 directory and X . 509 authentication services . Groundwork is laid for the next step of the project , which is to extend the security services for migrating tasks so that workstations are protected from security threats posed by incoming tasks , and also to protect tasks from threats originating from the workstation . |
| US8869249B2 CLAIM 10 . The method of claim 8 , wherein the access code (Access control) is sent to the user via a different communication channel from which the first user authentication information is received . |
An Implementation Of MLS On A Network Of Workstations Using X . 500/509 . In this paper , we describe a project whose goal is to provide a secure distributed access control mechanism for user tasks in a heterogeneous network of computing resources . This is accomplished by implementing a UNIX-based Multi-Level Security (MLS) scheme where users and resources are labeled with a security level and a group . Access control (access code, user access) is enforced by an access list server that uses X . 500 directory and X . 509 authentication services . Groundwork is laid for the next step of the project , which is to extend the security services for migrating tasks so that workstations are protected from security threats posed by incoming tasks , and also to protect tasks from threats originating from the workstation . |
| US8869249B2 CLAIM 11 . A non-transitory computer-readable storage medium containing instructions for controlling a computer system to be configured for : receiving , for a user , first user authentication information for a first authentication method (security service) ; receiving , for the user , second user authentication information (access control mechanism) for a second authentication (access control mechanism) method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing system , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
An Implementation Of MLS On A Network Of Workstations Using X . 500/509 . In this paper , we describe a project whose goal is to provide a secure distributed access control mechanism (second authentication, second user authentication information, second authentication method) for user tasks in a heterogeneous network of computing resources . This is accomplished by implementing a UNIX-based Multi-Level Security (MLS) scheme where users and resources are labeled with a security level and a group . Access control is enforced by an access list server that uses X . 500 directory and X . 509 authentication services . Groundwork is laid for the next step of the project , which is to extend the security service (first authentication method) s for migrating tasks so that workstations are protected from security threats posed by incoming tasks , and also to protect tasks from threats originating from the workstation . |
| US8869249B2 CLAIM 12 . The non-transitory computer-readable storage medium of claim 11 , further configured for : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user authentication information and the second user authentication information (access control mechanism) are authenticated . |
An Implementation Of MLS On A Network Of Workstations Using X . 500/509 . In this paper , we describe a project whose goal is to provide a secure distributed access control mechanism (second authentication, second user authentication information, second authentication method) for user tasks in a heterogeneous network of computing resources . This is accomplished by implementing a UNIX-based Multi-Level Security (MLS) scheme where users and resources are labeled with a security level and a group . Access control is enforced by an access list server that uses X . 500 directory and X . 509 authentication services . Groundwork is laid for the next step of the project , which is to extend the security services for migrating tasks so that workstations are protected from security threats posed by incoming tasks , and also to protect tasks from threats originating from the workstation . |
| US8869249B2 CLAIM 13 . The non-transitory computer-readable storage medium of claim 11 , wherein the second user authentication information (access control mechanism) comprises an access code (Access control) . |
An Implementation Of MLS On A Network Of Workstations Using X . 500/509 . In this paper , we describe a project whose goal is to provide a secure distributed access control mechanism (second authentication, second user authentication information, second authentication method) for user tasks in a heterogeneous network of computing resources . This is accomplished by implementing a UNIX-based Multi-Level Security (MLS) scheme where users and resources are labeled with a security level and a group . Access control (access code, user access) is enforced by an access list server that uses X . 500 directory and X . 509 authentication services . Groundwork is laid for the next step of the project , which is to extend the security services for migrating tasks so that workstations are protected from security threats posed by incoming tasks , and also to protect tasks from threats originating from the workstation . |
| US8869249B2 CLAIM 14 . The non-transitory computer-readable storage medium of claim 13 , wherein the access code (Access control) is sent to the user via a different communication channel from which the first user authentication information is received . |
An Implementation Of MLS On A Network Of Workstations Using X . 500/509 . In this paper , we describe a project whose goal is to provide a secure distributed access control mechanism for user tasks in a heterogeneous network of computing resources . This is accomplished by implementing a UNIX-based Multi-Level Security (MLS) scheme where users and resources are labeled with a security level and a group . Access control (access code, user access) is enforced by an access list server that uses X . 500 directory and X . 509 authentication services . Groundwork is laid for the next step of the project , which is to extend the security services for migrating tasks so that workstations are protected from security threats posed by incoming tasks , and also to protect tasks from threats originating from the workstation . |
| US8869249B2 CLAIM 15 . A method comprising : receiving , for a user , first user authentication information for a first authentication method (security service) ; upon authenticating the first user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device after receiving , for the user , a second user authentication information (access control mechanism) , wherein the front-end storage device is accessible to a user device for the user via a network and the back-end storage device is not directly connected to the network ; receiving , for the user , second user authentication information for a second authentication (access control mechanism) method , the second authentication method being different from the first authentication method ; upon authenticating the second user authentication information , enabling , by a computing device , user access (Access control) to the subset of data that has been moved to the front-end storage device via the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
An Implementation Of MLS On A Network Of Workstations Using X . 500/509 . In this paper , we describe a project whose goal is to provide a secure distributed access control mechanism (second authentication, second user authentication information, second authentication method) for user tasks in a heterogeneous network of computing resources . This is accomplished by implementing a UNIX-based Multi-Level Security (MLS) scheme where users and resources are labeled with a security level and a group . Access control (access code, user access) is enforced by an access list server that uses X . 500 directory and X . 509 authentication services . Groundwork is laid for the next step of the project , which is to extend the security service (first authentication method) s for migrating tasks so that workstations are protected from security threats posed by incoming tasks , and also to protect tasks from threats originating from the workstation . |
| US8869249B2 CLAIM 16 . The method of claim 15 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user authentication information and the second user authentication information (access control mechanism) are authenticated . |
An Implementation Of MLS On A Network Of Workstations Using X . 500/509 . In this paper , we describe a project whose goal is to provide a secure distributed access control mechanism (second authentication, second user authentication information, second authentication method) for user tasks in a heterogeneous network of computing resources . This is accomplished by implementing a UNIX-based Multi-Level Security (MLS) scheme where users and resources are labeled with a security level and a group . Access control is enforced by an access list server that uses X . 500 directory and X . 509 authentication services . Groundwork is laid for the next step of the project , which is to extend the security services for migrating tasks so that workstations are protected from security threats posed by incoming tasks , and also to protect tasks from threats originating from the workstation . |
| US8869249B2 CLAIM 18 . The method of claim 15 , wherein the second user authentication information (access control mechanism) comprises an access code (Access control) . |
An Implementation Of MLS On A Network Of Workstations Using X . 500/509 . In this paper , we describe a project whose goal is to provide a secure distributed access control mechanism (second authentication, second user authentication information, second authentication method) for user tasks in a heterogeneous network of computing resources . This is accomplished by implementing a UNIX-based Multi-Level Security (MLS) scheme where users and resources are labeled with a security level and a group . Access control (access code, user access) is enforced by an access list server that uses X . 500 directory and X . 509 authentication services . Groundwork is laid for the next step of the project , which is to extend the security services for migrating tasks so that workstations are protected from security threats posed by incoming tasks , and also to protect tasks from threats originating from the workstation . |
| US8869249B2 CLAIM 19 . The method of claim 18 , further comprising sending the access code (Access control) to the user upon receiving the first user authentication information . |
An Implementation Of MLS On A Network Of Workstations Using X . 500/509 . In this paper , we describe a project whose goal is to provide a secure distributed access control mechanism for user tasks in a heterogeneous network of computing resources . This is accomplished by implementing a UNIX-based Multi-Level Security (MLS) scheme where users and resources are labeled with a security level and a group . Access control (access code, user access) is enforced by an access list server that uses X . 500 directory and X . 509 authentication services . Groundwork is laid for the next step of the project , which is to extend the security services for migrating tasks so that workstations are protected from security threats posed by incoming tasks , and also to protect tasks from threats originating from the workstation . |
| US8869249B2 CLAIM 20 . The method of claim 19 , wherein the access code (Access control) is sent to the user via a different communication channel from which the first user authentication information is received . |
An Implementation Of MLS On A Network Of Workstations Using X . 500/509 . In this paper , we describe a project whose goal is to provide a secure distributed access control mechanism for user tasks in a heterogeneous network of computing resources . This is accomplished by implementing a UNIX-based Multi-Level Security (MLS) scheme where users and resources are labeled with a security level and a group . Access control (access code, user access) is enforced by an access list server that uses X . 500 directory and X . 509 authentication services . Groundwork is laid for the next step of the project , which is to extend the security services for migrating tasks so that workstations are protected from security threats posed by incoming tasks , and also to protect tasks from threats originating from the workstation . |
| US8869249B2 Filed: 2002-01-18 Issued: 2014-10-21 Protecting information on a computer system using multiple authentication methods (Original Assignee) PeopleChart Corp (Current Assignee) PeopleChart Corp R. David Holvey, Arthur Douglas Jopling | COMPUTERS & SECURITY. 16 (6): 543-549 1997 Publication Year: 1997 Improved System-access Control Using Complementary Technologies The Rand Afrikaans University (RAU) South Africa Labuschagne, Eloff |
|---|---|
| US8869249B2 CLAIM 1 . A method comprising : receiving , for a user , first user authentication information for a first authentication method ; receiving , for the user , second user authentication information (access control mechanism) for a second authentication (access control mechanism) method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving , by a computing device , a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires (up control) , the subset of data is removed from the front-end storage device . |
Improved System-access Control Using Complementary Technologies . Although there are many different aspects to consider when looking at IT security , one of the most tried and trusted methods of ensuring the safety of systems and data is to control people's access to them . In this article the various complementary system-access control mechanism (second authentication, second user authentication information, second authentication method) s will be discussed . In addition , this article is aimed at demonstrating that in order to tighten up control (time expires) and security , it is important to think in terms of combining mechanisms by using various complementary technologies . This article , therefore , does not necessarily make a new contribution to the domain of system-access control , but attempts rather to integrate and consolidate current approaches to improve it . Emphasis is , therefore , placed on the inherent nature of the mechanisms rather than on specific technologies such as biometrics . (C) 1997 Elsevier Science Ltd . All rights reserved . |
| US8869249B2 CLAIM 3 . The method of claim 1 , wherein the period of time starts upon authenticating the second user authentication information (access control mechanism) as long as the second user authentication information is authenticated within a prescheduled period of time . |
Improved System-access Control Using Complementary Technologies . Although there are many different aspects to consider when looking at IT security , one of the most tried and trusted methods of ensuring the safety of systems and data is to control people's access to them . In this article the various complementary system-access control mechanism (second authentication, second user authentication information, second authentication method) s will be discussed . In addition , this article is aimed at demonstrating that in order to tighten up control and security , it is important to think in terms of combining mechanisms by using various complementary technologies . This article , therefore , does not necessarily make a new contribution to the domain of system-access control , but attempts rather to integrate and consolidate current approaches to improve it . Emphasis is , therefore , placed on the inherent nature of the mechanisms rather than on specific technologies such as biometrics . (C) 1997 Elsevier Science Ltd . All rights reserved . |
| US8869249B2 CLAIM 4 . The method of claim 1 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user authentication information and the second user authentication information (access control mechanism) are authenticated . |
Improved System-access Control Using Complementary Technologies . Although there are many different aspects to consider when looking at IT security , one of the most tried and trusted methods of ensuring the safety of systems and data is to control people's access to them . In this article the various complementary system-access control mechanism (second authentication, second user authentication information, second authentication method) s will be discussed . In addition , this article is aimed at demonstrating that in order to tighten up control and security , it is important to think in terms of combining mechanisms by using various complementary technologies . This article , therefore , does not necessarily make a new contribution to the domain of system-access control , but attempts rather to integrate and consolidate current approaches to improve it . Emphasis is , therefore , placed on the inherent nature of the mechanisms rather than on specific technologies such as biometrics . (C) 1997 Elsevier Science Ltd . All rights reserved . |
| US8869249B2 CLAIM 7 . The method of claim 1 , wherein the second user authentication information (access control mechanism) comprises an access code . |
Improved System-access Control Using Complementary Technologies . Although there are many different aspects to consider when looking at IT security , one of the most tried and trusted methods of ensuring the safety of systems and data is to control people's access to them . In this article the various complementary system-access control mechanism (second authentication, second user authentication information, second authentication method) s will be discussed . In addition , this article is aimed at demonstrating that in order to tighten up control and security , it is important to think in terms of combining mechanisms by using various complementary technologies . This article , therefore , does not necessarily make a new contribution to the domain of system-access control , but attempts rather to integrate and consolidate current approaches to improve it . Emphasis is , therefore , placed on the inherent nature of the mechanisms rather than on specific technologies such as biometrics . (C) 1997 Elsevier Science Ltd . All rights reserved . |
| US8869249B2 CLAIM 11 . A non-transitory computer-readable storage medium containing instructions for controlling a computer system to be configured for : receiving , for a user , first user authentication information for a first authentication method ; receiving , for the user , second user authentication information (access control mechanism) for a second authentication (access control mechanism) method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing system , wherein after the period of time expires (up control) , the subset of data is removed from the front-end storage device . |
Improved System-access Control Using Complementary Technologies . Although there are many different aspects to consider when looking at IT security , one of the most tried and trusted methods of ensuring the safety of systems and data is to control people's access to them . In this article the various complementary system-access control mechanism (second authentication, second user authentication information, second authentication method) s will be discussed . In addition , this article is aimed at demonstrating that in order to tighten up control (time expires) and security , it is important to think in terms of combining mechanisms by using various complementary technologies . This article , therefore , does not necessarily make a new contribution to the domain of system-access control , but attempts rather to integrate and consolidate current approaches to improve it . Emphasis is , therefore , placed on the inherent nature of the mechanisms rather than on specific technologies such as biometrics . (C) 1997 Elsevier Science Ltd . All rights reserved . |
| US8869249B2 CLAIM 12 . The non-transitory computer-readable storage medium of claim 11 , further configured for : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user authentication information and the second user authentication information (access control mechanism) are authenticated . |
Improved System-access Control Using Complementary Technologies . Although there are many different aspects to consider when looking at IT security , one of the most tried and trusted methods of ensuring the safety of systems and data is to control people's access to them . In this article the various complementary system-access control mechanism (second authentication, second user authentication information, second authentication method) s will be discussed . In addition , this article is aimed at demonstrating that in order to tighten up control and security , it is important to think in terms of combining mechanisms by using various complementary technologies . This article , therefore , does not necessarily make a new contribution to the domain of system-access control , but attempts rather to integrate and consolidate current approaches to improve it . Emphasis is , therefore , placed on the inherent nature of the mechanisms rather than on specific technologies such as biometrics . (C) 1997 Elsevier Science Ltd . All rights reserved . |
| US8869249B2 CLAIM 13 . The non-transitory computer-readable storage medium of claim 11 , wherein the second user authentication information (access control mechanism) comprises an access code . |
Improved System-access Control Using Complementary Technologies . Although there are many different aspects to consider when looking at IT security , one of the most tried and trusted methods of ensuring the safety of systems and data is to control people's access to them . In this article the various complementary system-access control mechanism (second authentication, second user authentication information, second authentication method) s will be discussed . In addition , this article is aimed at demonstrating that in order to tighten up control and security , it is important to think in terms of combining mechanisms by using various complementary technologies . This article , therefore , does not necessarily make a new contribution to the domain of system-access control , but attempts rather to integrate and consolidate current approaches to improve it . Emphasis is , therefore , placed on the inherent nature of the mechanisms rather than on specific technologies such as biometrics . (C) 1997 Elsevier Science Ltd . All rights reserved . |
| US8869249B2 CLAIM 15 . A method comprising : receiving , for a user , first user authentication information for a first authentication method ; upon authenticating the first user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device after receiving , for the user , a second user authentication information (access control mechanism) , wherein the front-end storage device is accessible to a user device for the user via a network and the back-end storage device is not directly connected to the network ; receiving , for the user , second user authentication information for a second authentication (access control mechanism) method , the second authentication method being different from the first authentication method ; upon authenticating the second user authentication information , enabling , by a computing device , user access to the subset of data that has been moved to the front-end storage device via the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires (up control) , the subset of data is removed from the front-end storage device . |
Improved System-access Control Using Complementary Technologies . Although there are many different aspects to consider when looking at IT security , one of the most tried and trusted methods of ensuring the safety of systems and data is to control people's access to them . In this article the various complementary system-access control mechanism (second authentication, second user authentication information, second authentication method) s will be discussed . In addition , this article is aimed at demonstrating that in order to tighten up control (time expires) and security , it is important to think in terms of combining mechanisms by using various complementary technologies . This article , therefore , does not necessarily make a new contribution to the domain of system-access control , but attempts rather to integrate and consolidate current approaches to improve it . Emphasis is , therefore , placed on the inherent nature of the mechanisms rather than on specific technologies such as biometrics . (C) 1997 Elsevier Science Ltd . All rights reserved . |
| US8869249B2 CLAIM 16 . The method of claim 15 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user authentication information and the second user authentication information (access control mechanism) are authenticated . |
Improved System-access Control Using Complementary Technologies . Although there are many different aspects to consider when looking at IT security , one of the most tried and trusted methods of ensuring the safety of systems and data is to control people's access to them . In this article the various complementary system-access control mechanism (second authentication, second user authentication information, second authentication method) s will be discussed . In addition , this article is aimed at demonstrating that in order to tighten up control and security , it is important to think in terms of combining mechanisms by using various complementary technologies . This article , therefore , does not necessarily make a new contribution to the domain of system-access control , but attempts rather to integrate and consolidate current approaches to improve it . Emphasis is , therefore , placed on the inherent nature of the mechanisms rather than on specific technologies such as biometrics . (C) 1997 Elsevier Science Ltd . All rights reserved . |
| US8869249B2 CLAIM 18 . The method of claim 15 , wherein the second user authentication information (access control mechanism) comprises an access code . |
Improved System-access Control Using Complementary Technologies . Although there are many different aspects to consider when looking at IT security , one of the most tried and trusted methods of ensuring the safety of systems and data is to control people's access to them . In this article the various complementary system-access control mechanism (second authentication, second user authentication information, second authentication method) s will be discussed . In addition , this article is aimed at demonstrating that in order to tighten up control and security , it is important to think in terms of combining mechanisms by using various complementary technologies . This article , therefore , does not necessarily make a new contribution to the domain of system-access control , but attempts rather to integrate and consolidate current approaches to improve it . Emphasis is , therefore , placed on the inherent nature of the mechanisms rather than on specific technologies such as biometrics . (C) 1997 Elsevier Science Ltd . All rights reserved . |
| US8869249B2 Filed: 2002-01-18 Issued: 2014-10-21 Protecting information on a computer system using multiple authentication methods (Original Assignee) PeopleChart Corp (Current Assignee) PeopleChart Corp R. David Holvey, Arthur Douglas Jopling | 1997 CERN SCHOOL OF COMPUTING. 97 (8): 47-71 1997 Publication Year: 1997 A Use-condition Centered Approach To Authenticated Global Capabilities: Security Architectures For Large-scale Distributed Collaboratory Environments University of California—Berkeley Johnston, Larsen, Vandoni |
|---|---|
| US8869249B2 CLAIM 1 . A method comprising : receiving , for a user , first user authentication information for a first authentication method (security service) ; receiving , for the user , second user authentication information (access control mechanism) for a second authentication (access control mechanism) method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving , by a computing device , a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
A Use-condition Centered Approach To Authenticated Global Capabilities : Security Architectures For Large-scale Distributed Collaboratory Environments . We are developing a security model and architecture that is intended to provide general , scalable , and effective security service (first authentication method) s in open and highly distributed network environments . Our objective is to provide , especially for on-line scientific instrument systems , the same level of , and expressiveness of , access control that is available to a local human controller of information and facilities , and the same authority , delegation , individual responsibility and accountability , and expressiveness of policy that one sees in specific environments in scientific organizations . Our model is based on a public-key infrastructure and cryptographically signed certificates that encode use-conditions that are defined by those directly responsible for a resource . Certificates that encode user characteristics that satisfy the use-conditions are supplied by those who can attest to the characteristic . The collection of certificates specifying use-conditions and their satisfaction are combined with on-line (real-time) access control mechanism (second authentication, second user authentication information, second authentication method) s to enable remote instrument operation . The real-time mechanisms are intended to provide the level and scope of credential validation commensurate with the consequences of the actions that are enabled / protected by the security system . This general approach is not unlike the directions of the financial information industry is taking to enable global distributed enterprise . One of our proposed uses of the model (supporting real-time construction of distributed computing and storage systems based on use-condition certificates) is similar to the distributed enterprise / electronic commerce capabilities envisioned by the financial industry . We also describe a prototype implementation that we are using to experiment with this model , and that is providing security services for several distributed applications . draft . |
| US8869249B2 CLAIM 3 . The method of claim 1 , wherein the period of time starts upon authenticating the second user authentication information (access control mechanism) as long as the second user authentication information is authenticated within a prescheduled period of time . |
A Use-condition Centered Approach To Authenticated Global Capabilities : Security Architectures For Large-scale Distributed Collaboratory Environments . We are developing a security model and architecture that is intended to provide general , scalable , and effective security services in open and highly distributed network environments . Our objective is to provide , especially for on-line scientific instrument systems , the same level of , and expressiveness of , access control that is available to a local human controller of information and facilities , and the same authority , delegation , individual responsibility and accountability , and expressiveness of policy that one sees in specific environments in scientific organizations . Our model is based on a public-key infrastructure and cryptographically signed certificates that encode use-conditions that are defined by those directly responsible for a resource . Certificates that encode user characteristics that satisfy the use-conditions are supplied by those who can attest to the characteristic . The collection of certificates specifying use-conditions and their satisfaction are combined with on-line (real-time) access control mechanism (second authentication, second user authentication information, second authentication method) s to enable remote instrument operation . The real-time mechanisms are intended to provide the level and scope of credential validation commensurate with the consequences of the actions that are enabled / protected by the security system . This general approach is not unlike the directions of the financial information industry is taking to enable global distributed enterprise . One of our proposed uses of the model (supporting real-time construction of distributed computing and storage systems based on use-condition certificates) is similar to the distributed enterprise / electronic commerce capabilities envisioned by the financial industry . We also describe a prototype implementation that we are using to experiment with this model , and that is providing security services for several distributed applications . draft . |
| US8869249B2 CLAIM 4 . The method of claim 1 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user authentication information and the second user authentication information (access control mechanism) are authenticated . |
A Use-condition Centered Approach To Authenticated Global Capabilities : Security Architectures For Large-scale Distributed Collaboratory Environments . We are developing a security model and architecture that is intended to provide general , scalable , and effective security services in open and highly distributed network environments . Our objective is to provide , especially for on-line scientific instrument systems , the same level of , and expressiveness of , access control that is available to a local human controller of information and facilities , and the same authority , delegation , individual responsibility and accountability , and expressiveness of policy that one sees in specific environments in scientific organizations . Our model is based on a public-key infrastructure and cryptographically signed certificates that encode use-conditions that are defined by those directly responsible for a resource . Certificates that encode user characteristics that satisfy the use-conditions are supplied by those who can attest to the characteristic . The collection of certificates specifying use-conditions and their satisfaction are combined with on-line (real-time) access control mechanism (second authentication, second user authentication information, second authentication method) s to enable remote instrument operation . The real-time mechanisms are intended to provide the level and scope of credential validation commensurate with the consequences of the actions that are enabled / protected by the security system . This general approach is not unlike the directions of the financial information industry is taking to enable global distributed enterprise . One of our proposed uses of the model (supporting real-time construction of distributed computing and storage systems based on use-condition certificates) is similar to the distributed enterprise / electronic commerce capabilities envisioned by the financial industry . We also describe a prototype implementation that we are using to experiment with this model , and that is providing security services for several distributed applications . draft . |
| US8869249B2 CLAIM 7 . The method of claim 1 , wherein the second user authentication information (access control mechanism) comprises an access code . |
A Use-condition Centered Approach To Authenticated Global Capabilities : Security Architectures For Large-scale Distributed Collaboratory Environments . We are developing a security model and architecture that is intended to provide general , scalable , and effective security services in open and highly distributed network environments . Our objective is to provide , especially for on-line scientific instrument systems , the same level of , and expressiveness of , access control that is available to a local human controller of information and facilities , and the same authority , delegation , individual responsibility and accountability , and expressiveness of policy that one sees in specific environments in scientific organizations . Our model is based on a public-key infrastructure and cryptographically signed certificates that encode use-conditions that are defined by those directly responsible for a resource . Certificates that encode user characteristics that satisfy the use-conditions are supplied by those who can attest to the characteristic . The collection of certificates specifying use-conditions and their satisfaction are combined with on-line (real-time) access control mechanism (second authentication, second user authentication information, second authentication method) s to enable remote instrument operation . The real-time mechanisms are intended to provide the level and scope of credential validation commensurate with the consequences of the actions that are enabled / protected by the security system . This general approach is not unlike the directions of the financial information industry is taking to enable global distributed enterprise . One of our proposed uses of the model (supporting real-time construction of distributed computing and storage systems based on use-condition certificates) is similar to the distributed enterprise / electronic commerce capabilities envisioned by the financial industry . We also describe a prototype implementation that we are using to experiment with this model , and that is providing security services for several distributed applications . draft . |
| US8869249B2 CLAIM 11 . A non-transitory computer-readable storage medium containing instructions for controlling a computer system to be configured for : receiving , for a user , first user authentication information for a first authentication method (security service) ; receiving , for the user , second user authentication information (access control mechanism) for a second authentication (access control mechanism) method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing system , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
A Use-condition Centered Approach To Authenticated Global Capabilities : Security Architectures For Large-scale Distributed Collaboratory Environments . We are developing a security model and architecture that is intended to provide general , scalable , and effective security service (first authentication method) s in open and highly distributed network environments . Our objective is to provide , especially for on-line scientific instrument systems , the same level of , and expressiveness of , access control that is available to a local human controller of information and facilities , and the same authority , delegation , individual responsibility and accountability , and expressiveness of policy that one sees in specific environments in scientific organizations . Our model is based on a public-key infrastructure and cryptographically signed certificates that encode use-conditions that are defined by those directly responsible for a resource . Certificates that encode user characteristics that satisfy the use-conditions are supplied by those who can attest to the characteristic . The collection of certificates specifying use-conditions and their satisfaction are combined with on-line (real-time) access control mechanism (second authentication, second user authentication information, second authentication method) s to enable remote instrument operation . The real-time mechanisms are intended to provide the level and scope of credential validation commensurate with the consequences of the actions that are enabled / protected by the security system . This general approach is not unlike the directions of the financial information industry is taking to enable global distributed enterprise . One of our proposed uses of the model (supporting real-time construction of distributed computing and storage systems based on use-condition certificates) is similar to the distributed enterprise / electronic commerce capabilities envisioned by the financial industry . We also describe a prototype implementation that we are using to experiment with this model , and that is providing security services for several distributed applications . draft . |
| US8869249B2 CLAIM 12 . The non-transitory computer-readable storage medium of claim 11 , further configured for : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user authentication information and the second user authentication information (access control mechanism) are authenticated . |
A Use-condition Centered Approach To Authenticated Global Capabilities : Security Architectures For Large-scale Distributed Collaboratory Environments . We are developing a security model and architecture that is intended to provide general , scalable , and effective security services in open and highly distributed network environments . Our objective is to provide , especially for on-line scientific instrument systems , the same level of , and expressiveness of , access control that is available to a local human controller of information and facilities , and the same authority , delegation , individual responsibility and accountability , and expressiveness of policy that one sees in specific environments in scientific organizations . Our model is based on a public-key infrastructure and cryptographically signed certificates that encode use-conditions that are defined by those directly responsible for a resource . Certificates that encode user characteristics that satisfy the use-conditions are supplied by those who can attest to the characteristic . The collection of certificates specifying use-conditions and their satisfaction are combined with on-line (real-time) access control mechanism (second authentication, second user authentication information, second authentication method) s to enable remote instrument operation . The real-time mechanisms are intended to provide the level and scope of credential validation commensurate with the consequences of the actions that are enabled / protected by the security system . This general approach is not unlike the directions of the financial information industry is taking to enable global distributed enterprise . One of our proposed uses of the model (supporting real-time construction of distributed computing and storage systems based on use-condition certificates) is similar to the distributed enterprise / electronic commerce capabilities envisioned by the financial industry . We also describe a prototype implementation that we are using to experiment with this model , and that is providing security services for several distributed applications . draft . |
| US8869249B2 CLAIM 13 . The non-transitory computer-readable storage medium of claim 11 , wherein the second user authentication information (access control mechanism) comprises an access code . |
A Use-condition Centered Approach To Authenticated Global Capabilities : Security Architectures For Large-scale Distributed Collaboratory Environments . We are developing a security model and architecture that is intended to provide general , scalable , and effective security services in open and highly distributed network environments . Our objective is to provide , especially for on-line scientific instrument systems , the same level of , and expressiveness of , access control that is available to a local human controller of information and facilities , and the same authority , delegation , individual responsibility and accountability , and expressiveness of policy that one sees in specific environments in scientific organizations . Our model is based on a public-key infrastructure and cryptographically signed certificates that encode use-conditions that are defined by those directly responsible for a resource . Certificates that encode user characteristics that satisfy the use-conditions are supplied by those who can attest to the characteristic . The collection of certificates specifying use-conditions and their satisfaction are combined with on-line (real-time) access control mechanism (second authentication, second user authentication information, second authentication method) s to enable remote instrument operation . The real-time mechanisms are intended to provide the level and scope of credential validation commensurate with the consequences of the actions that are enabled / protected by the security system . This general approach is not unlike the directions of the financial information industry is taking to enable global distributed enterprise . One of our proposed uses of the model (supporting real-time construction of distributed computing and storage systems based on use-condition certificates) is similar to the distributed enterprise / electronic commerce capabilities envisioned by the financial industry . We also describe a prototype implementation that we are using to experiment with this model , and that is providing security services for several distributed applications . draft . |
| US8869249B2 CLAIM 15 . A method comprising : receiving , for a user , first user authentication information for a first authentication method (security service) ; upon authenticating the first user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device after receiving , for the user , a second user authentication information (access control mechanism) , wherein the front-end storage device is accessible to a user device for the user via a network and the back-end storage device is not directly connected to the network ; receiving , for the user , second user authentication information for a second authentication (access control mechanism) method , the second authentication method being different from the first authentication method ; upon authenticating the second user authentication information , enabling , by a computing device , user access to the subset of data that has been moved to the front-end storage device via the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
A Use-condition Centered Approach To Authenticated Global Capabilities : Security Architectures For Large-scale Distributed Collaboratory Environments . We are developing a security model and architecture that is intended to provide general , scalable , and effective security service (first authentication method) s in open and highly distributed network environments . Our objective is to provide , especially for on-line scientific instrument systems , the same level of , and expressiveness of , access control that is available to a local human controller of information and facilities , and the same authority , delegation , individual responsibility and accountability , and expressiveness of policy that one sees in specific environments in scientific organizations . Our model is based on a public-key infrastructure and cryptographically signed certificates that encode use-conditions that are defined by those directly responsible for a resource . Certificates that encode user characteristics that satisfy the use-conditions are supplied by those who can attest to the characteristic . The collection of certificates specifying use-conditions and their satisfaction are combined with on-line (real-time) access control mechanism (second authentication, second user authentication information, second authentication method) s to enable remote instrument operation . The real-time mechanisms are intended to provide the level and scope of credential validation commensurate with the consequences of the actions that are enabled / protected by the security system . This general approach is not unlike the directions of the financial information industry is taking to enable global distributed enterprise . One of our proposed uses of the model (supporting real-time construction of distributed computing and storage systems based on use-condition certificates) is similar to the distributed enterprise / electronic commerce capabilities envisioned by the financial industry . We also describe a prototype implementation that we are using to experiment with this model , and that is providing security services for several distributed applications . draft . |
| US8869249B2 CLAIM 16 . The method of claim 15 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user authentication information and the second user authentication information (access control mechanism) are authenticated . |
A Use-condition Centered Approach To Authenticated Global Capabilities : Security Architectures For Large-scale Distributed Collaboratory Environments . We are developing a security model and architecture that is intended to provide general , scalable , and effective security services in open and highly distributed network environments . Our objective is to provide , especially for on-line scientific instrument systems , the same level of , and expressiveness of , access control that is available to a local human controller of information and facilities , and the same authority , delegation , individual responsibility and accountability , and expressiveness of policy that one sees in specific environments in scientific organizations . Our model is based on a public-key infrastructure and cryptographically signed certificates that encode use-conditions that are defined by those directly responsible for a resource . Certificates that encode user characteristics that satisfy the use-conditions are supplied by those who can attest to the characteristic . The collection of certificates specifying use-conditions and their satisfaction are combined with on-line (real-time) access control mechanism (second authentication, second user authentication information, second authentication method) s to enable remote instrument operation . The real-time mechanisms are intended to provide the level and scope of credential validation commensurate with the consequences of the actions that are enabled / protected by the security system . This general approach is not unlike the directions of the financial information industry is taking to enable global distributed enterprise . One of our proposed uses of the model (supporting real-time construction of distributed computing and storage systems based on use-condition certificates) is similar to the distributed enterprise / electronic commerce capabilities envisioned by the financial industry . We also describe a prototype implementation that we are using to experiment with this model , and that is providing security services for several distributed applications . draft . |
| US8869249B2 CLAIM 18 . The method of claim 15 , wherein the second user authentication information (access control mechanism) comprises an access code . |
A Use-condition Centered Approach To Authenticated Global Capabilities : Security Architectures For Large-scale Distributed Collaboratory Environments . We are developing a security model and architecture that is intended to provide general , scalable , and effective security services in open and highly distributed network environments . Our objective is to provide , especially for on-line scientific instrument systems , the same level of , and expressiveness of , access control that is available to a local human controller of information and facilities , and the same authority , delegation , individual responsibility and accountability , and expressiveness of policy that one sees in specific environments in scientific organizations . Our model is based on a public-key infrastructure and cryptographically signed certificates that encode use-conditions that are defined by those directly responsible for a resource . Certificates that encode user characteristics that satisfy the use-conditions are supplied by those who can attest to the characteristic . The collection of certificates specifying use-conditions and their satisfaction are combined with on-line (real-time) access control mechanism (second authentication, second user authentication information, second authentication method) s to enable remote instrument operation . The real-time mechanisms are intended to provide the level and scope of credential validation commensurate with the consequences of the actions that are enabled / protected by the security system . This general approach is not unlike the directions of the financial information industry is taking to enable global distributed enterprise . One of our proposed uses of the model (supporting real-time construction of distributed computing and storage systems based on use-condition certificates) is similar to the distributed enterprise / electronic commerce capabilities envisioned by the financial industry . We also describe a prototype implementation that we are using to experiment with this model , and that is providing security services for several distributed applications . draft . |
| US8869249B2 Filed: 2002-01-18 Issued: 2014-10-21 Protecting information on a computer system using multiple authentication methods (Original Assignee) PeopleChart Corp (Current Assignee) PeopleChart Corp R. David Holvey, Arthur Douglas Jopling | US20020004833A1 Filed: 2001-06-14 Issued: 2002-01-10 System for and a method of providing an online time period reserving service, which can protect an excessive load from being applied to a communication system, in order to provide a stable communication to a user (Original Assignee) NEC Corp (Current Assignee) NEC Corp Toshio Tonouchi |
|---|---|
| US8869249B2 CLAIM 1 . A method comprising : receiving , for a user , first user authentication information for a first authentication method ; receiving , for the user , second user (said time) authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving , by a computing device , a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires (same time period) , the subset of data is removed from the front-end storage device . |
US20020004833A1 CLAIM 2 . The system of reserving a connecting service to the internet at a time period according to claim 1 , wherein said contract unit permits said reserving demand when the number of users connecting to the internet at a same time as said time (second user, second user authentication information) period included in said reserving demand is smaller than or equal to a predetermined value . US20020004833A1 CLAIM 19 . A contract server to reserve a connecting service to the internet at a time period , comprising : an input unit inputting a reserving demand to reserve a connecting service to the internet at a certain time period from a user ; and a judging unit judging whether said reserving demand is permitted based on a state with regard to a reservation for a connecting service to the internet at a same time period (time expires) as a time period at which said user wants said connecting service in said reserving demand . |
| US8869249B2 CLAIM 3 . The method of claim 1 , wherein the period of time starts upon authenticating the second user (said time) authentication information as long as the second user authentication information is authenticated within a prescheduled period of time . |
US20020004833A1 CLAIM 2 . The system of reserving a connecting service to the internet at a time period according to claim 1 , wherein said contract unit permits said reserving demand when the number of users connecting to the internet at a same time as said time (second user, second user authentication information) period included in said reserving demand is smaller than or equal to a predetermined value . |
| US8869249B2 CLAIM 4 . The method of claim 1 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user authentication information and the second user (said time) authentication information are authenticated . |
US20020004833A1 CLAIM 2 . The system of reserving a connecting service to the internet at a time period according to claim 1 , wherein said contract unit permits said reserving demand when the number of users connecting to the internet at a same time as said time (second user, second user authentication information) period included in said reserving demand is smaller than or equal to a predetermined value . |
| US8869249B2 CLAIM 7 . The method of claim 1 , wherein the second user (said time) authentication information comprises an access code . |
US20020004833A1 CLAIM 2 . The system of reserving a connecting service to the internet at a time period according to claim 1 , wherein said contract unit permits said reserving demand when the number of users connecting to the internet at a same time as said time (second user, second user authentication information) period included in said reserving demand is smaller than or equal to a predetermined value . |
| US8869249B2 CLAIM 11 . A non-transitory computer-readable storage medium containing instructions for controlling a computer system to be configured for : receiving , for a user , first user authentication information for a first authentication method ; receiving , for the user , second user (said time) authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing system , wherein after the period of time expires (same time period) , the subset of data is removed from the front-end storage device . |
US20020004833A1 CLAIM 2 . The system of reserving a connecting service to the internet at a time period according to claim 1 , wherein said contract unit permits said reserving demand when the number of users connecting to the internet at a same time as said time (second user, second user authentication information) period included in said reserving demand is smaller than or equal to a predetermined value . US20020004833A1 CLAIM 19 . A contract server to reserve a connecting service to the internet at a time period , comprising : an input unit inputting a reserving demand to reserve a connecting service to the internet at a certain time period from a user ; and a judging unit judging whether said reserving demand is permitted based on a state with regard to a reservation for a connecting service to the internet at a same time period (time expires) as a time period at which said user wants said connecting service in said reserving demand . |
| US8869249B2 CLAIM 12 . The non-transitory computer-readable storage medium of claim 11 , further configured for : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user authentication information and the second user (said time) authentication information are authenticated . |
US20020004833A1 CLAIM 2 . The system of reserving a connecting service to the internet at a time period according to claim 1 , wherein said contract unit permits said reserving demand when the number of users connecting to the internet at a same time as said time (second user, second user authentication information) period included in said reserving demand is smaller than or equal to a predetermined value . |
| US8869249B2 CLAIM 13 . The non-transitory computer-readable storage medium of claim 11 , wherein the second user (said time) authentication information comprises an access code . |
US20020004833A1 CLAIM 2 . The system of reserving a connecting service to the internet at a time period according to claim 1 , wherein said contract unit permits said reserving demand when the number of users connecting to the internet at a same time as said time (second user, second user authentication information) period included in said reserving demand is smaller than or equal to a predetermined value . |
| US8869249B2 CLAIM 15 . A method comprising : receiving , for a user , first user authentication information for a first authentication method ; upon authenticating the first user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device after receiving , for the user , a second user (said time) authentication information , wherein the front-end storage device is accessible to a user device for the user via a network and the back-end storage device is not directly connected to the network ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the second user authentication information , enabling , by a computing device , user access to the subset of data that has been moved to the front-end storage device via the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires (same time period) , the subset of data is removed from the front-end storage device . |
US20020004833A1 CLAIM 2 . The system of reserving a connecting service to the internet at a time period according to claim 1 , wherein said contract unit permits said reserving demand when the number of users connecting to the internet at a same time as said time (second user, second user authentication information) period included in said reserving demand is smaller than or equal to a predetermined value . US20020004833A1 CLAIM 19 . A contract server to reserve a connecting service to the internet at a time period , comprising : an input unit inputting a reserving demand to reserve a connecting service to the internet at a certain time period from a user ; and a judging unit judging whether said reserving demand is permitted based on a state with regard to a reservation for a connecting service to the internet at a same time period (time expires) as a time period at which said user wants said connecting service in said reserving demand . |
| US8869249B2 CLAIM 16 . The method of claim 15 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user authentication information and the second user (said time) authentication information are authenticated . |
US20020004833A1 CLAIM 2 . The system of reserving a connecting service to the internet at a time period according to claim 1 , wherein said contract unit permits said reserving demand when the number of users connecting to the internet at a same time as said time (second user, second user authentication information) period included in said reserving demand is smaller than or equal to a predetermined value . |
| US8869249B2 CLAIM 18 . The method of claim 15 , wherein the second user (said time) authentication information comprises an access code . |
US20020004833A1 CLAIM 2 . The system of reserving a connecting service to the internet at a time period according to claim 1 , wherein said contract unit permits said reserving demand when the number of users connecting to the internet at a same time as said time (second user, second user authentication information) period included in said reserving demand is smaller than or equal to a predetermined value . |
| US8869249B2 Filed: 2002-01-18 Issued: 2014-10-21 Protecting information on a computer system using multiple authentication methods (Original Assignee) PeopleChart Corp (Current Assignee) PeopleChart Corp R. David Holvey, Arthur Douglas Jopling | US20020004727A1 Filed: 2001-03-26 Issued: 2002-01-10 Broadband computer-based networked systems for control and management of medical records (Original Assignee) Knaus William A.; Marks Richard D. William Knaus, Richard Marks |
|---|---|
| US8869249B2 CLAIM 1 . A method comprising : receiving , for a user , first user (service provider, said portion) authentication information for a first authentication method ; receiving , for the user , second user (said database) authentication information for a second authentication (digital signatures) method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving , by a computing device (electronic data) , a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device (said database) for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US20020004727A1 CLAIM 37 . An electronic data (computing device, computer system) base of medical records created and compiled according to the method of claim 30 . US20020004727A1 CLAIM 41 . A method for integrating medical records to create a certified medical record database comprising : obtaining medical information from one or more healthcare sources for a plurality of patients ; electronically inputting all of the medical information obtained into a secure computer database to create medical records ; and certifying that each of said medical records meet one of a plurality of certification standards established by the service provider (first user) to create the certified medical record database . US20020004727A1 CLAIM 47 . The computer system of claim 46 wherein said database (second user, user device, user device access, user access) is a secure database . US20020004727A1 CLAIM 53 . The computer system of claim 46 wherein said authorization means comprises public key encryption , digital signatures (second authentication) , biometrics , certificate authorities , or user passwords . US20020004727A1 CLAIM 54 . The computer system of claim 46 wherein said portion (first user) of said medical records have the characteristic of non-repudiation . |
| US8869249B2 CLAIM 3 . The method of claim 1 , wherein the period of time starts upon authenticating the second user (said database) authentication information as long as the second user authentication information is authenticated within a prescheduled period of time . |
US20020004727A1 CLAIM 47 . The computer system of claim 46 wherein said database (second user, user device, user device access, user access) is a secure database . |
| US8869249B2 CLAIM 4 . The method of claim 1 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user (service provider, said portion) authentication information and the second user (said database) authentication information are authenticated . |
US20020004727A1 CLAIM 41 . A method for integrating medical records to create a certified medical record database comprising : obtaining medical information from one or more healthcare sources for a plurality of patients ; electronically inputting all of the medical information obtained into a secure computer database to create medical records ; and certifying that each of said medical records meet one of a plurality of certification standards established by the service provider (first user) to create the certified medical record database . US20020004727A1 CLAIM 47 . The computer system of claim 46 wherein said database (second user, user device, user device access, user access) is a secure database . US20020004727A1 CLAIM 54 . The computer system of claim 46 wherein said portion (first user) of said medical records have the characteristic of non-repudiation . |
| US8869249B2 CLAIM 7 . The method of claim 1 , wherein the second user (said database) authentication information comprises an access code . |
US20020004727A1 CLAIM 47 . The computer system of claim 46 wherein said database (second user, user device, user device access, user access) is a secure database . |
| US8869249B2 CLAIM 8 . The method of claim 7 , further comprising sending the access code to the user upon receiving the first user (service provider, said portion) authentication information . |
US20020004727A1 CLAIM 41 . A method for integrating medical records to create a certified medical record database comprising : obtaining medical information from one or more healthcare sources for a plurality of patients ; electronically inputting all of the medical information obtained into a secure computer database to create medical records ; and certifying that each of said medical records meet one of a plurality of certification standards established by the service provider (first user) to create the certified medical record database . US20020004727A1 CLAIM 54 . The computer system of claim 46 wherein said portion (first user) of said medical records have the characteristic of non-repudiation . |
| US8869249B2 CLAIM 10 . The method of claim 8 , wherein the access code is sent to the user via a different communication channel from which the first user (service provider, said portion) authentication information is received . |
US20020004727A1 CLAIM 41 . A method for integrating medical records to create a certified medical record database comprising : obtaining medical information from one or more healthcare sources for a plurality of patients ; electronically inputting all of the medical information obtained into a secure computer database to create medical records ; and certifying that each of said medical records meet one of a plurality of certification standards established by the service provider (first user) to create the certified medical record database . US20020004727A1 CLAIM 54 . The computer system of claim 46 wherein said portion (first user) of said medical records have the characteristic of non-repudiation . |
| US8869249B2 CLAIM 11 . A non-transitory computer-readable storage medium containing instructions for controlling a computer system (electronic data) to be configured for : receiving , for a user , first user (service provider, said portion) authentication information for a first authentication method ; receiving , for the user , second user (said database) authentication information for a second authentication (digital signatures) method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device (said database) for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing system , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US20020004727A1 CLAIM 37 . An electronic data (computing device, computer system) base of medical records created and compiled according to the method of claim 30 . US20020004727A1 CLAIM 41 . A method for integrating medical records to create a certified medical record database comprising : obtaining medical information from one or more healthcare sources for a plurality of patients ; electronically inputting all of the medical information obtained into a secure computer database to create medical records ; and certifying that each of said medical records meet one of a plurality of certification standards established by the service provider (first user) to create the certified medical record database . US20020004727A1 CLAIM 47 . The computer system of claim 46 wherein said database (second user, user device, user device access, user access) is a secure database . US20020004727A1 CLAIM 53 . The computer system of claim 46 wherein said authorization means comprises public key encryption , digital signatures (second authentication) , biometrics , certificate authorities , or user passwords . US20020004727A1 CLAIM 54 . The computer system of claim 46 wherein said portion (first user) of said medical records have the characteristic of non-repudiation . |
| US8869249B2 CLAIM 12 . The non-transitory computer-readable storage medium of claim 11 , further configured for : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user (service provider, said portion) authentication information and the second user (said database) authentication information are authenticated . |
US20020004727A1 CLAIM 41 . A method for integrating medical records to create a certified medical record database comprising : obtaining medical information from one or more healthcare sources for a plurality of patients ; electronically inputting all of the medical information obtained into a secure computer database to create medical records ; and certifying that each of said medical records meet one of a plurality of certification standards established by the service provider (first user) to create the certified medical record database . US20020004727A1 CLAIM 47 . The computer system of claim 46 wherein said database (second user, user device, user device access, user access) is a secure database . US20020004727A1 CLAIM 54 . The computer system of claim 46 wherein said portion (first user) of said medical records have the characteristic of non-repudiation . |
| US8869249B2 CLAIM 13 . The non-transitory computer-readable storage medium of claim 11 , wherein the second user (said database) authentication information comprises an access code . |
US20020004727A1 CLAIM 47 . The computer system of claim 46 wherein said database (second user, user device, user device access, user access) is a secure database . |
| US8869249B2 CLAIM 14 . The non-transitory computer-readable storage medium of claim 13 , wherein the access code is sent to the user via a different communication channel from which the first user (service provider, said portion) authentication information is received . |
US20020004727A1 CLAIM 41 . A method for integrating medical records to create a certified medical record database comprising : obtaining medical information from one or more healthcare sources for a plurality of patients ; electronically inputting all of the medical information obtained into a secure computer database to create medical records ; and certifying that each of said medical records meet one of a plurality of certification standards established by the service provider (first user) to create the certified medical record database . US20020004727A1 CLAIM 54 . The computer system of claim 46 wherein said portion (first user) of said medical records have the characteristic of non-repudiation . |
| US8869249B2 CLAIM 15 . A method comprising : receiving , for a user , first user (service provider, said portion) authentication information for a first authentication method ; upon authenticating the first user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device after receiving , for the user , a second user (said database) authentication information , wherein the front-end storage device is accessible to a user device (said database) for the user via a network and the back-end storage device is not directly connected to the network ; receiving , for the user , second user authentication information for a second authentication (digital signatures) method , the second authentication method being different from the first authentication method ; upon authenticating the second user authentication information , enabling , by a computing device (electronic data) , user access (said database) to the subset of data that has been moved to the front-end storage device via the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US20020004727A1 CLAIM 37 . An electronic data (computing device, computer system) base of medical records created and compiled according to the method of claim 30 . US20020004727A1 CLAIM 41 . A method for integrating medical records to create a certified medical record database comprising : obtaining medical information from one or more healthcare sources for a plurality of patients ; electronically inputting all of the medical information obtained into a secure computer database to create medical records ; and certifying that each of said medical records meet one of a plurality of certification standards established by the service provider (first user) to create the certified medical record database . US20020004727A1 CLAIM 47 . The computer system of claim 46 wherein said database (second user, user device, user device access, user access) is a secure database . US20020004727A1 CLAIM 53 . The computer system of claim 46 wherein said authorization means comprises public key encryption , digital signatures (second authentication) , biometrics , certificate authorities , or user passwords . US20020004727A1 CLAIM 54 . The computer system of claim 46 wherein said portion (first user) of said medical records have the characteristic of non-repudiation . |
| US8869249B2 CLAIM 16 . The method of claim 15 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user (service provider, said portion) authentication information and the second user (said database) authentication information are authenticated . |
US20020004727A1 CLAIM 41 . A method for integrating medical records to create a certified medical record database comprising : obtaining medical information from one or more healthcare sources for a plurality of patients ; electronically inputting all of the medical information obtained into a secure computer database to create medical records ; and certifying that each of said medical records meet one of a plurality of certification standards established by the service provider (first user) to create the certified medical record database . US20020004727A1 CLAIM 47 . The computer system of claim 46 wherein said database (second user, user device, user device access, user access) is a secure database . US20020004727A1 CLAIM 54 . The computer system of claim 46 wherein said portion (first user) of said medical records have the characteristic of non-repudiation . |
| US8869249B2 CLAIM 18 . The method of claim 15 , wherein the second user (said database) authentication information comprises an access code . |
US20020004727A1 CLAIM 47 . The computer system of claim 46 wherein said database (second user, user device, user device access, user access) is a secure database . |
| US8869249B2 CLAIM 19 . The method of claim 18 , further comprising sending the access code to the user upon receiving the first user (service provider, said portion) authentication information . |
US20020004727A1 CLAIM 41 . A method for integrating medical records to create a certified medical record database comprising : obtaining medical information from one or more healthcare sources for a plurality of patients ; electronically inputting all of the medical information obtained into a secure computer database to create medical records ; and certifying that each of said medical records meet one of a plurality of certification standards established by the service provider (first user) to create the certified medical record database . US20020004727A1 CLAIM 54 . The computer system of claim 46 wherein said portion (first user) of said medical records have the characteristic of non-repudiation . |
| US8869249B2 CLAIM 20 . The method of claim 19 , wherein the access code is sent to the user via a different communication channel from which the first user (service provider, said portion) authentication information is received . |
US20020004727A1 CLAIM 41 . A method for integrating medical records to create a certified medical record database comprising : obtaining medical information from one or more healthcare sources for a plurality of patients ; electronically inputting all of the medical information obtained into a secure computer database to create medical records ; and certifying that each of said medical records meet one of a plurality of certification standards established by the service provider (first user) to create the certified medical record database . US20020004727A1 CLAIM 54 . The computer system of claim 46 wherein said portion (first user) of said medical records have the characteristic of non-repudiation . |
| US8869249B2 Filed: 2002-01-18 Issued: 2014-10-21 Protecting information on a computer system using multiple authentication methods (Original Assignee) PeopleChart Corp (Current Assignee) PeopleChart Corp R. David Holvey, Arthur Douglas Jopling | US6076167A Filed: 1997-08-11 Issued: 2000-06-13 Method and system for improving security in network applications (Original Assignee) DEW Engineering and Development ULC (Current Assignee) ActivCard Ireland Ltd Stephen J. Borza |
|---|---|
| US8869249B2 CLAIM 1 . A method comprising : receiving , for a user , first user authentication information for a first authentication (biometric input) method ; receiving , for the user , second user authentication information for a second authentication (false acceptance) method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving , by a computing device , a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access (predetermined limit) to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US6076167A CLAIM 3 . A method of enhancing network security comprising the steps of (a) initiating a communication session between a first computer and a second other computer ; (b) transmitting from the first computer to the second other computer in communication therewith a process for characterising user authorisation information comprising a non reversible transformation of the information ; (c) characterising user authorisation information received at the second other computer to produce data using the process for characterising user authorisation information ; (d) transmitting the data to the first computer ; and (e) comparing the data received by the first computer to information on the first computer to determine a value and when the value is within predetermined limit (user device access, user access) s performing one of identifying a source of the authorisation information and authorising access from the second other computer to information secured by the first computer , wherein the user authorisation information is biometric information . US6076167A CLAIM 6 . A method of enhancing network security as defined in claim 3 wherein the user authorisation information is biometric information comprising the steps of providing a biometric information sample to a biometric input (first authentication) device in communication with the second other computer ; providing data indicative of a biometric information source of the biometric information sample ; providing data indicative of a user identity ; transmitting to the first computer the data indicative of a user identity and the biometric information source ; selecting a process from a plurality of processes associated with one of a plurality of templates associated with the identified biometric information source of the identified individual ; and wherein the step of (e) performing one of identifying a source of the biometric information and authorising access from the second other computer to information secured by the first computer comprises the step of determining within predetermined level of security whether the biometric information provided is from a same individual as that identified . US6076167A CLAIM 13 . A method of enhancing network security as defined in claim 9 comprising the steps of : (c2) providing a second biometric information sample from a second other biometric information source to the second other computer using a biometric input device ; (d2) characterising the second biometric information sample provided to the second other computer according to the process transmitted from the first computer to produce second data ; (e2) transmitting the second data to the first computer ; and wherein the step of (f) comparing the data received by the first computer during the session to information on the first computer to determine with a predetermined level of security an identification of an individual by whom the biometric information sample was provided comprises the steps of : registering data and a template to determine a registration value ; registering second data and a second template to determine a second registration value ; determining if a point in a multidimensional space and having co-ordinates corresponding substantially to the registration value and the second registration value falls within a multi-dimensional range determined in dependence upon a predetermined false acceptance (second authentication, second authentication method) rate . |
| US8869249B2 CLAIM 5 . The method of claim 1 , wherein : the network comprises an external network (signal indicative, produce data) , and the back-end server is only accessible via the front-end server from an internal network . |
US6076167A CLAIM 3 . A method of enhancing network security comprising the steps of (a) initiating a communication session between a first computer and a second other computer ; (b) transmitting from the first computer to the second other computer in communication therewith a process for characterising user authorisation information comprising a non reversible transformation of the information ; (c) characterising user authorisation information received at the second other computer to produce data (external network) using the process for characterising user authorisation information ; (d) transmitting the data to the first computer ; and (e) comparing the data received by the first computer to information on the first computer to determine a value and when the value is within predetermined limits performing one of identifying a source of the authorisation information and authorising access from the second other computer to information secured by the first computer , wherein the user authorisation information is biometric information . US6076167A CLAIM 15 . A method of enhancing network security comprising the steps of (a) initiating a communication session between a first computer and a second other computer ; (b) transmitting from the first computer to the second other computer in communication therewith a process for execution on the second other computer for characterising biometric information , the process comprising the steps of : accepting a first biometric information sample from a biometric source of the individual to a biometric input device in communication with a host processor , and using the processor of the second other computer , characterising the biometric information sample ; (c) executing the process on the second other computer ; (d) transmitting the characterised first biometric information to the first computer ; (e) using the processor of the first computer , registering the characterised first biometric information sample with a first template to produce a first registration value ; (f) when the first registration value is within predetermined limits , identifying the individual ; and , (g) when the first registration value is within other predetermined limits , transmitting a signal indicative (external network) of such to the second other computer and performing the steps of : (g1) executing the process on the second other computer with another different biometric information source , (g2) transmitting the characterised first biometric information to the first computer , (g3) using the processor of the first computer , registering the current biometric information sample with a template to produce a current registration value , (g4) when the first registration value and the current registration value are within predetermined limits , identifying the individual , and (g5) when the first registration value and the current registration value are within second other predetermined limits , repeating step (g) . |
| US8869249B2 CLAIM 6 . The method of claim 5 , wherein : the external network (signal indicative, produce data) includes the Internet , and the internal network is not directly accessible from any access point connected to the external network . |
US6076167A CLAIM 3 . A method of enhancing network security comprising the steps of (a) initiating a communication session between a first computer and a second other computer ; (b) transmitting from the first computer to the second other computer in communication therewith a process for characterising user authorisation information comprising a non reversible transformation of the information ; (c) characterising user authorisation information received at the second other computer to produce data (external network) using the process for characterising user authorisation information ; (d) transmitting the data to the first computer ; and (e) comparing the data received by the first computer to information on the first computer to determine a value and when the value is within predetermined limits performing one of identifying a source of the authorisation information and authorising access from the second other computer to information secured by the first computer , wherein the user authorisation information is biometric information . US6076167A CLAIM 15 . A method of enhancing network security comprising the steps of (a) initiating a communication session between a first computer and a second other computer ; (b) transmitting from the first computer to the second other computer in communication therewith a process for execution on the second other computer for characterising biometric information , the process comprising the steps of : accepting a first biometric information sample from a biometric source of the individual to a biometric input device in communication with a host processor , and using the processor of the second other computer , characterising the biometric information sample ; (c) executing the process on the second other computer ; (d) transmitting the characterised first biometric information to the first computer ; (e) using the processor of the first computer , registering the characterised first biometric information sample with a first template to produce a first registration value ; (f) when the first registration value is within predetermined limits , identifying the individual ; and , (g) when the first registration value is within other predetermined limits , transmitting a signal indicative (external network) of such to the second other computer and performing the steps of : (g1) executing the process on the second other computer with another different biometric information source , (g2) transmitting the characterised first biometric information to the first computer , (g3) using the processor of the first computer , registering the current biometric information sample with a template to produce a current registration value , (g4) when the first registration value and the current registration value are within predetermined limits , identifying the individual , and (g5) when the first registration value and the current registration value are within second other predetermined limits , repeating step (g) . |
| US8869249B2 CLAIM 11 . A non-transitory computer-readable storage medium containing instructions for controlling a computer system to be configured for : receiving , for a user , first user authentication information for a first authentication (biometric input) method ; receiving , for the user , second user authentication information for a second authentication (false acceptance) method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access (predetermined limit) to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing system , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US6076167A CLAIM 3 . A method of enhancing network security comprising the steps of (a) initiating a communication session between a first computer and a second other computer ; (b) transmitting from the first computer to the second other computer in communication therewith a process for characterising user authorisation information comprising a non reversible transformation of the information ; (c) characterising user authorisation information received at the second other computer to produce data using the process for characterising user authorisation information ; (d) transmitting the data to the first computer ; and (e) comparing the data received by the first computer to information on the first computer to determine a value and when the value is within predetermined limit (user device access, user access) s performing one of identifying a source of the authorisation information and authorising access from the second other computer to information secured by the first computer , wherein the user authorisation information is biometric information . US6076167A CLAIM 6 . A method of enhancing network security as defined in claim 3 wherein the user authorisation information is biometric information comprising the steps of providing a biometric information sample to a biometric input (first authentication) device in communication with the second other computer ; providing data indicative of a biometric information source of the biometric information sample ; providing data indicative of a user identity ; transmitting to the first computer the data indicative of a user identity and the biometric information source ; selecting a process from a plurality of processes associated with one of a plurality of templates associated with the identified biometric information source of the identified individual ; and wherein the step of (e) performing one of identifying a source of the biometric information and authorising access from the second other computer to information secured by the first computer comprises the step of determining within predetermined level of security whether the biometric information provided is from a same individual as that identified . US6076167A CLAIM 13 . A method of enhancing network security as defined in claim 9 comprising the steps of : (c2) providing a second biometric information sample from a second other biometric information source to the second other computer using a biometric input device ; (d2) characterising the second biometric information sample provided to the second other computer according to the process transmitted from the first computer to produce second data ; (e2) transmitting the second data to the first computer ; and wherein the step of (f) comparing the data received by the first computer during the session to information on the first computer to determine with a predetermined level of security an identification of an individual by whom the biometric information sample was provided comprises the steps of : registering data and a template to determine a registration value ; registering second data and a second template to determine a second registration value ; determining if a point in a multidimensional space and having co-ordinates corresponding substantially to the registration value and the second registration value falls within a multi-dimensional range determined in dependence upon a predetermined false acceptance (second authentication, second authentication method) rate . |
| US8869249B2 CLAIM 15 . A method comprising : receiving , for a user , first user authentication information for a first authentication (biometric input) method ; upon authenticating the first user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device after receiving , for the user , a second user authentication information , wherein the front-end storage device is accessible to a user device for the user via a network and the back-end storage device is not directly connected to the network ; receiving , for the user , second user authentication information for a second authentication (false acceptance) method , the second authentication method being different from the first authentication method ; upon authenticating the second user authentication information , enabling , by a computing device , user access (predetermined limit) to the subset of data that has been moved to the front-end storage device via the network ; and allowing the user device access (predetermined limit) to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US6076167A CLAIM 3 . A method of enhancing network security comprising the steps of (a) initiating a communication session between a first computer and a second other computer ; (b) transmitting from the first computer to the second other computer in communication therewith a process for characterising user authorisation information comprising a non reversible transformation of the information ; (c) characterising user authorisation information received at the second other computer to produce data using the process for characterising user authorisation information ; (d) transmitting the data to the first computer ; and (e) comparing the data received by the first computer to information on the first computer to determine a value and when the value is within predetermined limit (user device access, user access) s performing one of identifying a source of the authorisation information and authorising access from the second other computer to information secured by the first computer , wherein the user authorisation information is biometric information . US6076167A CLAIM 6 . A method of enhancing network security as defined in claim 3 wherein the user authorisation information is biometric information comprising the steps of providing a biometric information sample to a biometric input (first authentication) device in communication with the second other computer ; providing data indicative of a biometric information source of the biometric information sample ; providing data indicative of a user identity ; transmitting to the first computer the data indicative of a user identity and the biometric information source ; selecting a process from a plurality of processes associated with one of a plurality of templates associated with the identified biometric information source of the identified individual ; and wherein the step of (e) performing one of identifying a source of the biometric information and authorising access from the second other computer to information secured by the first computer comprises the step of determining within predetermined level of security whether the biometric information provided is from a same individual as that identified . US6076167A CLAIM 13 . A method of enhancing network security as defined in claim 9 comprising the steps of : (c2) providing a second biometric information sample from a second other biometric information source to the second other computer using a biometric input device ; (d2) characterising the second biometric information sample provided to the second other computer according to the process transmitted from the first computer to produce second data ; (e2) transmitting the second data to the first computer ; and wherein the step of (f) comparing the data received by the first computer during the session to information on the first computer to determine with a predetermined level of security an identification of an individual by whom the biometric information sample was provided comprises the steps of : registering data and a template to determine a registration value ; registering second data and a second template to determine a second registration value ; determining if a point in a multidimensional space and having co-ordinates corresponding substantially to the registration value and the second registration value falls within a multi-dimensional range determined in dependence upon a predetermined false acceptance (second authentication, second authentication method) rate . |
| US8869249B2 CLAIM 17 . The method of claim 15 , wherein : the network comprises an external network (signal indicative, produce data) , and the back-end server is only accessible via the front-end server from an internal network . |
US6076167A CLAIM 3 . A method of enhancing network security comprising the steps of (a) initiating a communication session between a first computer and a second other computer ; (b) transmitting from the first computer to the second other computer in communication therewith a process for characterising user authorisation information comprising a non reversible transformation of the information ; (c) characterising user authorisation information received at the second other computer to produce data (external network) using the process for characterising user authorisation information ; (d) transmitting the data to the first computer ; and (e) comparing the data received by the first computer to information on the first computer to determine a value and when the value is within predetermined limits performing one of identifying a source of the authorisation information and authorising access from the second other computer to information secured by the first computer , wherein the user authorisation information is biometric information . US6076167A CLAIM 15 . A method of enhancing network security comprising the steps of (a) initiating a communication session between a first computer and a second other computer ; (b) transmitting from the first computer to the second other computer in communication therewith a process for execution on the second other computer for characterising biometric information , the process comprising the steps of : accepting a first biometric information sample from a biometric source of the individual to a biometric input device in communication with a host processor , and using the processor of the second other computer , characterising the biometric information sample ; (c) executing the process on the second other computer ; (d) transmitting the characterised first biometric information to the first computer ; (e) using the processor of the first computer , registering the characterised first biometric information sample with a first template to produce a first registration value ; (f) when the first registration value is within predetermined limits , identifying the individual ; and , (g) when the first registration value is within other predetermined limits , transmitting a signal indicative (external network) of such to the second other computer and performing the steps of : (g1) executing the process on the second other computer with another different biometric information source , (g2) transmitting the characterised first biometric information to the first computer , (g3) using the processor of the first computer , registering the current biometric information sample with a template to produce a current registration value , (g4) when the first registration value and the current registration value are within predetermined limits , identifying the individual , and (g5) when the first registration value and the current registration value are within second other predetermined limits , repeating step (g) . |
| US8869249B2 Filed: 2002-01-18 Issued: 2014-10-21 Protecting information on a computer system using multiple authentication methods (Original Assignee) PeopleChart Corp (Current Assignee) PeopleChart Corp R. David Holvey, Arthur Douglas Jopling | US20010031066A1 Filed: 2001-01-24 Issued: 2001-10-18 Connected audio and other media objects (Original Assignee) Digimarc Corp (Current Assignee) Digimarc Corp Joel Meyer, Geoffrey Rhoads |
|---|---|
| US8869249B2 CLAIM 1 . A method comprising : receiving , for a user , first user authentication information for a first authentication method ; receiving , for the user , second user authentication information for a second authentication (reference number) method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving , by a computing device , a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device (user device) for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US20010031066A1 CLAIM 9 . The apparatus according to claim 7 , wherein the identifier comprises a reference number (second authentication, second authentication method) . US20010031066A1 CLAIM 21 . The method according to claim 15 , wherein the user is identified by identifying a user device (user device) in communication with the system . |
| US8869249B2 CLAIM 11 . A non-transitory computer-readable storage medium containing instructions for controlling a computer system to be configured for : receiving , for a user , first user authentication information for a first authentication method ; receiving , for the user , second user authentication information for a second authentication (reference number) method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device (user device) for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing system , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US20010031066A1 CLAIM 9 . The apparatus according to claim 7 , wherein the identifier comprises a reference number (second authentication, second authentication method) . US20010031066A1 CLAIM 21 . The method according to claim 15 , wherein the user is identified by identifying a user device (user device) in communication with the system . |
| US8869249B2 CLAIM 15 . A method comprising : receiving , for a user , first user authentication information for a first authentication method ; upon authenticating the first user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device after receiving , for the user , a second user authentication information , wherein the front-end storage device is accessible to a user device (user device) for the user via a network and the back-end storage device is not directly connected to the network ; receiving , for the user , second user authentication information for a second authentication (reference number) method , the second authentication method being different from the first authentication method ; upon authenticating the second user authentication information , enabling , by a computing device , user access to the subset of data that has been moved to the front-end storage device via the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US20010031066A1 CLAIM 9 . The apparatus according to claim 7 , wherein the identifier comprises a reference number (second authentication, second authentication method) . US20010031066A1 CLAIM 21 . The method according to claim 15 , wherein the user is identified by identifying a user device (user device) in communication with the system . |
| US8869249B2 Filed: 2002-01-18 Issued: 2014-10-21 Protecting information on a computer system using multiple authentication methods (Original Assignee) PeopleChart Corp (Current Assignee) PeopleChart Corp R. David Holvey, Arthur Douglas Jopling | US20010032100A1 Filed: 2000-12-22 Issued: 2001-10-18 Dynamic remotely accessible medical record (Original Assignee) American Telecare Inc (Current Assignee) American Telecare Inc Khalid Mahmud, C. Abbruscato |
|---|---|
| US8869249B2 CLAIM 1 . A method comprising : receiving , for a user , first user authentication information for a first authentication method ; receiving , for the user , second user (audio capture) authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving , by a computing device , a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device (medical staff) for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US20010032100A1 CLAIM 3 . The dynamic remotely accessible medical record system of claim 1 , wherein the one or more users includes patients , physicians , nurses and medical staff (user device) . US20010032100A1 CLAIM 13 . The dynamic remotely accessible medical record system of claim 12 , wherein the data entry device is a keyboard or an audio capture (second user, second user authentication information) system . |
| US8869249B2 CLAIM 3 . The method of claim 1 , wherein the period of time starts upon authenticating the second user (audio capture) authentication information as long as the second user authentication information is authenticated within a prescheduled period of time . |
US20010032100A1 CLAIM 13 . The dynamic remotely accessible medical record system of claim 12 , wherein the data entry device is a keyboard or an audio capture (second user, second user authentication information) system . |
| US8869249B2 CLAIM 4 . The method of claim 1 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user authentication information and the second user (audio capture) authentication information are authenticated . |
US20010032100A1 CLAIM 13 . The dynamic remotely accessible medical record system of claim 12 , wherein the data entry device is a keyboard or an audio capture (second user, second user authentication information) system . |
| US8869249B2 CLAIM 7 . The method of claim 1 , wherein the second user (audio capture) authentication information comprises an access code . |
US20010032100A1 CLAIM 13 . The dynamic remotely accessible medical record system of claim 12 , wherein the data entry device is a keyboard or an audio capture (second user, second user authentication information) system . |
| US8869249B2 CLAIM 11 . A non-transitory computer-readable storage medium containing instructions for controlling a computer system to be configured for : receiving , for a user , first user authentication information for a first authentication method ; receiving , for the user , second user (audio capture) authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device (medical staff) for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing system , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US20010032100A1 CLAIM 3 . The dynamic remotely accessible medical record system of claim 1 , wherein the one or more users includes patients , physicians , nurses and medical staff (user device) . US20010032100A1 CLAIM 13 . The dynamic remotely accessible medical record system of claim 12 , wherein the data entry device is a keyboard or an audio capture (second user, second user authentication information) system . |
| US8869249B2 CLAIM 12 . The non-transitory computer-readable storage medium of claim 11 , further configured for : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user authentication information and the second user (audio capture) authentication information are authenticated . |
US20010032100A1 CLAIM 13 . The dynamic remotely accessible medical record system of claim 12 , wherein the data entry device is a keyboard or an audio capture (second user, second user authentication information) system . |
| US8869249B2 CLAIM 13 . The non-transitory computer-readable storage medium of claim 11 , wherein the second user (audio capture) authentication information comprises an access code . |
US20010032100A1 CLAIM 13 . The dynamic remotely accessible medical record system of claim 12 , wherein the data entry device is a keyboard or an audio capture (second user, second user authentication information) system . |
| US8869249B2 CLAIM 15 . A method comprising : receiving , for a user , first user authentication information for a first authentication method ; upon authenticating the first user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device after receiving , for the user , a second user (audio capture) authentication information , wherein the front-end storage device is accessible to a user device (medical staff) for the user via a network and the back-end storage device is not directly connected to the network ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the second user authentication information , enabling , by a computing device , user access to the subset of data that has been moved to the front-end storage device via the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US20010032100A1 CLAIM 3 . The dynamic remotely accessible medical record system of claim 1 , wherein the one or more users includes patients , physicians , nurses and medical staff (user device) . US20010032100A1 CLAIM 13 . The dynamic remotely accessible medical record system of claim 12 , wherein the data entry device is a keyboard or an audio capture (second user, second user authentication information) system . |
| US8869249B2 CLAIM 16 . The method of claim 15 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user authentication information and the second user (audio capture) authentication information are authenticated . |
US20010032100A1 CLAIM 13 . The dynamic remotely accessible medical record system of claim 12 , wherein the data entry device is a keyboard or an audio capture (second user, second user authentication information) system . |
| US8869249B2 CLAIM 18 . The method of claim 15 , wherein the second user (audio capture) authentication information comprises an access code . |
US20010032100A1 CLAIM 13 . The dynamic remotely accessible medical record system of claim 12 , wherein the data entry device is a keyboard or an audio capture (second user, second user authentication information) system . |
| US8869249B2 Filed: 2002-01-18 Issued: 2014-10-21 Protecting information on a computer system using multiple authentication methods (Original Assignee) PeopleChart Corp (Current Assignee) PeopleChart Corp R. David Holvey, Arthur Douglas Jopling | WO9960483A1 Filed: 1999-05-20 Issued: 1999-11-25 System and method for authentication of network users (Original Assignee) Equifax Inc. Jennifer French, Jone Wilder |
|---|---|
| US8869249B2 CLAIM 1 . A method comprising : receiving , for a user , first user authentication information for a first authentication (first authentication, biometric input, receiving input) method ; receiving , for the user , second user authentication information for a second authentication (second authentication) method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving , by a computing device , a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device (input interface) for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
WO9960483A1 CLAIM 1 . A method of authenticating a network user , comprising : a) performing a first authentication (first authentication) step based on a first type of information ; and b) performing at least a second authentication (second authentication) step based on a second type of information other than the first type of information . WO9960483A1 CLAIM 14 . The method of claim 1 , further comprising (d) receiving biometric input (first authentication) from the user . WO9960483A1 CLAIM 20 . A system for authenticating a network user , comprising : an input interface (user device) for receiving input (first authentication) from the user ; and a processor , connected to the input interface and configured to : perform a first authentication based on a first type of information ; and perform at least a second authentication based on a second type of information other than the first type of information . |
| US8869249B2 CLAIM 11 . A non-transitory computer-readable storage medium containing instructions for controlling a computer system to be configured for : receiving , for a user , first user authentication information for a first authentication (first authentication, biometric input, receiving input) method ; receiving , for the user , second user authentication information for a second authentication (second authentication) method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device (input interface) for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing system , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
WO9960483A1 CLAIM 1 . A method of authenticating a network user , comprising : a) performing a first authentication (first authentication) step based on a first type of information ; and b) performing at least a second authentication (second authentication) step based on a second type of information other than the first type of information . WO9960483A1 CLAIM 14 . The method of claim 1 , further comprising (d) receiving biometric input (first authentication) from the user . WO9960483A1 CLAIM 20 . A system for authenticating a network user , comprising : an input interface (user device) for receiving input (first authentication) from the user ; and a processor , connected to the input interface and configured to : perform a first authentication based on a first type of information ; and perform at least a second authentication based on a second type of information other than the first type of information . |
| US8869249B2 CLAIM 15 . A method comprising : receiving , for a user , first user authentication information for a first authentication (first authentication, biometric input, receiving input) method ; upon authenticating the first user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device after receiving , for the user , a second user authentication information , wherein the front-end storage device is accessible to a user device (input interface) for the user via a network and the back-end storage device is not directly connected to the network ; receiving , for the user , second user authentication information for a second authentication (second authentication) method , the second authentication method being different from the first authentication method ; upon authenticating the second user authentication information , enabling , by a computing device , user access to the subset of data that has been moved to the front-end storage device via the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
WO9960483A1 CLAIM 1 . A method of authenticating a network user , comprising : a) performing a first authentication (first authentication) step based on a first type of information ; and b) performing at least a second authentication (second authentication) step based on a second type of information other than the first type of information . WO9960483A1 CLAIM 14 . The method of claim 1 , further comprising (d) receiving biometric input (first authentication) from the user . WO9960483A1 CLAIM 20 . A system for authenticating a network user , comprising : an input interface (user device) for receiving input (first authentication) from the user ; and a processor , connected to the input interface and configured to : perform a first authentication based on a first type of information ; and perform at least a second authentication based on a second type of information other than the first type of information . |
| US8869249B2 Filed: 2002-01-18 Issued: 2014-10-21 Protecting information on a computer system using multiple authentication methods (Original Assignee) PeopleChart Corp (Current Assignee) PeopleChart Corp R. David Holvey, Arthur Douglas Jopling | WO9962037A1 Filed: 1999-05-20 Issued: 1999-12-02 Terminal et systeme pour la mise en oeuvre de transactions electroniques securisees (Original Assignee) Activcard Yves Louis Gabriel Audebert |
|---|---|
| US8869249B2 CLAIM 1 . A method comprising : receiving , for a user , first user authentication information for a first authentication method ; receiving , for the user , second user (said server) authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving , by a computing device , a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
WO9962037A1 CLAIM 38 . Système selon la revendication 37 , caractérisé en ce qu' ; il comprend une pluralité de terminaux (1 , 31 ; 101 , 131) , au moins un serveur (S) constituant ladite unité électronique , et des moyens (CR) de transmission de données numériques entre ledit serveur (S) et lesdits terminaux . 38 . System according to claim 37 , characterized in that it comprises a plurality of terminals (1 , 31 ; 101 , 131) , at least one server (S) constituting said electronic unit , and means (CR) for transmitting digital data between said server (second user) (S) and said terminals . |
| US8869249B2 CLAIM 3 . The method of claim 1 , wherein the period of time starts upon authenticating the second user (said server) authentication information as long as the second user authentication information is authenticated within a prescheduled period of time . |
WO9962037A1 CLAIM 38 . Système selon la revendication 37 , caractérisé en ce qu' ; il comprend une pluralité de terminaux (1 , 31 ; 101 , 131) , au moins un serveur (S) constituant ladite unité électronique , et des moyens (CR) de transmission de données numériques entre ledit serveur (S) et lesdits terminaux . 38 . System according to claim 37 , characterized in that it comprises a plurality of terminals (1 , 31 ; 101 , 131) , at least one server (S) constituting said electronic unit , and means (CR) for transmitting digital data between said server (second user) (S) and said terminals . |
| US8869249B2 CLAIM 4 . The method of claim 1 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user authentication information and the second user (said server) authentication information are authenticated . |
WO9962037A1 CLAIM 38 . Système selon la revendication 37 , caractérisé en ce qu' ; il comprend une pluralité de terminaux (1 , 31 ; 101 , 131) , au moins un serveur (S) constituant ladite unité électronique , et des moyens (CR) de transmission de données numériques entre ledit serveur (S) et lesdits terminaux . 38 . System according to claim 37 , characterized in that it comprises a plurality of terminals (1 , 31 ; 101 , 131) , at least one server (S) constituting said electronic unit , and means (CR) for transmitting digital data between said server (second user) (S) and said terminals . |
| US8869249B2 CLAIM 7 . The method of claim 1 , wherein the second user (said server) authentication information comprises an access code . |
WO9962037A1 CLAIM 38 . Système selon la revendication 37 , caractérisé en ce qu' ; il comprend une pluralité de terminaux (1 , 31 ; 101 , 131) , au moins un serveur (S) constituant ladite unité électronique , et des moyens (CR) de transmission de données numériques entre ledit serveur (S) et lesdits terminaux . 38 . System according to claim 37 , characterized in that it comprises a plurality of terminals (1 , 31 ; 101 , 131) , at least one server (S) constituting said electronic unit , and means (CR) for transmitting digital data between said server (second user) (S) and said terminals . |
| US8869249B2 CLAIM 11 . A non-transitory computer-readable storage medium containing instructions for controlling a computer system to be configured for : receiving , for a user , first user authentication information for a first authentication method ; receiving , for the user , second user (said server) authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing system , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
WO9962037A1 CLAIM 38 . Système selon la revendication 37 , caractérisé en ce qu' ; il comprend une pluralité de terminaux (1 , 31 ; 101 , 131) , au moins un serveur (S) constituant ladite unité électronique , et des moyens (CR) de transmission de données numériques entre ledit serveur (S) et lesdits terminaux . 38 . System according to claim 37 , characterized in that it comprises a plurality of terminals (1 , 31 ; 101 , 131) , at least one server (S) constituting said electronic unit , and means (CR) for transmitting digital data between said server (second user) (S) and said terminals . |
| US8869249B2 CLAIM 12 . The non-transitory computer-readable storage medium of claim 11 , further configured for : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user authentication information and the second user (said server) authentication information are authenticated . |
WO9962037A1 CLAIM 38 . Système selon la revendication 37 , caractérisé en ce qu' ; il comprend une pluralité de terminaux (1 , 31 ; 101 , 131) , au moins un serveur (S) constituant ladite unité électronique , et des moyens (CR) de transmission de données numériques entre ledit serveur (S) et lesdits terminaux . 38 . System according to claim 37 , characterized in that it comprises a plurality of terminals (1 , 31 ; 101 , 131) , at least one server (S) constituting said electronic unit , and means (CR) for transmitting digital data between said server (second user) (S) and said terminals . |
| US8869249B2 CLAIM 13 . The non-transitory computer-readable storage medium of claim 11 , wherein the second user (said server) authentication information comprises an access code . |
WO9962037A1 CLAIM 38 . Système selon la revendication 37 , caractérisé en ce qu' ; il comprend une pluralité de terminaux (1 , 31 ; 101 , 131) , au moins un serveur (S) constituant ladite unité électronique , et des moyens (CR) de transmission de données numériques entre ledit serveur (S) et lesdits terminaux . 38 . System according to claim 37 , characterized in that it comprises a plurality of terminals (1 , 31 ; 101 , 131) , at least one server (S) constituting said electronic unit , and means (CR) for transmitting digital data between said server (second user) (S) and said terminals . |
| US8869249B2 CLAIM 15 . A method comprising : receiving , for a user , first user authentication information for a first authentication method ; upon authenticating the first user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device after receiving , for the user , a second user (said server) authentication information , wherein the front-end storage device is accessible to a user device for the user via a network and the back-end storage device is not directly connected to the network ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the second user authentication information , enabling , by a computing device , user access to the subset of data that has been moved to the front-end storage device via the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
WO9962037A1 CLAIM 38 . Système selon la revendication 37 , caractérisé en ce qu' ; il comprend une pluralité de terminaux (1 , 31 ; 101 , 131) , au moins un serveur (S) constituant ladite unité électronique , et des moyens (CR) de transmission de données numériques entre ledit serveur (S) et lesdits terminaux . 38 . System according to claim 37 , characterized in that it comprises a plurality of terminals (1 , 31 ; 101 , 131) , at least one server (S) constituting said electronic unit , and means (CR) for transmitting digital data between said server (second user) (S) and said terminals . |
| US8869249B2 CLAIM 16 . The method of claim 15 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user authentication information and the second user (said server) authentication information are authenticated . |
WO9962037A1 CLAIM 38 . Système selon la revendication 37 , caractérisé en ce qu' ; il comprend une pluralité de terminaux (1 , 31 ; 101 , 131) , au moins un serveur (S) constituant ladite unité électronique , et des moyens (CR) de transmission de données numériques entre ledit serveur (S) et lesdits terminaux . 38 . System according to claim 37 , characterized in that it comprises a plurality of terminals (1 , 31 ; 101 , 131) , at least one server (S) constituting said electronic unit , and means (CR) for transmitting digital data between said server (second user) (S) and said terminals . |
| US8869249B2 CLAIM 18 . The method of claim 15 , wherein the second user (said server) authentication information comprises an access code . |
WO9962037A1 CLAIM 38 . Système selon la revendication 37 , caractérisé en ce qu' ; il comprend une pluralité de terminaux (1 , 31 ; 101 , 131) , au moins un serveur (S) constituant ladite unité électronique , et des moyens (CR) de transmission de données numériques entre ledit serveur (S) et lesdits terminaux . 38 . System according to claim 37 , characterized in that it comprises a plurality of terminals (1 , 31 ; 101 , 131) , at least one server (S) constituting said electronic unit , and means (CR) for transmitting digital data between said server (second user) (S) and said terminals . |
| US8869249B2 Filed: 2002-01-18 Issued: 2014-10-21 Protecting information on a computer system using multiple authentication methods (Original Assignee) PeopleChart Corp (Current Assignee) PeopleChart Corp R. David Holvey, Arthur Douglas Jopling | US6161139A Filed: 1999-02-12 Issued: 2000-12-12 Administrative roles that govern access to administrative functions (Original Assignee) Encommerce Inc (Current Assignee) Entrust Ltd Teresa Win, Emilio Belmonte |
|---|---|
| US8869249B2 CLAIM 1 . A method comprising : receiving , for a user , first user (first user, two users) authentication information for a first authentication method ; receiving , for the user , second user (second user) authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving , by a computing device , a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US6161139A CLAIM 4 . The method recited in claim 1 , further comprising the step of : storing information that associates one or more of the administrative roles with a plurality of users for the access control computer system , wherein the plurality of users includes at least two users (first user) that administer the access control computer system from at least two computers that are connected to separate local area networks . US6161139A CLAIM 5 . The method recited in claim 1 , further comprising the steps of : storing information that associates a first set of roles with a first administration role ; receiving a request from a first user (first user) to associate a second user (second user) with a particular role of the first set of roles ; and storing information associating the particular role with the second user only when the first user is associated with the first administration role . |
| US8869249B2 CLAIM 3 . The method of claim 1 , wherein the period of time starts upon authenticating the second user (second user) authentication information as long as the second user authentication information is authenticated within a prescheduled period of time . |
US6161139A CLAIM 5 . The method recited in claim 1 , further comprising the steps of : storing information that associates a first set of roles with a first administration role ; receiving a request from a first user to associate a second user (second user) with a particular role of the first set of roles ; and storing information associating the particular role with the second user only when the first user is associated with the first administration role . |
| US8869249B2 CLAIM 4 . The method of claim 1 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user (first user, two users) authentication information and the second user (second user) authentication information are authenticated . |
US6161139A CLAIM 4 . The method recited in claim 1 , further comprising the step of : storing information that associates one or more of the administrative roles with a plurality of users for the access control computer system , wherein the plurality of users includes at least two users (first user) that administer the access control computer system from at least two computers that are connected to separate local area networks . US6161139A CLAIM 5 . The method recited in claim 1 , further comprising the steps of : storing information that associates a first set of roles with a first administration role ; receiving a request from a first user (first user) to associate a second user (second user) with a particular role of the first set of roles ; and storing information associating the particular role with the second user only when the first user is associated with the first administration role . |
| US8869249B2 CLAIM 7 . The method of claim 1 , wherein the second user (second user) authentication information comprises an access code . |
US6161139A CLAIM 5 . The method recited in claim 1 , further comprising the steps of : storing information that associates a first set of roles with a first administration role ; receiving a request from a first user to associate a second user (second user) with a particular role of the first set of roles ; and storing information associating the particular role with the second user only when the first user is associated with the first administration role . |
| US8869249B2 CLAIM 8 . The method of claim 7 , further comprising sending the access code to the user upon receiving the first user (first user, two users) authentication information . |
US6161139A CLAIM 4 . The method recited in claim 1 , further comprising the step of : storing information that associates one or more of the administrative roles with a plurality of users for the access control computer system , wherein the plurality of users includes at least two users (first user) that administer the access control computer system from at least two computers that are connected to separate local area networks . US6161139A CLAIM 5 . The method recited in claim 1 , further comprising the steps of : storing information that associates a first set of roles with a first administration role ; receiving a request from a first user (first user) to associate a second user with a particular role of the first set of roles ; and storing information associating the particular role with the second user only when the first user is associated with the first administration role . |
| US8869249B2 CLAIM 10 . The method of claim 8 , wherein the access code is sent to the user via a different communication (more processor) channel from which the first user (first user, two users) authentication information is received . |
US6161139A CLAIM 4 . The method recited in claim 1 , further comprising the step of : storing information that associates one or more of the administrative roles with a plurality of users for the access control computer system , wherein the plurality of users includes at least two users (first user) that administer the access control computer system from at least two computers that are connected to separate local area networks . US6161139A CLAIM 5 . The method recited in claim 1 , further comprising the steps of : storing information that associates a first set of roles with a first administration role ; receiving a request from a first user (first user) to associate a second user with a particular role of the first set of roles ; and storing information associating the particular role with the second user only when the first user is associated with the first administration role . US6161139A CLAIM 12 . A computer-readable medium carrying one or more sequences of one or more instructions for distributing administration functions of an access control computer system , the one or more sequences of one or more instructions including instructions which , when executed by one or more processor (different communication) s , cause the one or more processors to perform the steps of : storing information that defines one or more administrative roles , in which each of the administrative roles includes one or more administrative privileges that authorizes one or more administrative functions ; storing information that associates one or more of the administrative roles with at least one user of the access control computer ; receiving from the user a request to execute one of the administrative functions ; and executing the one of the administrative functions only when the user is associated with one of the administrative roles that includes an administrative privilege authorizing said administrative function . |
| US8869249B2 CLAIM 11 . A non-transitory computer-readable storage medium containing instructions for controlling a computer system to be configured for : receiving , for a user , first user (first user, two users) authentication information for a first authentication method ; receiving , for the user , second user (second user) authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing system , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US6161139A CLAIM 4 . The method recited in claim 1 , further comprising the step of : storing information that associates one or more of the administrative roles with a plurality of users for the access control computer system , wherein the plurality of users includes at least two users (first user) that administer the access control computer system from at least two computers that are connected to separate local area networks . US6161139A CLAIM 5 . The method recited in claim 1 , further comprising the steps of : storing information that associates a first set of roles with a first administration role ; receiving a request from a first user (first user) to associate a second user (second user) with a particular role of the first set of roles ; and storing information associating the particular role with the second user only when the first user is associated with the first administration role . |
| US8869249B2 CLAIM 12 . The non-transitory computer-readable storage medium of claim 11 , further configured for : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user (first user, two users) authentication information and the second user (second user) authentication information are authenticated . |
US6161139A CLAIM 4 . The method recited in claim 1 , further comprising the step of : storing information that associates one or more of the administrative roles with a plurality of users for the access control computer system , wherein the plurality of users includes at least two users (first user) that administer the access control computer system from at least two computers that are connected to separate local area networks . US6161139A CLAIM 5 . The method recited in claim 1 , further comprising the steps of : storing information that associates a first set of roles with a first administration role ; receiving a request from a first user (first user) to associate a second user (second user) with a particular role of the first set of roles ; and storing information associating the particular role with the second user only when the first user is associated with the first administration role . |
| US8869249B2 CLAIM 13 . The non-transitory computer-readable storage medium of claim 11 , wherein the second user (second user) authentication information comprises an access code . |
US6161139A CLAIM 5 . The method recited in claim 1 , further comprising the steps of : storing information that associates a first set of roles with a first administration role ; receiving a request from a first user to associate a second user (second user) with a particular role of the first set of roles ; and storing information associating the particular role with the second user only when the first user is associated with the first administration role . |
| US8869249B2 CLAIM 14 . The non-transitory computer-readable storage medium of claim 13 , wherein the access code is sent to the user via a different communication (more processor) channel from which the first user (first user, two users) authentication information is received . |
US6161139A CLAIM 4 . The method recited in claim 1 , further comprising the step of : storing information that associates one or more of the administrative roles with a plurality of users for the access control computer system , wherein the plurality of users includes at least two users (first user) that administer the access control computer system from at least two computers that are connected to separate local area networks . US6161139A CLAIM 5 . The method recited in claim 1 , further comprising the steps of : storing information that associates a first set of roles with a first administration role ; receiving a request from a first user (first user) to associate a second user with a particular role of the first set of roles ; and storing information associating the particular role with the second user only when the first user is associated with the first administration role . US6161139A CLAIM 12 . A computer-readable medium carrying one or more sequences of one or more instructions for distributing administration functions of an access control computer system , the one or more sequences of one or more instructions including instructions which , when executed by one or more processor (different communication) s , cause the one or more processors to perform the steps of : storing information that defines one or more administrative roles , in which each of the administrative roles includes one or more administrative privileges that authorizes one or more administrative functions ; storing information that associates one or more of the administrative roles with at least one user of the access control computer ; receiving from the user a request to execute one of the administrative functions ; and executing the one of the administrative functions only when the user is associated with one of the administrative roles that includes an administrative privilege authorizing said administrative function . |
| US8869249B2 CLAIM 15 . A method comprising : receiving , for a user , first user (first user, two users) authentication information for a first authentication method ; upon authenticating the first user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device after receiving , for the user , a second user (second user) authentication information , wherein the front-end storage device is accessible to a user device for the user via a network and the back-end storage device is not directly connected to the network ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the second user authentication information , enabling , by a computing device , user access to the subset of data that has been moved to the front-end storage device via the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US6161139A CLAIM 4 . The method recited in claim 1 , further comprising the step of : storing information that associates one or more of the administrative roles with a plurality of users for the access control computer system , wherein the plurality of users includes at least two users (first user) that administer the access control computer system from at least two computers that are connected to separate local area networks . US6161139A CLAIM 5 . The method recited in claim 1 , further comprising the steps of : storing information that associates a first set of roles with a first administration role ; receiving a request from a first user (first user) to associate a second user (second user) with a particular role of the first set of roles ; and storing information associating the particular role with the second user only when the first user is associated with the first administration role . |
| US8869249B2 CLAIM 16 . The method of claim 15 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user (first user, two users) authentication information and the second user (second user) authentication information are authenticated . |
US6161139A CLAIM 4 . The method recited in claim 1 , further comprising the step of : storing information that associates one or more of the administrative roles with a plurality of users for the access control computer system , wherein the plurality of users includes at least two users (first user) that administer the access control computer system from at least two computers that are connected to separate local area networks . US6161139A CLAIM 5 . The method recited in claim 1 , further comprising the steps of : storing information that associates a first set of roles with a first administration role ; receiving a request from a first user (first user) to associate a second user (second user) with a particular role of the first set of roles ; and storing information associating the particular role with the second user only when the first user is associated with the first administration role . |
| US8869249B2 CLAIM 18 . The method of claim 15 , wherein the second user (second user) authentication information comprises an access code . |
US6161139A CLAIM 5 . The method recited in claim 1 , further comprising the steps of : storing information that associates a first set of roles with a first administration role ; receiving a request from a first user to associate a second user (second user) with a particular role of the first set of roles ; and storing information associating the particular role with the second user only when the first user is associated with the first administration role . |
| US8869249B2 CLAIM 19 . The method of claim 18 , further comprising sending the access code to the user upon receiving the first user (first user, two users) authentication information . |
US6161139A CLAIM 4 . The method recited in claim 1 , further comprising the step of : storing information that associates one or more of the administrative roles with a plurality of users for the access control computer system , wherein the plurality of users includes at least two users (first user) that administer the access control computer system from at least two computers that are connected to separate local area networks . US6161139A CLAIM 5 . The method recited in claim 1 , further comprising the steps of : storing information that associates a first set of roles with a first administration role ; receiving a request from a first user (first user) to associate a second user with a particular role of the first set of roles ; and storing information associating the particular role with the second user only when the first user is associated with the first administration role . |
| US8869249B2 CLAIM 20 . The method of claim 19 , wherein the access code is sent to the user via a different communication (more processor) channel from which the first user (first user, two users) authentication information is received . |
US6161139A CLAIM 4 . The method recited in claim 1 , further comprising the step of : storing information that associates one or more of the administrative roles with a plurality of users for the access control computer system , wherein the plurality of users includes at least two users (first user) that administer the access control computer system from at least two computers that are connected to separate local area networks . US6161139A CLAIM 5 . The method recited in claim 1 , further comprising the steps of : storing information that associates a first set of roles with a first administration role ; receiving a request from a first user (first user) to associate a second user with a particular role of the first set of roles ; and storing information associating the particular role with the second user only when the first user is associated with the first administration role . US6161139A CLAIM 12 . A computer-readable medium carrying one or more sequences of one or more instructions for distributing administration functions of an access control computer system , the one or more sequences of one or more instructions including instructions which , when executed by one or more processor (different communication) s , cause the one or more processors to perform the steps of : storing information that defines one or more administrative roles , in which each of the administrative roles includes one or more administrative privileges that authorizes one or more administrative functions ; storing information that associates one or more of the administrative roles with at least one user of the access control computer ; receiving from the user a request to execute one of the administrative functions ; and executing the one of the administrative functions only when the user is associated with one of the administrative roles that includes an administrative privilege authorizing said administrative function . |
| US8869249B2 Filed: 2002-01-18 Issued: 2014-10-21 Protecting information on a computer system using multiple authentication methods (Original Assignee) PeopleChart Corp (Current Assignee) PeopleChart Corp R. David Holvey, Arthur Douglas Jopling | US6205478B1 Filed: 1998-12-30 Issued: 2001-03-20 System for exchanging user information among users (Original Assignee) Fujitsu Ltd (Current Assignee) Fujitsu Ltd Hiroyasu Sugano, Kazuki Matsui, Jun Kakuta |
|---|---|
| US8869249B2 CLAIM 1 . A method comprising : receiving , for a user , first user authentication information for a first authentication method ; receiving , for the user , second user authentication information for a second authentication (access control information) method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving , by a computing device , a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US6205478B1 CLAIM 7 . The information management system as set forth in claim 1 wherein : the user information includes predetermined access control information (second authentication) used by said user information management means to determine access to predetermined portions the user information by said user terminals ; and said information management system further comprises access control means for controlling arrangement of said user information management means based on said access control information . |
| US8869249B2 CLAIM 11 . A non-transitory computer-readable storage medium containing instructions for controlling a computer system to be configured for : receiving , for a user , first user authentication information for a first authentication method ; receiving , for the user , second user authentication information for a second authentication (access control information) method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing system , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US6205478B1 CLAIM 7 . The information management system as set forth in claim 1 wherein : the user information includes predetermined access control information (second authentication) used by said user information management means to determine access to predetermined portions the user information by said user terminals ; and said information management system further comprises access control means for controlling arrangement of said user information management means based on said access control information . |
| US8869249B2 CLAIM 15 . A method comprising : receiving , for a user , first user authentication information for a first authentication method ; upon authenticating the first user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device after receiving , for the user , a second user authentication information , wherein the front-end storage device is accessible to a user device for the user via a network and the back-end storage device is not directly connected to the network ; receiving , for the user , second user authentication information for a second authentication (access control information) method , the second authentication method being different from the first authentication method ; upon authenticating the second user authentication information , enabling , by a computing device , user access to the subset of data that has been moved to the front-end storage device via the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US6205478B1 CLAIM 7 . The information management system as set forth in claim 1 wherein : the user information includes predetermined access control information (second authentication) used by said user information management means to determine access to predetermined portions the user information by said user terminals ; and said information management system further comprises access control means for controlling arrangement of said user information management means based on said access control information . |
| US8869249B2 Filed: 2002-01-18 Issued: 2014-10-21 Protecting information on a computer system using multiple authentication methods (Original Assignee) PeopleChart Corp (Current Assignee) PeopleChart Corp R. David Holvey, Arthur Douglas Jopling | US6308203B1 Filed: 1998-10-09 Issued: 2001-10-23 Information processing apparatus, information processing method, and transmitting medium (Original Assignee) Sony Corp (Current Assignee) Sony Corp Tatsuo Itabashi, Kimiyoshi Yoshida |
|---|---|
| US8869249B2 CLAIM 9 . The method of claim 8 , wherein the access code is sent to the user via a communication path (processing apparatus) that has been previously established . |
US6308203B1 CLAIM 1 . An information processing apparatus (communication path) connected to an information processing device of a user and an information processing device of a service provider through a network , comprising : storage means for storing personal information of a plurality of users including said user ; providing means for providing said personal information stored in said storage means to said information processing device of said service provider on behalf of said information processing device of said user when a request for transaction with said service provider is received from said information processing device of said user and a request for said personal information is received from said information processing device of said service provider ; wherein said personal information provided to said information processing device of said service provider corresponds to a personal information category received from said information processing device of said service provider for performing said transaction ; detection means for detecting a plurality of accesses made simultaneously from said user whose personal information is stored in said storage means . |
| US8869249B2 Filed: 2002-01-18 Issued: 2014-10-21 Protecting information on a computer system using multiple authentication methods (Original Assignee) PeopleChart Corp (Current Assignee) PeopleChart Corp R. David Holvey, Arthur Douglas Jopling | US6266649B1 Filed: 1998-09-18 Issued: 2001-07-24 Collaborative recommendations using item-to-item similarity mappings (Original Assignee) Amazon com Inc (Current Assignee) Amazon Technologies Inc Gregory D. Linden, Jennifer A. Jacobi, Eric A. Benson |
|---|---|
| US8869249B2 CLAIM 1 . A method comprising : receiving , for a user , first user authentication information for a first authentication method ; receiving , for the user , second user authentication information for a second authentication method (following steps) , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving , by a computing device , a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US6266649B1 CLAIM 28 . In a system for generating personalized recommendations of items from a database of items that are accessed by a community of users , a method of recommending items to users , the method comprising : in an off-line mode , for each of a plurality of first items : (a) for each of a plurality of other items of the database , generating a respective score which indicates a degree of similarity between the first item and the other item such that the score is based on at least (i) a number of users that are interested in both the first item and the other item , and (ii) a number of users that are interested in the other item ; (b) sorting the plurality of other items according to the score values generated in step (a) ; (c) truncating a list of items which results from step (b) ; and (d) storing the truncated list generated in step (c) (“similar items list”) together with corresponding scores generated in step (a) in a non-user-specific data structure for subsequent look-up ; subsequently , in response to an action performed by a user , performing the following steps (second authentication method, end storage device) substantially in real time : (e) for each of a plurality of items that are known to be of interest to the user , accessing the data structure to identify a corresponding similar items list ; (f) combining the similar items lists identified in (e) to generate a combined list of similar items , wherein combining the similar items lists comprises combining scores of like items ; and (g) recommending at least some of the items from the combined list generated in (f) to the user . |
| US8869249B2 CLAIM 10 . The method of claim 8 , wherein the access code is sent to the user via a different communication (requiring use) channel from which the first user authentication information is received . |
US6266649B1 CLAIM 25 . The system of claim 16 , wherein the system generates personal recommendations without requiring use (different communication) rs to rate items . |
| US8869249B2 CLAIM 11 . A non-transitory computer-readable storage medium containing instructions for controlling a computer system (computer system, like products) to be configured for : receiving , for a user , first user authentication information for a first authentication method ; receiving , for the user , second user authentication information for a second authentication method (following steps) , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing system , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US6266649B1 CLAIM 1 . In a multi-user computer system (computer system) that provides user access to a database of items , a method of recommending items to a user , the method comprising the computer-implemented steps of : (a) generating a non-user-specific data structure which maps individual items of the database to corresponding sets of similar items in which similarities between items are based at least upon the collective item interests of a community of users ; (b) identifying items that are known to be of interest to the user ; (c) for each of a plurality of the items identified in step (b) , accessing the data structure to identify a corresponding set of similar items ; (d) combining the sets of similar items identified in step (c) to generate a combined set of additionally similar items ; and (e) recommending at least some of the similar items of the combined set generated in step (d) to the user ; wherein step (a) is performed in an off-line mode , and steps (b)-(e) are performed substantially in real time in response to an online action by the user . US6266649B1 CLAIM 28 . In a system for generating personalized recommendations of items from a database of items that are accessed by a community of users , a method of recommending items to users , the method comprising : in an off-line mode , for each of a plurality of first items : (a) for each of a plurality of other items of the database , generating a respective score which indicates a degree of similarity between the first item and the other item such that the score is based on at least (i) a number of users that are interested in both the first item and the other item , and (ii) a number of users that are interested in the other item ; (b) sorting the plurality of other items according to the score values generated in step (a) ; (c) truncating a list of items which results from step (b) ; and (d) storing the truncated list generated in step (c) (“similar items list”) together with corresponding scores generated in step (a) in a non-user-specific data structure for subsequent look-up ; subsequently , in response to an action performed by a user , performing the following steps (second authentication method, end storage device) substantially in real time : (e) for each of a plurality of items that are known to be of interest to the user , accessing the data structure to identify a corresponding similar items list ; (f) combining the similar items lists identified in (e) to generate a combined list of similar items , wherein combining the similar items lists comprises combining scores of like items ; and (g) recommending at least some of the items from the combined list generated in (f) to the user . US6266649B1 CLAIM 45 . The method as in claim 44 , wherein combining the multiple sets comprises combining scores of like products (computer system) , so that a product' ; s ranking reflects whether or not that product appears within more than one of the multiple sets . |
| US8869249B2 CLAIM 14 . The non-transitory computer-readable storage medium of claim 13 , wherein the access code is sent to the user via a different communication (requiring use) channel from which the first user authentication information is received . |
US6266649B1 CLAIM 25 . The system of claim 16 , wherein the system generates personal recommendations without requiring use (different communication) rs to rate items . |
| US8869249B2 CLAIM 15 . A method comprising : receiving , for a user , first user authentication information for a first authentication method ; upon authenticating the first user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device after receiving , for the user , a second user authentication information , wherein the front-end storage device is accessible to a user device for the user via a network and the back-end storage device is not directly connected to the network ; receiving , for the user , second user authentication information for a second authentication method (following steps) , the second authentication method being different from the first authentication method ; upon authenticating the second user authentication information , enabling , by a computing device , user access (user access) to the subset of data that has been moved to the front-end storage device via the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US6266649B1 CLAIM 1 . In a multi-user computer system that provides user access (user access) to a database of items , a method of recommending items to a user , the method comprising the computer-implemented steps of : (a) generating a non-user-specific data structure which maps individual items of the database to corresponding sets of similar items in which similarities between items are based at least upon the collective item interests of a community of users ; (b) identifying items that are known to be of interest to the user ; (c) for each of a plurality of the items identified in step (b) , accessing the data structure to identify a corresponding set of similar items ; (d) combining the sets of similar items identified in step (c) to generate a combined set of additionally similar items ; and (e) recommending at least some of the similar items of the combined set generated in step (d) to the user ; wherein step (a) is performed in an off-line mode , and steps (b)-(e) are performed substantially in real time in response to an online action by the user . US6266649B1 CLAIM 28 . In a system for generating personalized recommendations of items from a database of items that are accessed by a community of users , a method of recommending items to users , the method comprising : in an off-line mode , for each of a plurality of first items : (a) for each of a plurality of other items of the database , generating a respective score which indicates a degree of similarity between the first item and the other item such that the score is based on at least (i) a number of users that are interested in both the first item and the other item , and (ii) a number of users that are interested in the other item ; (b) sorting the plurality of other items according to the score values generated in step (a) ; (c) truncating a list of items which results from step (b) ; and (d) storing the truncated list generated in step (c) (“similar items list”) together with corresponding scores generated in step (a) in a non-user-specific data structure for subsequent look-up ; subsequently , in response to an action performed by a user , performing the following steps (second authentication method, end storage device) substantially in real time : (e) for each of a plurality of items that are known to be of interest to the user , accessing the data structure to identify a corresponding similar items list ; (f) combining the similar items lists identified in (e) to generate a combined list of similar items , wherein combining the similar items lists comprises combining scores of like items ; and (g) recommending at least some of the items from the combined list generated in (f) to the user . |
| US8869249B2 CLAIM 20 . The method of claim 19 , wherein the access code is sent to the user via a different communication (requiring use) channel from which the first user authentication information is received . |
US6266649B1 CLAIM 25 . The system of claim 16 , wherein the system generates personal recommendations without requiring use (different communication) rs to rate items . |
| US8869249B2 Filed: 2002-01-18 Issued: 2014-10-21 Protecting information on a computer system using multiple authentication methods (Original Assignee) PeopleChart Corp (Current Assignee) PeopleChart Corp R. David Holvey, Arthur Douglas Jopling | US6278449B1 Filed: 1998-09-03 Issued: 2001-08-21 Apparatus and method for designating information to be retrieved over a computer network (Original Assignee) Sony Corp; Sony Electronics Inc (Current Assignee) Sony Corp ; Sony Electronics Inc Basuki Afandi Sugiarto, Joe Zexuan Zhou |
|---|---|
| US8869249B2 CLAIM 11 . A non-transitory computer-readable storage medium containing instructions for controlling a computer system (computer system) to be configured for : receiving , for a user , first user authentication information for a first authentication method ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing system (single display) , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US6278449B1 CLAIM 1 . A system for designating and retrieving information over a computer network , comprising : means for designating individual portions of a plurality of screens accessible over said computer network and maintained at diverse locations including an underlying information content associated therewith ; means for positioning said designated individual portions of said plurality of screens within a single display (computing system) screen ; means for storing indicators indicative of the location of current and future updated information corresponding to said designated individual portions in a configuration file at a centralized location ; and means for retrieving said configuration file at a location positioned apart from said centralized location , wherein said current and future updated information corresponding to underlying information content associated with each of said designated individual portions is retrieved and displayed on a display screen in accordance with said configuration file , said underlying information content corresponding to said indicators being retrieved and updated from over said computer network each time said configuration file is retrieved . US6278449B1 CLAIM 5 . The system of claim 4 , wherein said configuration display screen resides on a desktop computer system (computer system) . |
| US8869249B2 Filed: 2002-01-18 Issued: 2014-10-21 Protecting information on a computer system using multiple authentication methods (Original Assignee) PeopleChart Corp (Current Assignee) PeopleChart Corp R. David Holvey, Arthur Douglas Jopling | US6311162B1 Filed: 1998-07-25 Issued: 2001-10-30 Interactive symptomatic recording system and methods (Original Assignee) Ernst F. Reichwein; Joseph G. White (Current Assignee) REICHWEIN - WHITE ENTERPRISES Inc Ernst F. Reichwein, Joseph G. White |
|---|---|
| US8869249B2 CLAIM 1 . A method comprising : receiving , for a user , first user authentication information for a first authentication method ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving , by a computing device (computing device) , a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US6311162B1 CLAIM 5 . The recording device according to claim 4 wherein the presentation device is a hand held computing device (computing device) having a visual display . |
| US8869249B2 CLAIM 15 . A method comprising : receiving , for a user , first user authentication information for a first authentication method ; upon authenticating the first user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device after receiving , for the user , a second user authentication information , wherein the front-end storage device is accessible to a user device for the user via a network and the back-end storage device is not directly connected to the network ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the second user authentication information , enabling , by a computing device (computing device) , user access to the subset of data that has been moved to the front-end storage device via the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US6311162B1 CLAIM 5 . The recording device according to claim 4 wherein the presentation device is a hand held computing device (computing device) having a visual display . |
| US8869249B2 Filed: 2002-01-18 Issued: 2014-10-21 Protecting information on a computer system using multiple authentication methods (Original Assignee) PeopleChart Corp (Current Assignee) PeopleChart Corp R. David Holvey, Arthur Douglas Jopling | US6321334B1 Filed: 1998-07-15 Issued: 2001-11-20 Administering permissions associated with a security zone in a computer system security model (Original Assignee) Microsoft Corp (Current Assignee) Microsoft Technology Licensing LLC Michael S. Jerger, Jeffrey A. Bisset, Craig T. Sinclair, Michael J. Toutonghi |
|---|---|
| US8869249B2 CLAIM 6 . The method of claim 5 , wherein : the external network includes the Internet , and the internal network is not directly accessible from any access point (high security) connected to the external network . |
US6321334B1 CLAIM 65 . The method of claim 64 , wherein one of the plurality of zone trust levels is a high security (access point, user access) zone trust level that includes at least one permission specification configured to permit very restricted access to a corresponding protected operation provided by the host computer system . |
| US8869249B2 CLAIM 9 . The method of claim 8 , wherein the access code is sent to the user via a communication path (computer readable medium) that has been previously established . |
US6321334B1 CLAIM 26 . The method of claim 25 , further comprising a computer readable medium (communication path, readable storage medium containing instructions) having computer-executable instructions for performing the preceding method . |
| US8869249B2 CLAIM 15 . A method comprising : receiving , for a user , first user authentication information for a first authentication method ; upon authenticating the first user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device after receiving , for the user , a second user authentication information , wherein the front-end storage device is accessible to a user device for the user via a network and the back-end storage device is not directly connected to the network ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the second user authentication information , enabling , by a computing device , user access (high security) to the subset of data that has been moved to the front-end storage device via the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US6321334B1 CLAIM 65 . The method of claim 64 , wherein one of the plurality of zone trust levels is a high security (access point, user access) zone trust level that includes at least one permission specification configured to permit very restricted access to a corresponding protected operation provided by the host computer system . |
| US8869249B2 Filed: 2002-01-18 Issued: 2014-10-21 Protecting information on a computer system using multiple authentication methods (Original Assignee) PeopleChart Corp (Current Assignee) PeopleChart Corp R. David Holvey, Arthur Douglas Jopling | US6182142B1 Filed: 1998-07-10 Issued: 2001-01-30 Distributed access management of information resources (Original Assignee) Encommerce Inc (Current Assignee) Entrust Ltd Teresa Win, Emilio Belmonte |
|---|---|
| US8869249B2 CLAIM 1 . A method comprising : receiving , for a user , first user (second information) authentication information for a first authentication method ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving , by a computing device , a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device (more function) for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US6182142B1 CLAIM 1 . A method of controlling access to one or more information resources stored on a first server , the method comprising the steps of : receiving information describing a user at the first server ; identifying , at a second server coupled to the first server , a subset of the resources that the user is authorized to access , based on one or more roles that are stored in association with user identifying information ; communicating information defining the subset to the first server ; storing first information defining the sub set , and second information (first user) defining the rules , in one or more tokens ; communicating the one or more tokens to a client that is associated with the user ; and thereafter resolving requests to use the resources at the first server by performing , for each request of said requests to use the resources at the first server , one or more steps that include examining one or more copies of said one or more tokens . US6182142B1 CLAIM 4 . The method recited in claim 1 , in which the identifying step further comprises the steps of : connecting the first server to the second server , in which the second server stores information describing the user , one or more roles , one or more function (user device) al groups , the resources , and associations among them ; and communicating a request for a profile of the user from the first server to the second server . |
| US8869249B2 CLAIM 4 . The method of claim 1 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user (second information) authentication information and the second user authentication information are authenticated . |
US6182142B1 CLAIM 1 . A method of controlling access to one or more information resources stored on a first server , the method comprising the steps of : receiving information describing a user at the first server ; identifying , at a second server coupled to the first server , a subset of the resources that the user is authorized to access , based on one or more roles that are stored in association with user identifying information ; communicating information defining the subset to the first server ; storing first information defining the sub set , and second information (first user) defining the rules , in one or more tokens ; communicating the one or more tokens to a client that is associated with the user ; and thereafter resolving requests to use the resources at the first server by performing , for each request of said requests to use the resources at the first server , one or more steps that include examining one or more copies of said one or more tokens . |
| US8869249B2 CLAIM 8 . The method of claim 7 , further comprising sending the access code to the user upon receiving the first user (second information) authentication information . |
US6182142B1 CLAIM 1 . A method of controlling access to one or more information resources stored on a first server , the method comprising the steps of : receiving information describing a user at the first server ; identifying , at a second server coupled to the first server , a subset of the resources that the user is authorized to access , based on one or more roles that are stored in association with user identifying information ; communicating information defining the subset to the first server ; storing first information defining the sub set , and second information (first user) defining the rules , in one or more tokens ; communicating the one or more tokens to a client that is associated with the user ; and thereafter resolving requests to use the resources at the first server by performing , for each request of said requests to use the resources at the first server , one or more steps that include examining one or more copies of said one or more tokens . |
| US8869249B2 CLAIM 10 . The method of claim 8 , wherein the access code is sent to the user via a different communication (more processor) channel from which the first user (second information) authentication information is received . |
US6182142B1 CLAIM 1 . A method of controlling access to one or more information resources stored on a first server , the method comprising the steps of : receiving information describing a user at the first server ; identifying , at a second server coupled to the first server , a subset of the resources that the user is authorized to access , based on one or more roles that are stored in association with user identifying information ; communicating information defining the subset to the first server ; storing first information defining the sub set , and second information (first user) defining the rules , in one or more tokens ; communicating the one or more tokens to a client that is associated with the user ; and thereafter resolving requests to use the resources at the first server by performing , for each request of said requests to use the resources at the first server , one or more steps that include examining one or more copies of said one or more tokens . US6182142B1 CLAIM 19 . A computer-readable medium carrying one or more sequences of instructions for controlling access to information resources , wherein execution of the one or more sequences of instructions by one or more processor (different communication) s causes the one or more processors to perform the steps of : receiving information describing a user at the first server ; identifying , at a second server coupled to the first server , a subset of the resources that the user is authorized to access , based on one or more roles that are stored in association with user identifying information ; communicating information defining the subset to the first server ; storing first information defining the subset , and second information defining the roles , in one or more tokens ; communicating the tokens to a client that is associated with the user ; and thereafter resolving requests to use the resources at the first server based on the tokens . |
| US8869249B2 CLAIM 11 . A non-transitory computer-readable storage medium containing instructions for controlling a computer system to be configured for : receiving , for a user , first user (second information) authentication information for a first authentication method ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device (more function) for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing system , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US6182142B1 CLAIM 1 . A method of controlling access to one or more information resources stored on a first server , the method comprising the steps of : receiving information describing a user at the first server ; identifying , at a second server coupled to the first server , a subset of the resources that the user is authorized to access , based on one or more roles that are stored in association with user identifying information ; communicating information defining the subset to the first server ; storing first information defining the sub set , and second information (first user) defining the rules , in one or more tokens ; communicating the one or more tokens to a client that is associated with the user ; and thereafter resolving requests to use the resources at the first server by performing , for each request of said requests to use the resources at the first server , one or more steps that include examining one or more copies of said one or more tokens . US6182142B1 CLAIM 4 . The method recited in claim 1 , in which the identifying step further comprises the steps of : connecting the first server to the second server , in which the second server stores information describing the user , one or more roles , one or more function (user device) al groups , the resources , and associations among them ; and communicating a request for a profile of the user from the first server to the second server . |
| US8869249B2 CLAIM 12 . The non-transitory computer-readable storage medium of claim 11 , further configured for : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user (second information) authentication information and the second user authentication information are authenticated . |
US6182142B1 CLAIM 1 . A method of controlling access to one or more information resources stored on a first server , the method comprising the steps of : receiving information describing a user at the first server ; identifying , at a second server coupled to the first server , a subset of the resources that the user is authorized to access , based on one or more roles that are stored in association with user identifying information ; communicating information defining the subset to the first server ; storing first information defining the sub set , and second information (first user) defining the rules , in one or more tokens ; communicating the one or more tokens to a client that is associated with the user ; and thereafter resolving requests to use the resources at the first server by performing , for each request of said requests to use the resources at the first server , one or more steps that include examining one or more copies of said one or more tokens . |
| US8869249B2 CLAIM 14 . The non-transitory computer-readable storage medium of claim 13 , wherein the access code is sent to the user via a different communication (more processor) channel from which the first user (second information) authentication information is received . |
US6182142B1 CLAIM 1 . A method of controlling access to one or more information resources stored on a first server , the method comprising the steps of : receiving information describing a user at the first server ; identifying , at a second server coupled to the first server , a subset of the resources that the user is authorized to access , based on one or more roles that are stored in association with user identifying information ; communicating information defining the subset to the first server ; storing first information defining the sub set , and second information (first user) defining the rules , in one or more tokens ; communicating the one or more tokens to a client that is associated with the user ; and thereafter resolving requests to use the resources at the first server by performing , for each request of said requests to use the resources at the first server , one or more steps that include examining one or more copies of said one or more tokens . US6182142B1 CLAIM 19 . A computer-readable medium carrying one or more sequences of instructions for controlling access to information resources , wherein execution of the one or more sequences of instructions by one or more processor (different communication) s causes the one or more processors to perform the steps of : receiving information describing a user at the first server ; identifying , at a second server coupled to the first server , a subset of the resources that the user is authorized to access , based on one or more roles that are stored in association with user identifying information ; communicating information defining the subset to the first server ; storing first information defining the subset , and second information defining the roles , in one or more tokens ; communicating the tokens to a client that is associated with the user ; and thereafter resolving requests to use the resources at the first server based on the tokens . |
| US8869249B2 CLAIM 15 . A method comprising : receiving , for a user , first user (second information) authentication information for a first authentication method ; upon authenticating the first user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device after receiving , for the user , a second user authentication information , wherein the front-end storage device is accessible to a user device (more function) for the user via a network and the back-end storage device is not directly connected to the network ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the second user authentication information , enabling , by a computing device , user access (user access) to the subset of data that has been moved to the front-end storage device via the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US6182142B1 CLAIM 1 . A method of controlling access to one or more information resources stored on a first server , the method comprising the steps of : receiving information describing a user at the first server ; identifying , at a second server coupled to the first server , a subset of the resources that the user is authorized to access , based on one or more roles that are stored in association with user identifying information ; communicating information defining the subset to the first server ; storing first information defining the sub set , and second information (first user) defining the rules , in one or more tokens ; communicating the one or more tokens to a client that is associated with the user ; and thereafter resolving requests to use the resources at the first server by performing , for each request of said requests to use the resources at the first server , one or more steps that include examining one or more copies of said one or more tokens . US6182142B1 CLAIM 4 . The method recited in claim 1 , in which the identifying step further comprises the steps of : connecting the first server to the second server , in which the second server stores information describing the user , one or more roles , one or more function (user device) al groups , the resources , and associations among them ; and communicating a request for a profile of the user from the first server to the second server . US6182142B1 CLAIM 10 . The method recited in claim 1 , further comprising the steps of : communicating , from the first server to the client , a customized display identifying only those resources that the user may access , whereby a single secure sign-on gives a user access (user access) to one or more of the resources . |
| US8869249B2 CLAIM 16 . The method of claim 15 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user (second information) authentication information and the second user authentication information are authenticated . |
US6182142B1 CLAIM 1 . A method of controlling access to one or more information resources stored on a first server , the method comprising the steps of : receiving information describing a user at the first server ; identifying , at a second server coupled to the first server , a subset of the resources that the user is authorized to access , based on one or more roles that are stored in association with user identifying information ; communicating information defining the subset to the first server ; storing first information defining the sub set , and second information (first user) defining the rules , in one or more tokens ; communicating the one or more tokens to a client that is associated with the user ; and thereafter resolving requests to use the resources at the first server by performing , for each request of said requests to use the resources at the first server , one or more steps that include examining one or more copies of said one or more tokens . |
| US8869249B2 CLAIM 19 . The method of claim 18 , further comprising sending the access code to the user upon receiving the first user (second information) authentication information . |
US6182142B1 CLAIM 1 . A method of controlling access to one or more information resources stored on a first server , the method comprising the steps of : receiving information describing a user at the first server ; identifying , at a second server coupled to the first server , a subset of the resources that the user is authorized to access , based on one or more roles that are stored in association with user identifying information ; communicating information defining the subset to the first server ; storing first information defining the sub set , and second information (first user) defining the rules , in one or more tokens ; communicating the one or more tokens to a client that is associated with the user ; and thereafter resolving requests to use the resources at the first server by performing , for each request of said requests to use the resources at the first server , one or more steps that include examining one or more copies of said one or more tokens . |
| US8869249B2 CLAIM 20 . The method of claim 19 , wherein the access code is sent to the user via a different communication (more processor) channel from which the first user (second information) authentication information is received . |
US6182142B1 CLAIM 1 . A method of controlling access to one or more information resources stored on a first server , the method comprising the steps of : receiving information describing a user at the first server ; identifying , at a second server coupled to the first server , a subset of the resources that the user is authorized to access , based on one or more roles that are stored in association with user identifying information ; communicating information defining the subset to the first server ; storing first information defining the sub set , and second information (first user) defining the rules , in one or more tokens ; communicating the one or more tokens to a client that is associated with the user ; and thereafter resolving requests to use the resources at the first server by performing , for each request of said requests to use the resources at the first server , one or more steps that include examining one or more copies of said one or more tokens . US6182142B1 CLAIM 19 . A computer-readable medium carrying one or more sequences of instructions for controlling access to information resources , wherein execution of the one or more sequences of instructions by one or more processor (different communication) s causes the one or more processors to perform the steps of : receiving information describing a user at the first server ; identifying , at a second server coupled to the first server , a subset of the resources that the user is authorized to access , based on one or more roles that are stored in association with user identifying information ; communicating information defining the subset to the first server ; storing first information defining the subset , and second information defining the roles , in one or more tokens ; communicating the tokens to a client that is associated with the user ; and thereafter resolving requests to use the resources at the first server based on the tokens . |
| US8869249B2 Filed: 2002-01-18 Issued: 2014-10-21 Protecting information on a computer system using multiple authentication methods (Original Assignee) PeopleChart Corp (Current Assignee) PeopleChart Corp R. David Holvey, Arthur Douglas Jopling | US6141778A Filed: 1998-06-29 Issued: 2000-10-31 Method and apparatus for automating security functions in a computer system (Original Assignee) MCI Communications Corp (Current Assignee) Verizon Patent and Licensing Inc Kevin J. Kane, Garrett K. Kolb, Nora May, Daniel E. Myer, Jay B. Rutherford, Denise B. Shive, Eleanor P. Weedon |
|---|---|
| US8869249B2 CLAIM 1 . A method comprising : receiving , for a user , first user authentication information for a first authentication method ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving , by a computing device , a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires (key base) , the subset of data is removed from the front-end storage device . |
US6141778A CLAIM 16 . The method of claim 14 , further comprising : periodically automatically checking the database for a change in the group identifier corresponding to the key ; and updating the level of access privilege of the one of the plurality of accounts corresponding to the key base (time expires) d on the change in the group identifier . |
| US8869249B2 CLAIM 11 . A non-transitory computer-readable storage medium containing instructions for controlling a computer system (computer system) to be configured for : receiving , for a user , first user authentication information for a first authentication method ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing system , wherein after the period of time expires (key base) , the subset of data is removed from the front-end storage device . |
US6141778A CLAIM 16 . The method of claim 14 , further comprising : periodically automatically checking the database for a change in the group identifier corresponding to the key ; and updating the level of access privilege of the one of the plurality of accounts corresponding to the key base (time expires) d on the change in the group identifier . US6141778A CLAIM 42 . In a computer system (computer system) having at least one data center , an apparatus comprising : a first data structure interrelating a user identifier and a user account ; a second data structure interrelating a user and the user identifier ; a third data structure interrelating the user and an assigned department ; a fourth data structure interrelating department and a default level of security privilege ; and a computer coupled to the first , the second , the third and the fourth data structures and being programmed for assigning a default level of access privilege corresponding to the department to which the user associated with the user identifier has been assigned . |
| US8869249B2 CLAIM 15 . A method comprising : receiving , for a user , first user authentication information for a first authentication method ; upon authenticating the first user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device after receiving , for the user , a second user authentication information , wherein the front-end storage device is accessible to a user device for the user via a network and the back-end storage device is not directly connected to the network ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the second user authentication information , enabling , by a computing device , user access to the subset of data that has been moved to the front-end storage device via the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires (key base) , the subset of data is removed from the front-end storage device . |
US6141778A CLAIM 16 . The method of claim 14 , further comprising : periodically automatically checking the database for a change in the group identifier corresponding to the key ; and updating the level of access privilege of the one of the plurality of accounts corresponding to the key base (time expires) d on the change in the group identifier . |
| US8869249B2 Filed: 2002-01-18 Issued: 2014-10-21 Protecting information on a computer system using multiple authentication methods (Original Assignee) PeopleChart Corp (Current Assignee) PeopleChart Corp R. David Holvey, Arthur Douglas Jopling | US6185567B1 Filed: 1998-05-29 Issued: 2001-02-06 Authenticated access to internet based research and data services (Original Assignee) University of Pennsylvania Penn (Current Assignee) University of Pennsylvania Penn Paul J. Ratnaraj, William Gerard McCartney, Son To, Steven J. Crispi, Jalal D. Akhavein |
|---|---|
| US8869249B2 CLAIM 1 . A method comprising : receiving , for a user , first user authentication information for a first authentication method ; receiving , for the user , second user authentication information for a second authentication method (requesting user) , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving , by a computing device , a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US6185567B1 CLAIM 1 . A system for managing access to a database by authorized users via a computer communications network , each user sending a page request for a page from said database using a browser program operating on a client computer connected to said computer communications network , comprising : a server which provides requested pages from said database to a requesting user (second authentication method) ' ; s browser program via the computer communications network in response to said page request from the requesting user' ; s browser program if the requesting user is authorized to receive the requested page from said database , said server including a search engine which searches said database and data query software which is accessible to the user via an interface of said server that screens and formats subsets of data in said database whereby the user can search through multiple data sets with a single data query specifying criteria for selection based on a field common to at least two data sets of said multiple data sets , said data query software emulating batch processing of data queries from the user by spawning a child process for each data request in a data query from the user and monitoring the status of said child process , said data query software further sending the user a message that contains an address where the processed output can be retrieved by the user when the child process is finished ; and an authentication program operating at said server , said authentication program determining if the requested page is protected and , if so , checking a cookie from the requesting user' ; s browser program to determine if said cookie has been validated to indicate that the user has been authenticated as an authorized user of said database prior to receipt of said page request from the requesting user' ; s browser program , whereby a requested protected page is provided to the requesting user' ; s browser program only if said cookie has been validated . |
| US8869249B2 CLAIM 7 . The method of claim 1 , wherein the second user authentication information comprises an access code (checking step) . |
US6185567B1 CLAIM 4 . The method of claim 3 , wherein if it is determined that a valid cookie has not been received in said cookie checking step (access code) , said method comprises the additional steps of serving a login page to said browser program , the user of the browser program providing login information to said server , and , if the login information is valid , said server serving the requested page to said browser program and said server sending said valid cookie to said browser program . |
| US8869249B2 CLAIM 8 . The method of claim 7 , further comprising sending the access code (checking step) to the user upon receiving the first user authentication information . |
US6185567B1 CLAIM 4 . The method of claim 3 , wherein if it is determined that a valid cookie has not been received in said cookie checking step (access code) , said method comprises the additional steps of serving a login page to said browser program , the user of the browser program providing login information to said server , and , if the login information is valid , said server serving the requested page to said browser program and said server sending said valid cookie to said browser program . |
| US8869249B2 CLAIM 9 . The method of claim 8 , wherein the access code (checking step) is sent to the user via a communication path that has been previously established . |
US6185567B1 CLAIM 4 . The method of claim 3 , wherein if it is determined that a valid cookie has not been received in said cookie checking step (access code) , said method comprises the additional steps of serving a login page to said browser program , the user of the browser program providing login information to said server , and , if the login information is valid , said server serving the requested page to said browser program and said server sending said valid cookie to said browser program . |
| US8869249B2 CLAIM 10 . The method of claim 8 , wherein the access code (checking step) is sent to the user via a different communication channel from which the first user authentication information is received . |
US6185567B1 CLAIM 4 . The method of claim 3 , wherein if it is determined that a valid cookie has not been received in said cookie checking step (access code) , said method comprises the additional steps of serving a login page to said browser program , the user of the browser program providing login information to said server , and , if the login information is valid , said server serving the requested page to said browser program and said server sending said valid cookie to said browser program . |
| US8869249B2 CLAIM 11 . A non-transitory computer-readable storage medium containing instructions for controlling a computer system (computer system) to be configured for : receiving , for a user , first user authentication information for a first authentication method ; receiving , for the user , second user authentication information for a second authentication method (requesting user) , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing system , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US6185567B1 CLAIM 1 . A system for managing access to a database by authorized users via a computer communications network , each user sending a page request for a page from said database using a browser program operating on a client computer connected to said computer communications network , comprising : a server which provides requested pages from said database to a requesting user (second authentication method) ' ; s browser program via the computer communications network in response to said page request from the requesting user' ; s browser program if the requesting user is authorized to receive the requested page from said database , said server including a search engine which searches said database and data query software which is accessible to the user via an interface of said server that screens and formats subsets of data in said database whereby the user can search through multiple data sets with a single data query specifying criteria for selection based on a field common to at least two data sets of said multiple data sets , said data query software emulating batch processing of data queries from the user by spawning a child process for each data request in a data query from the user and monitoring the status of said child process , said data query software further sending the user a message that contains an address where the processed output can be retrieved by the user when the child process is finished ; and an authentication program operating at said server , said authentication program determining if the requested page is protected and , if so , checking a cookie from the requesting user' ; s browser program to determine if said cookie has been validated to indicate that the user has been authenticated as an authorized user of said database prior to receipt of said page request from the requesting user' ; s browser program , whereby a requested protected page is provided to the requesting user' ; s browser program only if said cookie has been validated . US6185567B1 CLAIM 3 . A method of authenticating access to a database containing protected pages by a browser program which provides page requests via a computer communications network to a server associated with said database , comprising the steps of : said browser program sending a page request to said server via the computer communications network ; determining if the requested page is protected , and if the requested page is not protected , then serving the requested page to the browser program ; if the requested page is protected , then determining if a domain of the computer system (computer system) operating said browser program is within a domain of said server and , if so , serving the requested page to the browser program ; if the domain of the computer system operating said browser program is outside of the domain of said server , then checking whether a valid cookie has been received from the browser program indicating that a user of said browser program has been authenticated as an authorized user of said database prior to receipt of said page request from said browser program ; serving the requested protected page to said browser program only if said valid cookie has been received by said server ; searching through multiple data sets in said database with a single data query from said browser program specifying criteria for selection based on a field common to at least two data sets of said multiple data sets ; emulating batch processing of data queries from the user by spawning a child process for each data request in a data query from the user and monitoring the status of said child process ; and sending the user a message that contains an address where the processed output can be retrieved by the user when the child process is finished . |
| US8869249B2 CLAIM 13 . The non-transitory computer-readable storage medium of claim 11 , wherein the second user authentication information comprises an access code (checking step) . |
US6185567B1 CLAIM 4 . The method of claim 3 , wherein if it is determined that a valid cookie has not been received in said cookie checking step (access code) , said method comprises the additional steps of serving a login page to said browser program , the user of the browser program providing login information to said server , and , if the login information is valid , said server serving the requested page to said browser program and said server sending said valid cookie to said browser program . |
| US8869249B2 CLAIM 14 . The non-transitory computer-readable storage medium of claim 13 , wherein the access code (checking step) is sent to the user via a different communication channel from which the first user authentication information is received . |
US6185567B1 CLAIM 4 . The method of claim 3 , wherein if it is determined that a valid cookie has not been received in said cookie checking step (access code) , said method comprises the additional steps of serving a login page to said browser program , the user of the browser program providing login information to said server , and , if the login information is valid , said server serving the requested page to said browser program and said server sending said valid cookie to said browser program . |
| US8869249B2 CLAIM 15 . A method comprising : receiving , for a user , first user authentication information for a first authentication method ; upon authenticating the first user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device after receiving , for the user , a second user authentication information , wherein the front-end storage device is accessible to a user device for the user via a network and the back-end storage device is not directly connected to the network ; receiving , for the user , second user authentication information for a second authentication method (requesting user) , the second authentication method being different from the first authentication method ; upon authenticating the second user authentication information , enabling , by a computing device , user access to the subset of data that has been moved to the front-end storage device via the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US6185567B1 CLAIM 1 . A system for managing access to a database by authorized users via a computer communications network , each user sending a page request for a page from said database using a browser program operating on a client computer connected to said computer communications network , comprising : a server which provides requested pages from said database to a requesting user (second authentication method) ' ; s browser program via the computer communications network in response to said page request from the requesting user' ; s browser program if the requesting user is authorized to receive the requested page from said database , said server including a search engine which searches said database and data query software which is accessible to the user via an interface of said server that screens and formats subsets of data in said database whereby the user can search through multiple data sets with a single data query specifying criteria for selection based on a field common to at least two data sets of said multiple data sets , said data query software emulating batch processing of data queries from the user by spawning a child process for each data request in a data query from the user and monitoring the status of said child process , said data query software further sending the user a message that contains an address where the processed output can be retrieved by the user when the child process is finished ; and an authentication program operating at said server , said authentication program determining if the requested page is protected and , if so , checking a cookie from the requesting user' ; s browser program to determine if said cookie has been validated to indicate that the user has been authenticated as an authorized user of said database prior to receipt of said page request from the requesting user' ; s browser program , whereby a requested protected page is provided to the requesting user' ; s browser program only if said cookie has been validated . |
| US8869249B2 CLAIM 18 . The method of claim 15 , wherein the second user authentication information comprises an access code (checking step) . |
US6185567B1 CLAIM 4 . The method of claim 3 , wherein if it is determined that a valid cookie has not been received in said cookie checking step (access code) , said method comprises the additional steps of serving a login page to said browser program , the user of the browser program providing login information to said server , and , if the login information is valid , said server serving the requested page to said browser program and said server sending said valid cookie to said browser program . |
| US8869249B2 CLAIM 19 . The method of claim 18 , further comprising sending the access code (checking step) to the user upon receiving the first user authentication information . |
US6185567B1 CLAIM 4 . The method of claim 3 , wherein if it is determined that a valid cookie has not been received in said cookie checking step (access code) , said method comprises the additional steps of serving a login page to said browser program , the user of the browser program providing login information to said server , and , if the login information is valid , said server serving the requested page to said browser program and said server sending said valid cookie to said browser program . |
| US8869249B2 CLAIM 20 . The method of claim 19 , wherein the access code (checking step) is sent to the user via a different communication channel from which the first user authentication information is received . |
US6185567B1 CLAIM 4 . The method of claim 3 , wherein if it is determined that a valid cookie has not been received in said cookie checking step (access code) , said method comprises the additional steps of serving a login page to said browser program , the user of the browser program providing login information to said server , and , if the login information is valid , said server serving the requested page to said browser program and said server sending said valid cookie to said browser program . |
| US8869249B2 Filed: 2002-01-18 Issued: 2014-10-21 Protecting information on a computer system using multiple authentication methods (Original Assignee) PeopleChart Corp (Current Assignee) PeopleChart Corp R. David Holvey, Arthur Douglas Jopling | US5920848A Filed: 1998-01-22 Issued: 1999-07-06 Method and system for using intelligent agents for financial transactions, services, accounting, and advice (Original Assignee) Citibank NA (Current Assignee) Citibank NA Daniel Schutzer, William Hull Forster, Jr., Huanrui Hu, Wenke Lee, Salvatore J. Stolfo, Wei Fan |
|---|---|
| US8869249B2 CLAIM 1 . A method comprising : receiving , for a user , first user authentication information for a first authentication method ; receiving , for the user , second user (said server) authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving , by a computing device , a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US5920848A CLAIM 1 . A method for a user to perform financial transactions and financial accounting , comprising the steps of : said user initiating a local client application on a terminal ; said local client application initiating communication with a server ; said user accessing a user account on said server (second user) ; said user selecting a financial transaction ; said user inputting information relating to said selected financial transaction ; said server performing said financial transaction ; said server automatically downloading information relating to said performed financial transaction to said local client application ; said user initiating transfer of said downloaded information relating to said performed financial transaction from said local client application to a financial software application ; said local client application transferring said downloaded information relating to said performed financial transaction to said financial software application ; automatically performing financial functions using said downloaded information relating to said performed financial transaction to produce output information ; transmitting said output information from said financial software application to said local client application ; and uploading said output information from said local software , application to said user account on said server . |
| US8869249B2 CLAIM 3 . The method of claim 1 , wherein the period of time starts upon authenticating the second user (said server) authentication information as long as the second user authentication information is authenticated within a prescheduled period of time . |
US5920848A CLAIM 1 . A method for a user to perform financial transactions and financial accounting , comprising the steps of : said user initiating a local client application on a terminal ; said local client application initiating communication with a server ; said user accessing a user account on said server (second user) ; said user selecting a financial transaction ; said user inputting information relating to said selected financial transaction ; said server performing said financial transaction ; said server automatically downloading information relating to said performed financial transaction to said local client application ; said user initiating transfer of said downloaded information relating to said performed financial transaction from said local client application to a financial software application ; said local client application transferring said downloaded information relating to said performed financial transaction to said financial software application ; automatically performing financial functions using said downloaded information relating to said performed financial transaction to produce output information ; transmitting said output information from said financial software application to said local client application ; and uploading said output information from said local software , application to said user account on said server . |
| US8869249B2 CLAIM 4 . The method of claim 1 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user authentication information and the second user (said server) authentication information are authenticated . |
US5920848A CLAIM 1 . A method for a user to perform financial transactions and financial accounting , comprising the steps of : said user initiating a local client application on a terminal ; said local client application initiating communication with a server ; said user accessing a user account on said server (second user) ; said user selecting a financial transaction ; said user inputting information relating to said selected financial transaction ; said server performing said financial transaction ; said server automatically downloading information relating to said performed financial transaction to said local client application ; said user initiating transfer of said downloaded information relating to said performed financial transaction from said local client application to a financial software application ; said local client application transferring said downloaded information relating to said performed financial transaction to said financial software application ; automatically performing financial functions using said downloaded information relating to said performed financial transaction to produce output information ; transmitting said output information from said financial software application to said local client application ; and uploading said output information from said local software , application to said user account on said server . |
| US8869249B2 CLAIM 7 . The method of claim 1 , wherein the second user (said server) authentication information comprises an access code . |
US5920848A CLAIM 1 . A method for a user to perform financial transactions and financial accounting , comprising the steps of : said user initiating a local client application on a terminal ; said local client application initiating communication with a server ; said user accessing a user account on said server (second user) ; said user selecting a financial transaction ; said user inputting information relating to said selected financial transaction ; said server performing said financial transaction ; said server automatically downloading information relating to said performed financial transaction to said local client application ; said user initiating transfer of said downloaded information relating to said performed financial transaction from said local client application to a financial software application ; said local client application transferring said downloaded information relating to said performed financial transaction to said financial software application ; automatically performing financial functions using said downloaded information relating to said performed financial transaction to produce output information ; transmitting said output information from said financial software application to said local client application ; and uploading said output information from said local software , application to said user account on said server . |
| US8869249B2 CLAIM 11 . A non-transitory computer-readable storage medium containing instructions for controlling a computer system to be configured for : receiving , for a user , first user authentication information for a first authentication method ; receiving , for the user , second user (said server) authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing system , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US5920848A CLAIM 1 . A method for a user to perform financial transactions and financial accounting , comprising the steps of : said user initiating a local client application on a terminal ; said local client application initiating communication with a server ; said user accessing a user account on said server (second user) ; said user selecting a financial transaction ; said user inputting information relating to said selected financial transaction ; said server performing said financial transaction ; said server automatically downloading information relating to said performed financial transaction to said local client application ; said user initiating transfer of said downloaded information relating to said performed financial transaction from said local client application to a financial software application ; said local client application transferring said downloaded information relating to said performed financial transaction to said financial software application ; automatically performing financial functions using said downloaded information relating to said performed financial transaction to produce output information ; transmitting said output information from said financial software application to said local client application ; and uploading said output information from said local software , application to said user account on said server . |
| US8869249B2 CLAIM 12 . The non-transitory computer-readable storage medium of claim 11 , further configured for : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user authentication information and the second user (said server) authentication information are authenticated . |
US5920848A CLAIM 1 . A method for a user to perform financial transactions and financial accounting , comprising the steps of : said user initiating a local client application on a terminal ; said local client application initiating communication with a server ; said user accessing a user account on said server (second user) ; said user selecting a financial transaction ; said user inputting information relating to said selected financial transaction ; said server performing said financial transaction ; said server automatically downloading information relating to said performed financial transaction to said local client application ; said user initiating transfer of said downloaded information relating to said performed financial transaction from said local client application to a financial software application ; said local client application transferring said downloaded information relating to said performed financial transaction to said financial software application ; automatically performing financial functions using said downloaded information relating to said performed financial transaction to produce output information ; transmitting said output information from said financial software application to said local client application ; and uploading said output information from said local software , application to said user account on said server . |
| US8869249B2 CLAIM 13 . The non-transitory computer-readable storage medium of claim 11 , wherein the second user (said server) authentication information comprises an access code . |
US5920848A CLAIM 1 . A method for a user to perform financial transactions and financial accounting , comprising the steps of : said user initiating a local client application on a terminal ; said local client application initiating communication with a server ; said user accessing a user account on said server (second user) ; said user selecting a financial transaction ; said user inputting information relating to said selected financial transaction ; said server performing said financial transaction ; said server automatically downloading information relating to said performed financial transaction to said local client application ; said user initiating transfer of said downloaded information relating to said performed financial transaction from said local client application to a financial software application ; said local client application transferring said downloaded information relating to said performed financial transaction to said financial software application ; automatically performing financial functions using said downloaded information relating to said performed financial transaction to produce output information ; transmitting said output information from said financial software application to said local client application ; and uploading said output information from said local software , application to said user account on said server . |
| US8869249B2 CLAIM 15 . A method comprising : receiving , for a user , first user authentication information for a first authentication method ; upon authenticating the first user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device after receiving , for the user , a second user (said server) authentication information , wherein the front-end storage device is accessible to a user device for the user via a network and the back-end storage device is not directly connected to the network ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the second user authentication information , enabling , by a computing device , user access (user access) to the subset of data that has been moved to the front-end storage device via the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US5920848A CLAIM 1 . A method for a user to perform financial transactions and financial accounting , comprising the steps of : said user initiating a local client application on a terminal ; said local client application initiating communication with a server ; said user access (user access) ing a user account on said server (second user) ; said user selecting a financial transaction ; said user inputting information relating to said selected financial transaction ; said server performing said financial transaction ; said server automatically downloading information relating to said performed financial transaction to said local client application ; said user initiating transfer of said downloaded information relating to said performed financial transaction from said local client application to a financial software application ; said local client application transferring said downloaded information relating to said performed financial transaction to said financial software application ; automatically performing financial functions using said downloaded information relating to said performed financial transaction to produce output information ; transmitting said output information from said financial software application to said local client application ; and uploading said output information from said local software , application to said user account on said server . |
| US8869249B2 CLAIM 16 . The method of claim 15 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user authentication information and the second user (said server) authentication information are authenticated . |
US5920848A CLAIM 1 . A method for a user to perform financial transactions and financial accounting , comprising the steps of : said user initiating a local client application on a terminal ; said local client application initiating communication with a server ; said user accessing a user account on said server (second user) ; said user selecting a financial transaction ; said user inputting information relating to said selected financial transaction ; said server performing said financial transaction ; said server automatically downloading information relating to said performed financial transaction to said local client application ; said user initiating transfer of said downloaded information relating to said performed financial transaction from said local client application to a financial software application ; said local client application transferring said downloaded information relating to said performed financial transaction to said financial software application ; automatically performing financial functions using said downloaded information relating to said performed financial transaction to produce output information ; transmitting said output information from said financial software application to said local client application ; and uploading said output information from said local software , application to said user account on said server . |
| US8869249B2 CLAIM 18 . The method of claim 15 , wherein the second user (said server) authentication information comprises an access code . |
US5920848A CLAIM 1 . A method for a user to perform financial transactions and financial accounting , comprising the steps of : said user initiating a local client application on a terminal ; said local client application initiating communication with a server ; said user accessing a user account on said server (second user) ; said user selecting a financial transaction ; said user inputting information relating to said selected financial transaction ; said server performing said financial transaction ; said server automatically downloading information relating to said performed financial transaction to said local client application ; said user initiating transfer of said downloaded information relating to said performed financial transaction from said local client application to a financial software application ; said local client application transferring said downloaded information relating to said performed financial transaction to said financial software application ; automatically performing financial functions using said downloaded information relating to said performed financial transaction to produce output information ; transmitting said output information from said financial software application to said local client application ; and uploading said output information from said local software , application to said user account on said server . |
| US8869249B2 Filed: 2002-01-18 Issued: 2014-10-21 Protecting information on a computer system using multiple authentication methods (Original Assignee) PeopleChart Corp (Current Assignee) PeopleChart Corp R. David Holvey, Arthur Douglas Jopling | US6016476A Filed: 1998-01-16 Issued: 2000-01-18 Portable information and transaction processing system and method utilizing biometric authorization and digital certificate security (Original Assignee) International Business Machines Corp (Current Assignee) Toshiba Global Commerce Solutions Holdings Corp Stephane Herman Maes, Jan Sedivy |
|---|---|
| US8869249B2 CLAIM 1 . A method comprising : receiving , for a user , first user (service provider) authentication information for a first authentication method ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving , by a computing device , a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US6016476A CLAIM 1 . A portable information and transaction processing device , comprising : a central processing unit ; a memory device , operatively coupled to said central processing unit , for storing transaction information comprising one of financial information , personal information , and a combination thereof ; communication means for establishing a communication link with a central server of a service provider (first user) , disposed at a remote location , to download a temporary digital certificate issued by said service provider ; a user interface , operatively coupled to said central processing unit , for selecting at least a portion of said transaction information ; a card reader ; a universal card having a unique card number designated to a subscribing user of said service provider , wherein the universal card is inserted into said card reader to receive said selected portion of said transaction information ; and programming means , executable by said central processing unit , for determining if said temporary digital certificate is valid , for writing said selected portion of said transaction information to said universal card if said temporary digital certificate is deemed valid , and for preventing said selected portion of said transaction information from being written to said universal card when said temporary digital certificate is deemed invalid . |
| US8869249B2 CLAIM 4 . The method of claim 1 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user (service provider) authentication information and the second user authentication information are authenticated . |
US6016476A CLAIM 1 . A portable information and transaction processing device , comprising : a central processing unit ; a memory device , operatively coupled to said central processing unit , for storing transaction information comprising one of financial information , personal information , and a combination thereof ; communication means for establishing a communication link with a central server of a service provider (first user) , disposed at a remote location , to download a temporary digital certificate issued by said service provider ; a user interface , operatively coupled to said central processing unit , for selecting at least a portion of said transaction information ; a card reader ; a universal card having a unique card number designated to a subscribing user of said service provider , wherein the universal card is inserted into said card reader to receive said selected portion of said transaction information ; and programming means , executable by said central processing unit , for determining if said temporary digital certificate is valid , for writing said selected portion of said transaction information to said universal card if said temporary digital certificate is deemed valid , and for preventing said selected portion of said transaction information from being written to said universal card when said temporary digital certificate is deemed invalid . |
| US8869249B2 CLAIM 8 . The method of claim 7 , further comprising sending the access code to the user upon receiving the first user (service provider) authentication information . |
US6016476A CLAIM 1 . A portable information and transaction processing device , comprising : a central processing unit ; a memory device , operatively coupled to said central processing unit , for storing transaction information comprising one of financial information , personal information , and a combination thereof ; communication means for establishing a communication link with a central server of a service provider (first user) , disposed at a remote location , to download a temporary digital certificate issued by said service provider ; a user interface , operatively coupled to said central processing unit , for selecting at least a portion of said transaction information ; a card reader ; a universal card having a unique card number designated to a subscribing user of said service provider , wherein the universal card is inserted into said card reader to receive said selected portion of said transaction information ; and programming means , executable by said central processing unit , for determining if said temporary digital certificate is valid , for writing said selected portion of said transaction information to said universal card if said temporary digital certificate is deemed valid , and for preventing said selected portion of said transaction information from being written to said universal card when said temporary digital certificate is deemed invalid . |
| US8869249B2 CLAIM 10 . The method of claim 8 , wherein the access code is sent to the user via a different communication channel from which the first user (service provider) authentication information is received . |
US6016476A CLAIM 1 . A portable information and transaction processing device , comprising : a central processing unit ; a memory device , operatively coupled to said central processing unit , for storing transaction information comprising one of financial information , personal information , and a combination thereof ; communication means for establishing a communication link with a central server of a service provider (first user) , disposed at a remote location , to download a temporary digital certificate issued by said service provider ; a user interface , operatively coupled to said central processing unit , for selecting at least a portion of said transaction information ; a card reader ; a universal card having a unique card number designated to a subscribing user of said service provider , wherein the universal card is inserted into said card reader to receive said selected portion of said transaction information ; and programming means , executable by said central processing unit , for determining if said temporary digital certificate is valid , for writing said selected portion of said transaction information to said universal card if said temporary digital certificate is deemed valid , and for preventing said selected portion of said transaction information from being written to said universal card when said temporary digital certificate is deemed invalid . |
| US8869249B2 CLAIM 11 . A non-transitory computer-readable storage medium containing instructions for controlling a computer system to be configured for : receiving , for a user , first user (service provider) authentication information for a first authentication method ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing system , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US6016476A CLAIM 1 . A portable information and transaction processing device , comprising : a central processing unit ; a memory device , operatively coupled to said central processing unit , for storing transaction information comprising one of financial information , personal information , and a combination thereof ; communication means for establishing a communication link with a central server of a service provider (first user) , disposed at a remote location , to download a temporary digital certificate issued by said service provider ; a user interface , operatively coupled to said central processing unit , for selecting at least a portion of said transaction information ; a card reader ; a universal card having a unique card number designated to a subscribing user of said service provider , wherein the universal card is inserted into said card reader to receive said selected portion of said transaction information ; and programming means , executable by said central processing unit , for determining if said temporary digital certificate is valid , for writing said selected portion of said transaction information to said universal card if said temporary digital certificate is deemed valid , and for preventing said selected portion of said transaction information from being written to said universal card when said temporary digital certificate is deemed invalid . |
| US8869249B2 CLAIM 12 . The non-transitory computer-readable storage medium of claim 11 , further configured for : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user (service provider) authentication information and the second user authentication information are authenticated . |
US6016476A CLAIM 1 . A portable information and transaction processing device , comprising : a central processing unit ; a memory device , operatively coupled to said central processing unit , for storing transaction information comprising one of financial information , personal information , and a combination thereof ; communication means for establishing a communication link with a central server of a service provider (first user) , disposed at a remote location , to download a temporary digital certificate issued by said service provider ; a user interface , operatively coupled to said central processing unit , for selecting at least a portion of said transaction information ; a card reader ; a universal card having a unique card number designated to a subscribing user of said service provider , wherein the universal card is inserted into said card reader to receive said selected portion of said transaction information ; and programming means , executable by said central processing unit , for determining if said temporary digital certificate is valid , for writing said selected portion of said transaction information to said universal card if said temporary digital certificate is deemed valid , and for preventing said selected portion of said transaction information from being written to said universal card when said temporary digital certificate is deemed invalid . |
| US8869249B2 CLAIM 14 . The non-transitory computer-readable storage medium of claim 13 , wherein the access code is sent to the user via a different communication channel from which the first user (service provider) authentication information is received . |
US6016476A CLAIM 1 . A portable information and transaction processing device , comprising : a central processing unit ; a memory device , operatively coupled to said central processing unit , for storing transaction information comprising one of financial information , personal information , and a combination thereof ; communication means for establishing a communication link with a central server of a service provider (first user) , disposed at a remote location , to download a temporary digital certificate issued by said service provider ; a user interface , operatively coupled to said central processing unit , for selecting at least a portion of said transaction information ; a card reader ; a universal card having a unique card number designated to a subscribing user of said service provider , wherein the universal card is inserted into said card reader to receive said selected portion of said transaction information ; and programming means , executable by said central processing unit , for determining if said temporary digital certificate is valid , for writing said selected portion of said transaction information to said universal card if said temporary digital certificate is deemed valid , and for preventing said selected portion of said transaction information from being written to said universal card when said temporary digital certificate is deemed invalid . |
| US8869249B2 CLAIM 15 . A method comprising : receiving , for a user , first user (service provider) authentication information for a first authentication method ; upon authenticating the first user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device after receiving , for the user , a second user authentication information , wherein the front-end storage device is accessible to a user device for the user via a network and the back-end storage device is not directly connected to the network ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the second user authentication information , enabling , by a computing device , user access to the subset of data that has been moved to the front-end storage device via the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US6016476A CLAIM 1 . A portable information and transaction processing device , comprising : a central processing unit ; a memory device , operatively coupled to said central processing unit , for storing transaction information comprising one of financial information , personal information , and a combination thereof ; communication means for establishing a communication link with a central server of a service provider (first user) , disposed at a remote location , to download a temporary digital certificate issued by said service provider ; a user interface , operatively coupled to said central processing unit , for selecting at least a portion of said transaction information ; a card reader ; a universal card having a unique card number designated to a subscribing user of said service provider , wherein the universal card is inserted into said card reader to receive said selected portion of said transaction information ; and programming means , executable by said central processing unit , for determining if said temporary digital certificate is valid , for writing said selected portion of said transaction information to said universal card if said temporary digital certificate is deemed valid , and for preventing said selected portion of said transaction information from being written to said universal card when said temporary digital certificate is deemed invalid . |
| US8869249B2 CLAIM 16 . The method of claim 15 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user (service provider) authentication information and the second user authentication information are authenticated . |
US6016476A CLAIM 1 . A portable information and transaction processing device , comprising : a central processing unit ; a memory device , operatively coupled to said central processing unit , for storing transaction information comprising one of financial information , personal information , and a combination thereof ; communication means for establishing a communication link with a central server of a service provider (first user) , disposed at a remote location , to download a temporary digital certificate issued by said service provider ; a user interface , operatively coupled to said central processing unit , for selecting at least a portion of said transaction information ; a card reader ; a universal card having a unique card number designated to a subscribing user of said service provider , wherein the universal card is inserted into said card reader to receive said selected portion of said transaction information ; and programming means , executable by said central processing unit , for determining if said temporary digital certificate is valid , for writing said selected portion of said transaction information to said universal card if said temporary digital certificate is deemed valid , and for preventing said selected portion of said transaction information from being written to said universal card when said temporary digital certificate is deemed invalid . |
| US8869249B2 CLAIM 19 . The method of claim 18 , further comprising sending the access code to the user upon receiving the first user (service provider) authentication information . |
US6016476A CLAIM 1 . A portable information and transaction processing device , comprising : a central processing unit ; a memory device , operatively coupled to said central processing unit , for storing transaction information comprising one of financial information , personal information , and a combination thereof ; communication means for establishing a communication link with a central server of a service provider (first user) , disposed at a remote location , to download a temporary digital certificate issued by said service provider ; a user interface , operatively coupled to said central processing unit , for selecting at least a portion of said transaction information ; a card reader ; a universal card having a unique card number designated to a subscribing user of said service provider , wherein the universal card is inserted into said card reader to receive said selected portion of said transaction information ; and programming means , executable by said central processing unit , for determining if said temporary digital certificate is valid , for writing said selected portion of said transaction information to said universal card if said temporary digital certificate is deemed valid , and for preventing said selected portion of said transaction information from being written to said universal card when said temporary digital certificate is deemed invalid . |
| US8869249B2 CLAIM 20 . The method of claim 19 , wherein the access code is sent to the user via a different communication channel from which the first user (service provider) authentication information is received . |
US6016476A CLAIM 1 . A portable information and transaction processing device , comprising : a central processing unit ; a memory device , operatively coupled to said central processing unit , for storing transaction information comprising one of financial information , personal information , and a combination thereof ; communication means for establishing a communication link with a central server of a service provider (first user) , disposed at a remote location , to download a temporary digital certificate issued by said service provider ; a user interface , operatively coupled to said central processing unit , for selecting at least a portion of said transaction information ; a card reader ; a universal card having a unique card number designated to a subscribing user of said service provider , wherein the universal card is inserted into said card reader to receive said selected portion of said transaction information ; and programming means , executable by said central processing unit , for determining if said temporary digital certificate is valid , for writing said selected portion of said transaction information to said universal card if said temporary digital certificate is deemed valid , and for preventing said selected portion of said transaction information from being written to said universal card when said temporary digital certificate is deemed invalid . |
| US8869249B2 Filed: 2002-01-18 Issued: 2014-10-21 Protecting information on a computer system using multiple authentication methods (Original Assignee) PeopleChart Corp (Current Assignee) PeopleChart Corp R. David Holvey, Arthur Douglas Jopling | US6003032A Filed: 1997-12-12 Issued: 1999-12-14 Data communication system (Original Assignee) Sony International Europe GmbH (Current Assignee) Sony International Europe GmbH William Bunney, Kozo Tetsuya |
|---|---|
| US8869249B2 CLAIM 1 . A method comprising : receiving , for a user , first user authentication information for a first authentication method ; receiving , for the user , second user (said server) authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving , by a computing device , a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US6003032A CLAIM 1 . A server computer for a data communication system adapted to transmit a document via a network to a client computer in response to a request therefrom ; said server (second user) comprising : article memory means for storing a plurality of article documents and respective bibliographic data ; selection rule storage means for receiving from a system administrator and storing an article document selection rule ; automatic document assembly means for retrieving from said article memory means a subset of said plurality of article documents and assembling a document from at least part of each of said subset of article documents , said subset of article documents being selected according to the respective bibliographic data using said article document selection rule ; and transmission means responsive to said request for transmitting the assembled document onto said network for delivery to said client computer . |
| US8869249B2 CLAIM 3 . The method of claim 1 , wherein the period of time starts upon authenticating the second user (said server) authentication information as long as the second user authentication information is authenticated within a prescheduled period of time . |
US6003032A CLAIM 1 . A server computer for a data communication system adapted to transmit a document via a network to a client computer in response to a request therefrom ; said server (second user) comprising : article memory means for storing a plurality of article documents and respective bibliographic data ; selection rule storage means for receiving from a system administrator and storing an article document selection rule ; automatic document assembly means for retrieving from said article memory means a subset of said plurality of article documents and assembling a document from at least part of each of said subset of article documents , said subset of article documents being selected according to the respective bibliographic data using said article document selection rule ; and transmission means responsive to said request for transmitting the assembled document onto said network for delivery to said client computer . |
| US8869249B2 CLAIM 4 . The method of claim 1 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user authentication information and the second user (said server) authentication information are authenticated . |
US6003032A CLAIM 1 . A server computer for a data communication system adapted to transmit a document via a network to a client computer in response to a request therefrom ; said server (second user) comprising : article memory means for storing a plurality of article documents and respective bibliographic data ; selection rule storage means for receiving from a system administrator and storing an article document selection rule ; automatic document assembly means for retrieving from said article memory means a subset of said plurality of article documents and assembling a document from at least part of each of said subset of article documents , said subset of article documents being selected according to the respective bibliographic data using said article document selection rule ; and transmission means responsive to said request for transmitting the assembled document onto said network for delivery to said client computer . |
| US8869249B2 CLAIM 7 . The method of claim 1 , wherein the second user (said server) authentication information comprises an access code . |
US6003032A CLAIM 1 . A server computer for a data communication system adapted to transmit a document via a network to a client computer in response to a request therefrom ; said server (second user) comprising : article memory means for storing a plurality of article documents and respective bibliographic data ; selection rule storage means for receiving from a system administrator and storing an article document selection rule ; automatic document assembly means for retrieving from said article memory means a subset of said plurality of article documents and assembling a document from at least part of each of said subset of article documents , said subset of article documents being selected according to the respective bibliographic data using said article document selection rule ; and transmission means responsive to said request for transmitting the assembled document onto said network for delivery to said client computer . |
| US8869249B2 CLAIM 11 . A non-transitory computer-readable storage medium containing instructions for controlling a computer system to be configured for : receiving , for a user , first user authentication information for a first authentication method ; receiving , for the user , second user (said server) authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing system , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US6003032A CLAIM 1 . A server computer for a data communication system adapted to transmit a document via a network to a client computer in response to a request therefrom ; said server (second user) comprising : article memory means for storing a plurality of article documents and respective bibliographic data ; selection rule storage means for receiving from a system administrator and storing an article document selection rule ; automatic document assembly means for retrieving from said article memory means a subset of said plurality of article documents and assembling a document from at least part of each of said subset of article documents , said subset of article documents being selected according to the respective bibliographic data using said article document selection rule ; and transmission means responsive to said request for transmitting the assembled document onto said network for delivery to said client computer . |
| US8869249B2 CLAIM 12 . The non-transitory computer-readable storage medium of claim 11 , further configured for : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user authentication information and the second user (said server) authentication information are authenticated . |
US6003032A CLAIM 1 . A server computer for a data communication system adapted to transmit a document via a network to a client computer in response to a request therefrom ; said server (second user) comprising : article memory means for storing a plurality of article documents and respective bibliographic data ; selection rule storage means for receiving from a system administrator and storing an article document selection rule ; automatic document assembly means for retrieving from said article memory means a subset of said plurality of article documents and assembling a document from at least part of each of said subset of article documents , said subset of article documents being selected according to the respective bibliographic data using said article document selection rule ; and transmission means responsive to said request for transmitting the assembled document onto said network for delivery to said client computer . |
| US8869249B2 CLAIM 13 . The non-transitory computer-readable storage medium of claim 11 , wherein the second user (said server) authentication information comprises an access code . |
US6003032A CLAIM 1 . A server computer for a data communication system adapted to transmit a document via a network to a client computer in response to a request therefrom ; said server (second user) comprising : article memory means for storing a plurality of article documents and respective bibliographic data ; selection rule storage means for receiving from a system administrator and storing an article document selection rule ; automatic document assembly means for retrieving from said article memory means a subset of said plurality of article documents and assembling a document from at least part of each of said subset of article documents , said subset of article documents being selected according to the respective bibliographic data using said article document selection rule ; and transmission means responsive to said request for transmitting the assembled document onto said network for delivery to said client computer . |
| US8869249B2 CLAIM 15 . A method comprising : receiving , for a user , first user authentication information for a first authentication method ; upon authenticating the first user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device after receiving , for the user , a second user (said server) authentication information , wherein the front-end storage device is accessible to a user device for the user via a network and the back-end storage device is not directly connected to the network ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the second user authentication information , enabling , by a computing device , user access (system administrator) to the subset of data that has been moved to the front-end storage device via the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US6003032A CLAIM 1 . A server computer for a data communication system adapted to transmit a document via a network to a client computer in response to a request therefrom ; said server (second user) comprising : article memory means for storing a plurality of article documents and respective bibliographic data ; selection rule storage means for receiving from a system administrator (user access) and storing an article document selection rule ; automatic document assembly means for retrieving from said article memory means a subset of said plurality of article documents and assembling a document from at least part of each of said subset of article documents , said subset of article documents being selected according to the respective bibliographic data using said article document selection rule ; and transmission means responsive to said request for transmitting the assembled document onto said network for delivery to said client computer . |
| US8869249B2 CLAIM 16 . The method of claim 15 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user authentication information and the second user (said server) authentication information are authenticated . |
US6003032A CLAIM 1 . A server computer for a data communication system adapted to transmit a document via a network to a client computer in response to a request therefrom ; said server (second user) comprising : article memory means for storing a plurality of article documents and respective bibliographic data ; selection rule storage means for receiving from a system administrator and storing an article document selection rule ; automatic document assembly means for retrieving from said article memory means a subset of said plurality of article documents and assembling a document from at least part of each of said subset of article documents , said subset of article documents being selected according to the respective bibliographic data using said article document selection rule ; and transmission means responsive to said request for transmitting the assembled document onto said network for delivery to said client computer . |
| US8869249B2 CLAIM 18 . The method of claim 15 , wherein the second user (said server) authentication information comprises an access code . |
US6003032A CLAIM 1 . A server computer for a data communication system adapted to transmit a document via a network to a client computer in response to a request therefrom ; said server (second user) comprising : article memory means for storing a plurality of article documents and respective bibliographic data ; selection rule storage means for receiving from a system administrator and storing an article document selection rule ; automatic document assembly means for retrieving from said article memory means a subset of said plurality of article documents and assembling a document from at least part of each of said subset of article documents , said subset of article documents being selected according to the respective bibliographic data using said article document selection rule ; and transmission means responsive to said request for transmitting the assembled document onto said network for delivery to said client computer . |
| US8869249B2 Filed: 2002-01-18 Issued: 2014-10-21 Protecting information on a computer system using multiple authentication methods (Original Assignee) PeopleChart Corp (Current Assignee) PeopleChart Corp R. David Holvey, Arthur Douglas Jopling | US6105131A Filed: 1997-11-26 Issued: 2000-08-15 Secure server and method of operation for a distributed information system (Original Assignee) International Business Machines Corp (Current Assignee) International Business Machines Corp Robert B. Carroll |
|---|---|
| US8869249B2 CLAIM 1 . A method comprising : receiving , for a user , first user (service provider) authentication information for a first authentication method ; receiving , for the user , second user authentication information for a second authentication (access key) method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving , by a computing device , a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires (key base) , the subset of data is removed from the front-end storage device . |
US6105131A CLAIM 3 . The secure distributed information system of claim 2 wherein the secure server further comprises : a . virtual logon means for providing virtual log-on using public-key base (time expires) d authentication . US6105131A CLAIM 6 . The secure distributed information system of claim 1 further comprising : (a) a service provider (first user) server connected to the secure server , wherein the secure server authenticates user terminal access to the service provider server . US6105131A CLAIM 10 . A secure distribute information system comprising : (a) a user access means for transmitting and receiving user data , access key (second authentication, second authentication method) s and certificates ; (b) a storage means for storing data and processes , wherein the storage means is partitioned and access to a partition is granted only after partition specific authentication ; (c) a interconnection means for linking the user access means and the storage means ; and (d) a virtual logon means for isolating interaction from user access means to specific storage means and only to those specific storage means , the virtual logon means including automatic key and certificate authentication . |
| US8869249B2 CLAIM 4 . The method of claim 1 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user (service provider) authentication information and the second user authentication information are authenticated . |
US6105131A CLAIM 6 . The secure distributed information system of claim 1 further comprising : (a) a service provider (first user) server connected to the secure server , wherein the secure server authenticates user terminal access to the service provider server . |
| US8869249B2 CLAIM 8 . The method of claim 7 , further comprising sending the access code to the user upon receiving the first user (service provider) authentication information . |
US6105131A CLAIM 6 . The secure distributed information system of claim 1 further comprising : (a) a service provider (first user) server connected to the secure server , wherein the secure server authenticates user terminal access to the service provider server . |
| US8869249B2 CLAIM 10 . The method of claim 8 , wherein the access code is sent to the user via a different communication channel from which the first user (service provider) authentication information is received . |
US6105131A CLAIM 6 . The secure distributed information system of claim 1 further comprising : (a) a service provider (first user) server connected to the secure server , wherein the secure server authenticates user terminal access to the service provider server . |
| US8869249B2 CLAIM 11 . A non-transitory computer-readable storage medium containing instructions for controlling a computer system to be configured for : receiving , for a user , first user (service provider) authentication information for a first authentication method ; receiving , for the user , second user authentication information for a second authentication (access key) method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing system , wherein after the period of time expires (key base) , the subset of data is removed from the front-end storage device . |
US6105131A CLAIM 3 . The secure distributed information system of claim 2 wherein the secure server further comprises : a . virtual logon means for providing virtual log-on using public-key base (time expires) d authentication . US6105131A CLAIM 6 . The secure distributed information system of claim 1 further comprising : (a) a service provider (first user) server connected to the secure server , wherein the secure server authenticates user terminal access to the service provider server . US6105131A CLAIM 10 . A secure distribute information system comprising : (a) a user access means for transmitting and receiving user data , access key (second authentication, second authentication method) s and certificates ; (b) a storage means for storing data and processes , wherein the storage means is partitioned and access to a partition is granted only after partition specific authentication ; (c) a interconnection means for linking the user access means and the storage means ; and (d) a virtual logon means for isolating interaction from user access means to specific storage means and only to those specific storage means , the virtual logon means including automatic key and certificate authentication . |
| US8869249B2 CLAIM 12 . The non-transitory computer-readable storage medium of claim 11 , further configured for : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user (service provider) authentication information and the second user authentication information are authenticated . |
US6105131A CLAIM 6 . The secure distributed information system of claim 1 further comprising : (a) a service provider (first user) server connected to the secure server , wherein the secure server authenticates user terminal access to the service provider server . |
| US8869249B2 CLAIM 14 . The non-transitory computer-readable storage medium of claim 13 , wherein the access code is sent to the user via a different communication channel from which the first user (service provider) authentication information is received . |
US6105131A CLAIM 6 . The secure distributed information system of claim 1 further comprising : (a) a service provider (first user) server connected to the secure server , wherein the secure server authenticates user terminal access to the service provider server . |
| US8869249B2 CLAIM 15 . A method comprising : receiving , for a user , first user (service provider) authentication information for a first authentication method ; upon authenticating the first user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device after receiving , for the user , a second user authentication information , wherein the front-end storage device is accessible to a user device for the user via a network and the back-end storage device is not directly connected to the network ; receiving , for the user , second user authentication information for a second authentication (access key) method , the second authentication method being different from the first authentication method ; upon authenticating the second user authentication information , enabling , by a computing device , user access (user access) to the subset of data that has been moved to the front-end storage device via the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires (key base) , the subset of data is removed from the front-end storage device . |
US6105131A CLAIM 3 . The secure distributed information system of claim 2 wherein the secure server further comprises : a . virtual logon means for providing virtual log-on using public-key base (time expires) d authentication . US6105131A CLAIM 6 . The secure distributed information system of claim 1 further comprising : (a) a service provider (first user) server connected to the secure server , wherein the secure server authenticates user terminal access to the service provider server . US6105131A CLAIM 10 . A secure distribute information system comprising : (a) a user access (user access) means for transmitting and receiving user data , access key (second authentication, second authentication method) s and certificates ; (b) a storage means for storing data and processes , wherein the storage means is partitioned and access to a partition is granted only after partition specific authentication ; (c) a interconnection means for linking the user access means and the storage means ; and (d) a virtual logon means for isolating interaction from user access means to specific storage means and only to those specific storage means , the virtual logon means including automatic key and certificate authentication . |
| US8869249B2 CLAIM 16 . The method of claim 15 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user (service provider) authentication information and the second user authentication information are authenticated . |
US6105131A CLAIM 6 . The secure distributed information system of claim 1 further comprising : (a) a service provider (first user) server connected to the secure server , wherein the secure server authenticates user terminal access to the service provider server . |
| US8869249B2 CLAIM 19 . The method of claim 18 , further comprising sending the access code to the user upon receiving the first user (service provider) authentication information . |
US6105131A CLAIM 6 . The secure distributed information system of claim 1 further comprising : (a) a service provider (first user) server connected to the secure server , wherein the secure server authenticates user terminal access to the service provider server . |
| US8869249B2 CLAIM 20 . The method of claim 19 , wherein the access code is sent to the user via a different communication channel from which the first user (service provider) authentication information is received . |
US6105131A CLAIM 6 . The secure distributed information system of claim 1 further comprising : (a) a service provider (first user) server connected to the secure server , wherein the secure server authenticates user terminal access to the service provider server . |
| US8869249B2 Filed: 2002-01-18 Issued: 2014-10-21 Protecting information on a computer system using multiple authentication methods (Original Assignee) PeopleChart Corp (Current Assignee) PeopleChart Corp R. David Holvey, Arthur Douglas Jopling | US6275937B1 Filed: 1997-11-26 Issued: 2001-08-14 Collaborative server processing of content and meta-information with application to virus checking in a server network (Original Assignee) International Business Machines Corp (Current Assignee) Trend Micro Inc Brent Tzion Hailpern, Peter Kenneth Malkin, Robert Jeffrey Schloss, Steve R. White, Philip Shi-lung Yu, Charles Campbell Palmer |
|---|---|
| US8869249B2 CLAIM 1 . A method comprising : receiving , for a user , first user authentication information for a first authentication method ; receiving , for the user , second user (said server) authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving , by a computing device , a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US6275937B1 CLAIM 10 . In a network of servers , a method for processing an object having meta information associated therewith , said method comprising : (a) processing said object' ; s content at a server of said network of servers , said processing of object content being pursuant to said meta information associated with said object ; (b) modifying said meta information associated with said object to reflect said processing (a) of said object ; and (c) further comprising deciding at said server (second user) whether to perform said processing (a) of said object content , said deciding comprising considering at least one of current processing load of said server , or a number of prior requests for said object . |
| US8869249B2 CLAIM 3 . The method of claim 1 , wherein the period of time starts upon authenticating the second user (said server) authentication information as long as the second user authentication information is authenticated within a prescheduled period of time . |
US6275937B1 CLAIM 10 . In a network of servers , a method for processing an object having meta information associated therewith , said method comprising : (a) processing said object' ; s content at a server of said network of servers , said processing of object content being pursuant to said meta information associated with said object ; (b) modifying said meta information associated with said object to reflect said processing (a) of said object ; and (c) further comprising deciding at said server (second user) whether to perform said processing (a) of said object content , said deciding comprising considering at least one of current processing load of said server , or a number of prior requests for said object . |
| US8869249B2 CLAIM 4 . The method of claim 1 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user authentication information and the second user (said server) authentication information are authenticated . |
US6275937B1 CLAIM 10 . In a network of servers , a method for processing an object having meta information associated therewith , said method comprising : (a) processing said object' ; s content at a server of said network of servers , said processing of object content being pursuant to said meta information associated with said object ; (b) modifying said meta information associated with said object to reflect said processing (a) of said object ; and (c) further comprising deciding at said server (second user) whether to perform said processing (a) of said object content , said deciding comprising considering at least one of current processing load of said server , or a number of prior requests for said object . |
| US8869249B2 CLAIM 7 . The method of claim 1 , wherein the second user (said server) authentication information comprises an access code . |
US6275937B1 CLAIM 10 . In a network of servers , a method for processing an object having meta information associated therewith , said method comprising : (a) processing said object' ; s content at a server of said network of servers , said processing of object content being pursuant to said meta information associated with said object ; (b) modifying said meta information associated with said object to reflect said processing (a) of said object ; and (c) further comprising deciding at said server (second user) whether to perform said processing (a) of said object content , said deciding comprising considering at least one of current processing load of said server , or a number of prior requests for said object . |
| US8869249B2 CLAIM 9 . The method of claim 8 , wherein the access code is sent to the user via a communication path (communication path) that has been previously established . |
US6275937B1 CLAIM 31 . The method of claim 30 , wherein said multiple servers are within a communication path (communication path) defined between a client and a content server of said network of servers , said content server providing said object content . |
| US8869249B2 CLAIM 11 . A non-transitory computer-readable storage medium containing instructions for controlling a computer system to be configured for : receiving , for a user , first user authentication information for a first authentication method ; receiving , for the user , second user (said server) authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing system , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US6275937B1 CLAIM 10 . In a network of servers , a method for processing an object having meta information associated therewith , said method comprising : (a) processing said object' ; s content at a server of said network of servers , said processing of object content being pursuant to said meta information associated with said object ; (b) modifying said meta information associated with said object to reflect said processing (a) of said object ; and (c) further comprising deciding at said server (second user) whether to perform said processing (a) of said object content , said deciding comprising considering at least one of current processing load of said server , or a number of prior requests for said object . |
| US8869249B2 CLAIM 12 . The non-transitory computer-readable storage medium of claim 11 , further configured for : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user authentication information and the second user (said server) authentication information are authenticated . |
US6275937B1 CLAIM 10 . In a network of servers , a method for processing an object having meta information associated therewith , said method comprising : (a) processing said object' ; s content at a server of said network of servers , said processing of object content being pursuant to said meta information associated with said object ; (b) modifying said meta information associated with said object to reflect said processing (a) of said object ; and (c) further comprising deciding at said server (second user) whether to perform said processing (a) of said object content , said deciding comprising considering at least one of current processing load of said server , or a number of prior requests for said object . |
| US8869249B2 CLAIM 13 . The non-transitory computer-readable storage medium of claim 11 , wherein the second user (said server) authentication information comprises an access code . |
US6275937B1 CLAIM 10 . In a network of servers , a method for processing an object having meta information associated therewith , said method comprising : (a) processing said object' ; s content at a server of said network of servers , said processing of object content being pursuant to said meta information associated with said object ; (b) modifying said meta information associated with said object to reflect said processing (a) of said object ; and (c) further comprising deciding at said server (second user) whether to perform said processing (a) of said object content , said deciding comprising considering at least one of current processing load of said server , or a number of prior requests for said object . |
| US8869249B2 CLAIM 15 . A method comprising : receiving , for a user , first user authentication information for a first authentication method ; upon authenticating the first user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device after receiving , for the user , a second user (said server) authentication information , wherein the front-end storage device is accessible to a user device for the user via a network and the back-end storage device is not directly connected to the network ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the second user authentication information , enabling , by a computing device , user access to the subset of data that has been moved to the front-end storage device via the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US6275937B1 CLAIM 10 . In a network of servers , a method for processing an object having meta information associated therewith , said method comprising : (a) processing said object' ; s content at a server of said network of servers , said processing of object content being pursuant to said meta information associated with said object ; (b) modifying said meta information associated with said object to reflect said processing (a) of said object ; and (c) further comprising deciding at said server (second user) whether to perform said processing (a) of said object content , said deciding comprising considering at least one of current processing load of said server , or a number of prior requests for said object . |
| US8869249B2 CLAIM 16 . The method of claim 15 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user authentication information and the second user (said server) authentication information are authenticated . |
US6275937B1 CLAIM 10 . In a network of servers , a method for processing an object having meta information associated therewith , said method comprising : (a) processing said object' ; s content at a server of said network of servers , said processing of object content being pursuant to said meta information associated with said object ; (b) modifying said meta information associated with said object to reflect said processing (a) of said object ; and (c) further comprising deciding at said server (second user) whether to perform said processing (a) of said object content , said deciding comprising considering at least one of current processing load of said server , or a number of prior requests for said object . |
| US8869249B2 CLAIM 18 . The method of claim 15 , wherein the second user (said server) authentication information comprises an access code . |
US6275937B1 CLAIM 10 . In a network of servers , a method for processing an object having meta information associated therewith , said method comprising : (a) processing said object' ; s content at a server of said network of servers , said processing of object content being pursuant to said meta information associated with said object ; (b) modifying said meta information associated with said object to reflect said processing (a) of said object ; and (c) further comprising deciding at said server (second user) whether to perform said processing (a) of said object content , said deciding comprising considering at least one of current processing load of said server , or a number of prior requests for said object . |
| US8869249B2 Filed: 2002-01-18 Issued: 2014-10-21 Protecting information on a computer system using multiple authentication methods (Original Assignee) PeopleChart Corp (Current Assignee) PeopleChart Corp R. David Holvey, Arthur Douglas Jopling | US6092196A Filed: 1997-11-25 Issued: 2000-07-18 HTTP distributed remote user authentication system (Original Assignee) Nortel Networks Ltd (Current Assignee) RPX Clearinghouse LLC Albert Reiche |
|---|---|
| US8869249B2 CLAIM 1 . A method comprising : receiving , for a user , first user authentication information for a first authentication method (verification unit) ; receiving , for the user , second user (said database, said server) authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving , by a computing device , a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device (said database, said server) for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US6092196A CLAIM 3 . An authentication server as defined in claim 2 , wherein said authentication server is also operable in response to a query from the first node to grant a resource access right to a particular user in dependence of the user identification data elements in said database (second user, user device, user device access, user access) characterizing the particular user . US6092196A CLAIM 7 . An authentication server as defined in claim 6 , wherein the communication directed from said authentication server to the first node includes a status code indicative of whether said verification unit (first authentication method) has granted an access right to the user . US6092196A CLAIM 9 . An authentication server as defined in claim 8 , wherein said server (second user, user device, user device access, user access) is responsive to the communication including the URL string to create a record of data indicative of the transaction ID data . |
| US8869249B2 CLAIM 3 . The method of claim 1 , wherein the period of time starts upon authenticating the second user (said database, said server) authentication information as long as the second user authentication information is authenticated within a prescheduled period of time . |
US6092196A CLAIM 3 . An authentication server as defined in claim 2 , wherein said authentication server is also operable in response to a query from the first node to grant a resource access right to a particular user in dependence of the user identification data elements in said database (second user, user device, user device access, user access) characterizing the particular user . US6092196A CLAIM 9 . An authentication server as defined in claim 8 , wherein said server (second user, user device, user device access, user access) is responsive to the communication including the URL string to create a record of data indicative of the transaction ID data . |
| US8869249B2 CLAIM 4 . The method of claim 1 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user authentication information and the second user (said database, said server) authentication information are authenticated . |
US6092196A CLAIM 3 . An authentication server as defined in claim 2 , wherein said authentication server is also operable in response to a query from the first node to grant a resource access right to a particular user in dependence of the user identification data elements in said database (second user, user device, user device access, user access) characterizing the particular user . US6092196A CLAIM 9 . An authentication server as defined in claim 8 , wherein said server (second user, user device, user device access, user access) is responsive to the communication including the URL string to create a record of data indicative of the transaction ID data . |
| US8869249B2 CLAIM 7 . The method of claim 1 , wherein the second user (said database, said server) authentication information comprises an access code . |
US6092196A CLAIM 3 . An authentication server as defined in claim 2 , wherein said authentication server is also operable in response to a query from the first node to grant a resource access right to a particular user in dependence of the user identification data elements in said database (second user, user device, user device access, user access) characterizing the particular user . US6092196A CLAIM 9 . An authentication server as defined in claim 8 , wherein said server (second user, user device, user device access, user access) is responsive to the communication including the URL string to create a record of data indicative of the transaction ID data . |
| US8869249B2 CLAIM 10 . The method of claim 8 , wherein the access code is sent to the user via a different communication (inquiry message) channel from which the first user authentication information is received . |
US6092196A CLAIM 10 . An authentication server as defined in claim 9 , wherein said verification unit is responsive to an access grant inquiry message (different communication, different communication channel) containing data corresponding to said record to direct to the first node the communication containing data permitting the first node to generate and transmit to the second node an access grant mark . |
| US8869249B2 CLAIM 11 . A non-transitory computer-readable storage medium containing instructions for controlling a computer system to be configured for : receiving , for a user , first user authentication information for a first authentication method (verification unit) ; receiving , for the user , second user (said database, said server) authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device (said database, said server) for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing system , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US6092196A CLAIM 3 . An authentication server as defined in claim 2 , wherein said authentication server is also operable in response to a query from the first node to grant a resource access right to a particular user in dependence of the user identification data elements in said database (second user, user device, user device access, user access) characterizing the particular user . US6092196A CLAIM 7 . An authentication server as defined in claim 6 , wherein the communication directed from said authentication server to the first node includes a status code indicative of whether said verification unit (first authentication method) has granted an access right to the user . US6092196A CLAIM 9 . An authentication server as defined in claim 8 , wherein said server (second user, user device, user device access, user access) is responsive to the communication including the URL string to create a record of data indicative of the transaction ID data . |
| US8869249B2 CLAIM 12 . The non-transitory computer-readable storage medium of claim 11 , further configured for : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user authentication information and the second user (said database, said server) authentication information are authenticated . |
US6092196A CLAIM 3 . An authentication server as defined in claim 2 , wherein said authentication server is also operable in response to a query from the first node to grant a resource access right to a particular user in dependence of the user identification data elements in said database (second user, user device, user device access, user access) characterizing the particular user . US6092196A CLAIM 9 . An authentication server as defined in claim 8 , wherein said server (second user, user device, user device access, user access) is responsive to the communication including the URL string to create a record of data indicative of the transaction ID data . |
| US8869249B2 CLAIM 13 . The non-transitory computer-readable storage medium of claim 11 , wherein the second user (said database, said server) authentication information comprises an access code . |
US6092196A CLAIM 3 . An authentication server as defined in claim 2 , wherein said authentication server is also operable in response to a query from the first node to grant a resource access right to a particular user in dependence of the user identification data elements in said database (second user, user device, user device access, user access) characterizing the particular user . US6092196A CLAIM 9 . An authentication server as defined in claim 8 , wherein said server (second user, user device, user device access, user access) is responsive to the communication including the URL string to create a record of data indicative of the transaction ID data . |
| US8869249B2 CLAIM 14 . The non-transitory computer-readable storage medium of claim 13 , wherein the access code is sent to the user via a different communication (inquiry message) channel from which the first user authentication information is received . |
US6092196A CLAIM 10 . An authentication server as defined in claim 9 , wherein said verification unit is responsive to an access grant inquiry message (different communication, different communication channel) containing data corresponding to said record to direct to the first node the communication containing data permitting the first node to generate and transmit to the second node an access grant mark . |
| US8869249B2 CLAIM 15 . A method comprising : receiving , for a user , first user authentication information for a first authentication method (verification unit) ; upon authenticating the first user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device after receiving , for the user , a second user (said database, said server) authentication information , wherein the front-end storage device is accessible to a user device (said database, said server) for the user via a network and the back-end storage device is not directly connected to the network ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the second user authentication information , enabling , by a computing device , user access (said database, said server) to the subset of data that has been moved to the front-end storage device via the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US6092196A CLAIM 3 . An authentication server as defined in claim 2 , wherein said authentication server is also operable in response to a query from the first node to grant a resource access right to a particular user in dependence of the user identification data elements in said database (second user, user device, user device access, user access) characterizing the particular user . US6092196A CLAIM 7 . An authentication server as defined in claim 6 , wherein the communication directed from said authentication server to the first node includes a status code indicative of whether said verification unit (first authentication method) has granted an access right to the user . US6092196A CLAIM 9 . An authentication server as defined in claim 8 , wherein said server (second user, user device, user device access, user access) is responsive to the communication including the URL string to create a record of data indicative of the transaction ID data . |
| US8869249B2 CLAIM 16 . The method of claim 15 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user authentication information and the second user (said database, said server) authentication information are authenticated . |
US6092196A CLAIM 3 . An authentication server as defined in claim 2 , wherein said authentication server is also operable in response to a query from the first node to grant a resource access right to a particular user in dependence of the user identification data elements in said database (second user, user device, user device access, user access) characterizing the particular user . US6092196A CLAIM 9 . An authentication server as defined in claim 8 , wherein said server (second user, user device, user device access, user access) is responsive to the communication including the URL string to create a record of data indicative of the transaction ID data . |
| US8869249B2 CLAIM 18 . The method of claim 15 , wherein the second user (said database, said server) authentication information comprises an access code . |
US6092196A CLAIM 3 . An authentication server as defined in claim 2 , wherein said authentication server is also operable in response to a query from the first node to grant a resource access right to a particular user in dependence of the user identification data elements in said database (second user, user device, user device access, user access) characterizing the particular user . US6092196A CLAIM 9 . An authentication server as defined in claim 8 , wherein said server (second user, user device, user device access, user access) is responsive to the communication including the URL string to create a record of data indicative of the transaction ID data . |
| US8869249B2 CLAIM 20 . The method of claim 19 , wherein the access code is sent to the user via a different communication (inquiry message) channel from which the first user authentication information is received . |
US6092196A CLAIM 10 . An authentication server as defined in claim 9 , wherein said verification unit is responsive to an access grant inquiry message (different communication, different communication channel) containing data corresponding to said record to direct to the first node the communication containing data permitting the first node to generate and transmit to the second node an access grant mark . |
| US8869249B2 Filed: 2002-01-18 Issued: 2014-10-21 Protecting information on a computer system using multiple authentication methods (Original Assignee) PeopleChart Corp (Current Assignee) PeopleChart Corp R. David Holvey, Arthur Douglas Jopling | US6151601A Filed: 1997-11-12 Issued: 2000-11-21 Computer architecture and method for collecting, analyzing and/or transforming internet and/or electronic commerce data for storage into a data storage area (Original Assignee) NCR Corp (Current Assignee) NCR Corp Karen A. Papierniak, James E. Thaisz, Anjali M. Diwekar, Luo-Jen Chiang |
|---|---|
| US8869249B2 CLAIM 1 . A method comprising : receiving , for a user , first user authentication information for a first authentication (computer instructions) method ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving , by a computing device , a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US6151601A CLAIM 31 . A computer program memory , storing computer instructions (first authentication, first authentication method) to collect , analyze and/or transform Internet and/or electronic commerce data of service providers including at least one of Internet service providers and commerce service providers received from one or more sources for storage into a data storage area for subsequent retrieval and analysis over one or more networks , the computer instructions including : (a) storing in a database the Internet and/or electronic commerce data for interrogation by the CSP ; (b) performing by at least one computer station at least one of the functions of : (1) transforming and organizing the business operational data into a format suitable to be loaded into the database ; (2) analyzing , and organizing the web server operational data pertaining to web page requests , accesses , and browsing into the format suitable to be loaded into said database ; (3) analyzing , and organizing the network operational data pertaining to network sessions and accesses into the format suitable to be loaded into the database ; (4) correlating the network sessions , and authorization and application access data to customers ; (5) creating directories of applications to facilitate the loading and access of information pertaining to on-line content or Internet and/or electronic commerce applications ; (6) translating raw system data pertaining to Internet and/or electronic commerce applications into a business context ; and (7) correlating the business operational data and the network operational data into one or more datasets prior to loading into said database . |
| US8869249B2 CLAIM 11 . A non-transitory computer-readable storage medium containing instructions for controlling a computer system (computer system) to be configured for : receiving , for a user , first user authentication information for a first authentication (computer instructions) method ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing system , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US6151601A CLAIM 1 . In a computer system (computer system) for supporting and analyzing Internet and/or electronic commerce data over the world wide web for service providers including at least one of commerce service providers and Internet service providers received from one or more sources , the computer system including at least one user station transmitting a user request , at least one server , connectable to said at least one user station , said at least one server providing said at least one user station access to one or more external data sources , and at least one data collection and analysis system , a mapping system for collecting , analyzing and/or transforming the Internet and/or electronic commerce data of the service providers for storage into a data storage area for subsequent retrieval and analysis , the Internet and/or electronic commerce data including at least one of business operational data and network operational data , said mapping system comprising : a database storing the Internet and/or electronic commerce data for interrogation by the service provider ; and at least one computer station , responsively connectable to said database and including data transformation and database load utilities , said at least one computer station performing at least one of the functions of : transforming and organizing the business operational data into a format suitable to be loaded into said database ; analyzing , and organizing the network operational data pertaining to network sessions and accesses into the format suitable to be loaded into said database ; analyzing , and organizing the web server operational data pertaining to web page requests , accesses , and browsing into the format suitable to be loaded into said database ; correlating the network sessions , accounting data , authorization data and web access data to at customers including at least one of individuals and groups ; creating categories to facilitate the loading and access of information pertaining to on-line content or Internet and/or electronic commerce applications ; translating raw system data pertaining to Internet and/or electronic commerce applications into at least one of a business and marketing context ; and at least one of correlating the business operational data and the network operational data into one or more datasets prior to loading into said database , and referencing the one or more datasets in other databases . US6151601A CLAIM 31 . A computer program memory , storing computer instructions (first authentication, first authentication method) to collect , analyze and/or transform Internet and/or electronic commerce data of service providers including at least one of Internet service providers and commerce service providers received from one or more sources for storage into a data storage area for subsequent retrieval and analysis over one or more networks , the computer instructions including : (a) storing in a database the Internet and/or electronic commerce data for interrogation by the CSP ; (b) performing by at least one computer station at least one of the functions of : (1) transforming and organizing the business operational data into a format suitable to be loaded into the database ; (2) analyzing , and organizing the web server operational data pertaining to web page requests , accesses , and browsing into the format suitable to be loaded into said database ; (3) analyzing , and organizing the network operational data pertaining to network sessions and accesses into the format suitable to be loaded into the database ; (4) correlating the network sessions , and authorization and application access data to customers ; (5) creating directories of applications to facilitate the loading and access of information pertaining to on-line content or Internet and/or electronic commerce applications ; (6) translating raw system data pertaining to Internet and/or electronic commerce applications into a business context ; and (7) correlating the business operational data and the network operational data into one or more datasets prior to loading into said database . |
| US8869249B2 CLAIM 15 . A method comprising : receiving , for a user , first user authentication information for a first authentication (computer instructions) method ; upon authenticating the first user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device after receiving , for the user , a second user authentication information , wherein the front-end storage device is accessible to a user device for the user via a network and the back-end storage device is not directly connected to the network ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the second user authentication information , enabling , by a computing device , user access to the subset of data that has been moved to the front-end storage device via the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US6151601A CLAIM 31 . A computer program memory , storing computer instructions (first authentication, first authentication method) to collect , analyze and/or transform Internet and/or electronic commerce data of service providers including at least one of Internet service providers and commerce service providers received from one or more sources for storage into a data storage area for subsequent retrieval and analysis over one or more networks , the computer instructions including : (a) storing in a database the Internet and/or electronic commerce data for interrogation by the CSP ; (b) performing by at least one computer station at least one of the functions of : (1) transforming and organizing the business operational data into a format suitable to be loaded into the database ; (2) analyzing , and organizing the web server operational data pertaining to web page requests , accesses , and browsing into the format suitable to be loaded into said database ; (3) analyzing , and organizing the network operational data pertaining to network sessions and accesses into the format suitable to be loaded into the database ; (4) correlating the network sessions , and authorization and application access data to customers ; (5) creating directories of applications to facilitate the loading and access of information pertaining to on-line content or Internet and/or electronic commerce applications ; (6) translating raw system data pertaining to Internet and/or electronic commerce applications into a business context ; and (7) correlating the business operational data and the network operational data into one or more datasets prior to loading into said database . |
| US8869249B2 Filed: 2002-01-18 Issued: 2014-10-21 Protecting information on a computer system using multiple authentication methods (Original Assignee) PeopleChart Corp (Current Assignee) PeopleChart Corp R. David Holvey, Arthur Douglas Jopling | US6269369B1 Filed: 1997-11-02 Issued: 2001-07-31 Networked personal contact manager (Original Assignee) Amazon Corporate LLC (Current Assignee) Amazon Corporate LLC Brian D. Robertson |
|---|---|
| US8869249B2 CLAIM 1 . A method comprising : receiving , for a user , first user (first user) authentication information for a first authentication method ; receiving , for the user , second user (second user) authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving , by a computing device , a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US6269369B1 CLAIM 1 . A networked contact management system , comprising : a database which contains personal records of multiple users , each record including multiple fields , including fields for storing personal contact information ; and contact manager software which provides restricted access to the database through an interface in which (1) users select other users from the database to include in their own , respective virtual personal address books without the need to enter information for such users , (2) if a first user (first user) selects a second user (second user) to include in the first user' ; s virtual personal address book , the second user is provided an option to specify the types of information of the second user' ; s personal record to be viewable by the first user , (3) users directly update their own respective personal records within the database , and (4) the personal records stored within the database are at least partially viewable as virtual address book entries , so that updates made by users to their own respective personal records are reflected automatically within the virtual personal address books of other users without the need to propagate or separately apply the updates to individual address books . |
| US8869249B2 CLAIM 3 . The method of claim 1 , wherein the period of time starts upon authenticating the second user (second user) authentication information as long as the second user authentication information is authenticated within a prescheduled period of time . |
US6269369B1 CLAIM 1 . A networked contact management system , comprising : a database which contains personal records of multiple users , each record including multiple fields , including fields for storing personal contact information ; and contact manager software which provides restricted access to the database through an interface in which (1) users select other users from the database to include in their own , respective virtual personal address books without the need to enter information for such users , (2) if a first user selects a second user (second user) to include in the first user' ; s virtual personal address book , the second user is provided an option to specify the types of information of the second user' ; s personal record to be viewable by the first user , (3) users directly update their own respective personal records within the database , and (4) the personal records stored within the database are at least partially viewable as virtual address book entries , so that updates made by users to their own respective personal records are reflected automatically within the virtual personal address books of other users without the need to propagate or separately apply the updates to individual address books . |
| US8869249B2 CLAIM 4 . The method of claim 1 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user (first user) authentication information and the second user (second user) authentication information are authenticated . |
US6269369B1 CLAIM 1 . A networked contact management system , comprising : a database which contains personal records of multiple users , each record including multiple fields , including fields for storing personal contact information ; and contact manager software which provides restricted access to the database through an interface in which (1) users select other users from the database to include in their own , respective virtual personal address books without the need to enter information for such users , (2) if a first user (first user) selects a second user (second user) to include in the first user' ; s virtual personal address book , the second user is provided an option to specify the types of information of the second user' ; s personal record to be viewable by the first user , (3) users directly update their own respective personal records within the database , and (4) the personal records stored within the database are at least partially viewable as virtual address book entries , so that updates made by users to their own respective personal records are reflected automatically within the virtual personal address books of other users without the need to propagate or separately apply the updates to individual address books . |
| US8869249B2 CLAIM 7 . The method of claim 1 , wherein the second user (second user) authentication information comprises an access code . |
US6269369B1 CLAIM 1 . A networked contact management system , comprising : a database which contains personal records of multiple users , each record including multiple fields , including fields for storing personal contact information ; and contact manager software which provides restricted access to the database through an interface in which (1) users select other users from the database to include in their own , respective virtual personal address books without the need to enter information for such users , (2) if a first user selects a second user (second user) to include in the first user' ; s virtual personal address book , the second user is provided an option to specify the types of information of the second user' ; s personal record to be viewable by the first user , (3) users directly update their own respective personal records within the database , and (4) the personal records stored within the database are at least partially viewable as virtual address book entries , so that updates made by users to their own respective personal records are reflected automatically within the virtual personal address books of other users without the need to propagate or separately apply the updates to individual address books . |
| US8869249B2 CLAIM 8 . The method of claim 7 , further comprising sending the access code to the user upon receiving the first user (first user) authentication information . |
US6269369B1 CLAIM 1 . A networked contact management system , comprising : a database which contains personal records of multiple users , each record including multiple fields , including fields for storing personal contact information ; and contact manager software which provides restricted access to the database through an interface in which (1) users select other users from the database to include in their own , respective virtual personal address books without the need to enter information for such users , (2) if a first user (first user) selects a second user to include in the first user' ; s virtual personal address book , the second user is provided an option to specify the types of information of the second user' ; s personal record to be viewable by the first user , (3) users directly update their own respective personal records within the database , and (4) the personal records stored within the database are at least partially viewable as virtual address book entries , so that updates made by users to their own respective personal records are reflected automatically within the virtual personal address books of other users without the need to propagate or separately apply the updates to individual address books . |
| US8869249B2 CLAIM 10 . The method of claim 8 , wherein the access code is sent to the user via a different communication channel from which the first user (first user) authentication information is received . |
US6269369B1 CLAIM 1 . A networked contact management system , comprising : a database which contains personal records of multiple users , each record including multiple fields , including fields for storing personal contact information ; and contact manager software which provides restricted access to the database through an interface in which (1) users select other users from the database to include in their own , respective virtual personal address books without the need to enter information for such users , (2) if a first user (first user) selects a second user to include in the first user' ; s virtual personal address book , the second user is provided an option to specify the types of information of the second user' ; s personal record to be viewable by the first user , (3) users directly update their own respective personal records within the database , and (4) the personal records stored within the database are at least partially viewable as virtual address book entries , so that updates made by users to their own respective personal records are reflected automatically within the virtual personal address books of other users without the need to propagate or separately apply the updates to individual address books . |
| US8869249B2 CLAIM 11 . A non-transitory computer-readable storage medium containing instructions for controlling a computer system to be configured for : receiving , for a user , first user (first user) authentication information for a first authentication method ; receiving , for the user , second user (second user) authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing system , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US6269369B1 CLAIM 1 . A networked contact management system , comprising : a database which contains personal records of multiple users , each record including multiple fields , including fields for storing personal contact information ; and contact manager software which provides restricted access to the database through an interface in which (1) users select other users from the database to include in their own , respective virtual personal address books without the need to enter information for such users , (2) if a first user (first user) selects a second user (second user) to include in the first user' ; s virtual personal address book , the second user is provided an option to specify the types of information of the second user' ; s personal record to be viewable by the first user , (3) users directly update their own respective personal records within the database , and (4) the personal records stored within the database are at least partially viewable as virtual address book entries , so that updates made by users to their own respective personal records are reflected automatically within the virtual personal address books of other users without the need to propagate or separately apply the updates to individual address books . |
| US8869249B2 CLAIM 12 . The non-transitory computer-readable storage medium of claim 11 , further configured for : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user (first user) authentication information and the second user (second user) authentication information are authenticated . |
US6269369B1 CLAIM 1 . A networked contact management system , comprising : a database which contains personal records of multiple users , each record including multiple fields , including fields for storing personal contact information ; and contact manager software which provides restricted access to the database through an interface in which (1) users select other users from the database to include in their own , respective virtual personal address books without the need to enter information for such users , (2) if a first user (first user) selects a second user (second user) to include in the first user' ; s virtual personal address book , the second user is provided an option to specify the types of information of the second user' ; s personal record to be viewable by the first user , (3) users directly update their own respective personal records within the database , and (4) the personal records stored within the database are at least partially viewable as virtual address book entries , so that updates made by users to their own respective personal records are reflected automatically within the virtual personal address books of other users without the need to propagate or separately apply the updates to individual address books . |
| US8869249B2 CLAIM 13 . The non-transitory computer-readable storage medium of claim 11 , wherein the second user (second user) authentication information comprises an access code . |
US6269369B1 CLAIM 1 . A networked contact management system , comprising : a database which contains personal records of multiple users , each record including multiple fields , including fields for storing personal contact information ; and contact manager software which provides restricted access to the database through an interface in which (1) users select other users from the database to include in their own , respective virtual personal address books without the need to enter information for such users , (2) if a first user selects a second user (second user) to include in the first user' ; s virtual personal address book , the second user is provided an option to specify the types of information of the second user' ; s personal record to be viewable by the first user , (3) users directly update their own respective personal records within the database , and (4) the personal records stored within the database are at least partially viewable as virtual address book entries , so that updates made by users to their own respective personal records are reflected automatically within the virtual personal address books of other users without the need to propagate or separately apply the updates to individual address books . |
| US8869249B2 CLAIM 14 . The non-transitory computer-readable storage medium of claim 13 , wherein the access code is sent to the user via a different communication channel from which the first user (first user) authentication information is received . |
US6269369B1 CLAIM 1 . A networked contact management system , comprising : a database which contains personal records of multiple users , each record including multiple fields , including fields for storing personal contact information ; and contact manager software which provides restricted access to the database through an interface in which (1) users select other users from the database to include in their own , respective virtual personal address books without the need to enter information for such users , (2) if a first user (first user) selects a second user to include in the first user' ; s virtual personal address book , the second user is provided an option to specify the types of information of the second user' ; s personal record to be viewable by the first user , (3) users directly update their own respective personal records within the database , and (4) the personal records stored within the database are at least partially viewable as virtual address book entries , so that updates made by users to their own respective personal records are reflected automatically within the virtual personal address books of other users without the need to propagate or separately apply the updates to individual address books . |
| US8869249B2 CLAIM 15 . A method comprising : receiving , for a user , first user (first user) authentication information for a first authentication method ; upon authenticating the first user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device after receiving , for the user , a second user (second user) authentication information , wherein the front-end storage device is accessible to a user device for the user via a network and the back-end storage device is not directly connected to the network ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the second user authentication information , enabling , by a computing device , user access to the subset of data that has been moved to the front-end storage device via the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US6269369B1 CLAIM 1 . A networked contact management system , comprising : a database which contains personal records of multiple users , each record including multiple fields , including fields for storing personal contact information ; and contact manager software which provides restricted access to the database through an interface in which (1) users select other users from the database to include in their own , respective virtual personal address books without the need to enter information for such users , (2) if a first user (first user) selects a second user (second user) to include in the first user' ; s virtual personal address book , the second user is provided an option to specify the types of information of the second user' ; s personal record to be viewable by the first user , (3) users directly update their own respective personal records within the database , and (4) the personal records stored within the database are at least partially viewable as virtual address book entries , so that updates made by users to their own respective personal records are reflected automatically within the virtual personal address books of other users without the need to propagate or separately apply the updates to individual address books . |
| US8869249B2 CLAIM 16 . The method of claim 15 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user (first user) authentication information and the second user (second user) authentication information are authenticated . |
US6269369B1 CLAIM 1 . A networked contact management system , comprising : a database which contains personal records of multiple users , each record including multiple fields , including fields for storing personal contact information ; and contact manager software which provides restricted access to the database through an interface in which (1) users select other users from the database to include in their own , respective virtual personal address books without the need to enter information for such users , (2) if a first user (first user) selects a second user (second user) to include in the first user' ; s virtual personal address book , the second user is provided an option to specify the types of information of the second user' ; s personal record to be viewable by the first user , (3) users directly update their own respective personal records within the database , and (4) the personal records stored within the database are at least partially viewable as virtual address book entries , so that updates made by users to their own respective personal records are reflected automatically within the virtual personal address books of other users without the need to propagate or separately apply the updates to individual address books . |
| US8869249B2 CLAIM 18 . The method of claim 15 , wherein the second user (second user) authentication information comprises an access code . |
US6269369B1 CLAIM 1 . A networked contact management system , comprising : a database which contains personal records of multiple users , each record including multiple fields , including fields for storing personal contact information ; and contact manager software which provides restricted access to the database through an interface in which (1) users select other users from the database to include in their own , respective virtual personal address books without the need to enter information for such users , (2) if a first user selects a second user (second user) to include in the first user' ; s virtual personal address book , the second user is provided an option to specify the types of information of the second user' ; s personal record to be viewable by the first user , (3) users directly update their own respective personal records within the database , and (4) the personal records stored within the database are at least partially viewable as virtual address book entries , so that updates made by users to their own respective personal records are reflected automatically within the virtual personal address books of other users without the need to propagate or separately apply the updates to individual address books . |
| US8869249B2 CLAIM 19 . The method of claim 18 , further comprising sending the access code to the user upon receiving the first user (first user) authentication information . |
US6269369B1 CLAIM 1 . A networked contact management system , comprising : a database which contains personal records of multiple users , each record including multiple fields , including fields for storing personal contact information ; and contact manager software which provides restricted access to the database through an interface in which (1) users select other users from the database to include in their own , respective virtual personal address books without the need to enter information for such users , (2) if a first user (first user) selects a second user to include in the first user' ; s virtual personal address book , the second user is provided an option to specify the types of information of the second user' ; s personal record to be viewable by the first user , (3) users directly update their own respective personal records within the database , and (4) the personal records stored within the database are at least partially viewable as virtual address book entries , so that updates made by users to their own respective personal records are reflected automatically within the virtual personal address books of other users without the need to propagate or separately apply the updates to individual address books . |
| US8869249B2 CLAIM 20 . The method of claim 19 , wherein the access code is sent to the user via a different communication channel from which the first user (first user) authentication information is received . |
US6269369B1 CLAIM 1 . A networked contact management system , comprising : a database which contains personal records of multiple users , each record including multiple fields , including fields for storing personal contact information ; and contact manager software which provides restricted access to the database through an interface in which (1) users select other users from the database to include in their own , respective virtual personal address books without the need to enter information for such users , (2) if a first user (first user) selects a second user to include in the first user' ; s virtual personal address book , the second user is provided an option to specify the types of information of the second user' ; s personal record to be viewable by the first user , (3) users directly update their own respective personal records within the database , and (4) the personal records stored within the database are at least partially viewable as virtual address book entries , so that updates made by users to their own respective personal records are reflected automatically within the virtual personal address books of other users without the need to propagate or separately apply the updates to individual address books . |
| US8869249B2 Filed: 2002-01-18 Issued: 2014-10-21 Protecting information on a computer system using multiple authentication methods (Original Assignee) PeopleChart Corp (Current Assignee) PeopleChart Corp R. David Holvey, Arthur Douglas Jopling | WO9814896A1 Filed: 1997-09-30 Issued: 1998-04-09 Web server data/process integrator (Original Assignee) Sterling Software, Inc. Thomas J. Traughber, Jacob Harris, William L. Wittsche |
|---|---|
| US8869249B2 CLAIM 1 . A method comprising : receiving , for a user , first user authentication information for a first authentication method ; receiving , for the user , second user (said server) authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving , by a computing device , a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
WO9814896A1 CLAIM 1 . A computer system for generating and processing dynamic HTML , said computer system connected to one or more data or process resources , comprising : memory for storing a plurality of HTML elements , each of said HTML elements either identifying an associated one of the data or process resources as an associated data resource from which to retrieve information and how said associated data resource is to be accessed or identifying said associated one of the data or process resources as an associated process resource to use to generate information and how said associated process resource is to be invoked ; said memory separately storing one or more templates comprising HTML elements ; a resource interface ; a processing engine responsive , at a first time , to one of said resource interfaces and operable to record in said memory those of said HTML elements which as associated with said resource interface ; said processing engine further responsive , at a second time , to requests from a server and operable to retrieve said templates , to crated a new HTML page , to parse said one of said templates and , for each of said HTML elements detected , to access said associated data resource if said each of said HTML elements detected identifies a data resource , to invoke said associated process resource if said each of said HTML elements detected identifies a process resource , and to embed said retrieved or said generated information into said new HTML page ; and said server (second user) further operable to present said resulting HTML page to a user . |
| US8869249B2 CLAIM 3 . The method of claim 1 , wherein the period of time starts upon authenticating the second user (said server) authentication information as long as the second user authentication information is authenticated within a prescheduled period of time . |
WO9814896A1 CLAIM 1 . A computer system for generating and processing dynamic HTML , said computer system connected to one or more data or process resources , comprising : memory for storing a plurality of HTML elements , each of said HTML elements either identifying an associated one of the data or process resources as an associated data resource from which to retrieve information and how said associated data resource is to be accessed or identifying said associated one of the data or process resources as an associated process resource to use to generate information and how said associated process resource is to be invoked ; said memory separately storing one or more templates comprising HTML elements ; a resource interface ; a processing engine responsive , at a first time , to one of said resource interfaces and operable to record in said memory those of said HTML elements which as associated with said resource interface ; said processing engine further responsive , at a second time , to requests from a server and operable to retrieve said templates , to crated a new HTML page , to parse said one of said templates and , for each of said HTML elements detected , to access said associated data resource if said each of said HTML elements detected identifies a data resource , to invoke said associated process resource if said each of said HTML elements detected identifies a process resource , and to embed said retrieved or said generated information into said new HTML page ; and said server (second user) further operable to present said resulting HTML page to a user . |
| US8869249B2 CLAIM 4 . The method of claim 1 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user authentication information and the second user (said server) authentication information are authenticated . |
WO9814896A1 CLAIM 1 . A computer system for generating and processing dynamic HTML , said computer system connected to one or more data or process resources , comprising : memory for storing a plurality of HTML elements , each of said HTML elements either identifying an associated one of the data or process resources as an associated data resource from which to retrieve information and how said associated data resource is to be accessed or identifying said associated one of the data or process resources as an associated process resource to use to generate information and how said associated process resource is to be invoked ; said memory separately storing one or more templates comprising HTML elements ; a resource interface ; a processing engine responsive , at a first time , to one of said resource interfaces and operable to record in said memory those of said HTML elements which as associated with said resource interface ; said processing engine further responsive , at a second time , to requests from a server and operable to retrieve said templates , to crated a new HTML page , to parse said one of said templates and , for each of said HTML elements detected , to access said associated data resource if said each of said HTML elements detected identifies a data resource , to invoke said associated process resource if said each of said HTML elements detected identifies a process resource , and to embed said retrieved or said generated information into said new HTML page ; and said server (second user) further operable to present said resulting HTML page to a user . |
| US8869249B2 CLAIM 7 . The method of claim 1 , wherein the second user (said server) authentication information comprises an access code . |
WO9814896A1 CLAIM 1 . A computer system for generating and processing dynamic HTML , said computer system connected to one or more data or process resources , comprising : memory for storing a plurality of HTML elements , each of said HTML elements either identifying an associated one of the data or process resources as an associated data resource from which to retrieve information and how said associated data resource is to be accessed or identifying said associated one of the data or process resources as an associated process resource to use to generate information and how said associated process resource is to be invoked ; said memory separately storing one or more templates comprising HTML elements ; a resource interface ; a processing engine responsive , at a first time , to one of said resource interfaces and operable to record in said memory those of said HTML elements which as associated with said resource interface ; said processing engine further responsive , at a second time , to requests from a server and operable to retrieve said templates , to crated a new HTML page , to parse said one of said templates and , for each of said HTML elements detected , to access said associated data resource if said each of said HTML elements detected identifies a data resource , to invoke said associated process resource if said each of said HTML elements detected identifies a process resource , and to embed said retrieved or said generated information into said new HTML page ; and said server (second user) further operable to present said resulting HTML page to a user . |
| US8869249B2 CLAIM 11 . A non-transitory computer-readable storage medium containing instructions for controlling a computer system (computer system) to be configured for : receiving , for a user , first user authentication information for a first authentication method ; receiving , for the user , second user (said server) authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing system , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
WO9814896A1 CLAIM 1 . A computer system (computer system) for generating and processing dynamic HTML , said computer system connected to one or more data or process resources , comprising : memory for storing a plurality of HTML elements , each of said HTML elements either identifying an associated one of the data or process resources as an associated data resource from which to retrieve information and how said associated data resource is to be accessed or identifying said associated one of the data or process resources as an associated process resource to use to generate information and how said associated process resource is to be invoked ; said memory separately storing one or more templates comprising HTML elements ; a resource interface ; a processing engine responsive , at a first time , to one of said resource interfaces and operable to record in said memory those of said HTML elements which as associated with said resource interface ; said processing engine further responsive , at a second time , to requests from a server and operable to retrieve said templates , to crated a new HTML page , to parse said one of said templates and , for each of said HTML elements detected , to access said associated data resource if said each of said HTML elements detected identifies a data resource , to invoke said associated process resource if said each of said HTML elements detected identifies a process resource , and to embed said retrieved or said generated information into said new HTML page ; and said server (second user) further operable to present said resulting HTML page to a user . |
| US8869249B2 CLAIM 12 . The non-transitory computer-readable storage medium of claim 11 , further configured for : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user authentication information and the second user (said server) authentication information are authenticated . |
WO9814896A1 CLAIM 1 . A computer system for generating and processing dynamic HTML , said computer system connected to one or more data or process resources , comprising : memory for storing a plurality of HTML elements , each of said HTML elements either identifying an associated one of the data or process resources as an associated data resource from which to retrieve information and how said associated data resource is to be accessed or identifying said associated one of the data or process resources as an associated process resource to use to generate information and how said associated process resource is to be invoked ; said memory separately storing one or more templates comprising HTML elements ; a resource interface ; a processing engine responsive , at a first time , to one of said resource interfaces and operable to record in said memory those of said HTML elements which as associated with said resource interface ; said processing engine further responsive , at a second time , to requests from a server and operable to retrieve said templates , to crated a new HTML page , to parse said one of said templates and , for each of said HTML elements detected , to access said associated data resource if said each of said HTML elements detected identifies a data resource , to invoke said associated process resource if said each of said HTML elements detected identifies a process resource , and to embed said retrieved or said generated information into said new HTML page ; and said server (second user) further operable to present said resulting HTML page to a user . |
| US8869249B2 CLAIM 13 . The non-transitory computer-readable storage medium of claim 11 , wherein the second user (said server) authentication information comprises an access code . |
WO9814896A1 CLAIM 1 . A computer system for generating and processing dynamic HTML , said computer system connected to one or more data or process resources , comprising : memory for storing a plurality of HTML elements , each of said HTML elements either identifying an associated one of the data or process resources as an associated data resource from which to retrieve information and how said associated data resource is to be accessed or identifying said associated one of the data or process resources as an associated process resource to use to generate information and how said associated process resource is to be invoked ; said memory separately storing one or more templates comprising HTML elements ; a resource interface ; a processing engine responsive , at a first time , to one of said resource interfaces and operable to record in said memory those of said HTML elements which as associated with said resource interface ; said processing engine further responsive , at a second time , to requests from a server and operable to retrieve said templates , to crated a new HTML page , to parse said one of said templates and , for each of said HTML elements detected , to access said associated data resource if said each of said HTML elements detected identifies a data resource , to invoke said associated process resource if said each of said HTML elements detected identifies a process resource , and to embed said retrieved or said generated information into said new HTML page ; and said server (second user) further operable to present said resulting HTML page to a user . |
| US8869249B2 CLAIM 15 . A method comprising : receiving , for a user , first user authentication information for a first authentication method ; upon authenticating the first user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device after receiving , for the user , a second user (said server) authentication information , wherein the front-end storage device is accessible to a user device for the user via a network and the back-end storage device is not directly connected to the network ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the second user authentication information , enabling , by a computing device , user access to the subset of data that has been moved to the front-end storage device via the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
WO9814896A1 CLAIM 1 . A computer system for generating and processing dynamic HTML , said computer system connected to one or more data or process resources , comprising : memory for storing a plurality of HTML elements , each of said HTML elements either identifying an associated one of the data or process resources as an associated data resource from which to retrieve information and how said associated data resource is to be accessed or identifying said associated one of the data or process resources as an associated process resource to use to generate information and how said associated process resource is to be invoked ; said memory separately storing one or more templates comprising HTML elements ; a resource interface ; a processing engine responsive , at a first time , to one of said resource interfaces and operable to record in said memory those of said HTML elements which as associated with said resource interface ; said processing engine further responsive , at a second time , to requests from a server and operable to retrieve said templates , to crated a new HTML page , to parse said one of said templates and , for each of said HTML elements detected , to access said associated data resource if said each of said HTML elements detected identifies a data resource , to invoke said associated process resource if said each of said HTML elements detected identifies a process resource , and to embed said retrieved or said generated information into said new HTML page ; and said server (second user) further operable to present said resulting HTML page to a user . |
| US8869249B2 CLAIM 16 . The method of claim 15 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user authentication information and the second user (said server) authentication information are authenticated . |
WO9814896A1 CLAIM 1 . A computer system for generating and processing dynamic HTML , said computer system connected to one or more data or process resources , comprising : memory for storing a plurality of HTML elements , each of said HTML elements either identifying an associated one of the data or process resources as an associated data resource from which to retrieve information and how said associated data resource is to be accessed or identifying said associated one of the data or process resources as an associated process resource to use to generate information and how said associated process resource is to be invoked ; said memory separately storing one or more templates comprising HTML elements ; a resource interface ; a processing engine responsive , at a first time , to one of said resource interfaces and operable to record in said memory those of said HTML elements which as associated with said resource interface ; said processing engine further responsive , at a second time , to requests from a server and operable to retrieve said templates , to crated a new HTML page , to parse said one of said templates and , for each of said HTML elements detected , to access said associated data resource if said each of said HTML elements detected identifies a data resource , to invoke said associated process resource if said each of said HTML elements detected identifies a process resource , and to embed said retrieved or said generated information into said new HTML page ; and said server (second user) further operable to present said resulting HTML page to a user . |
| US8869249B2 CLAIM 18 . The method of claim 15 , wherein the second user (said server) authentication information comprises an access code . |
WO9814896A1 CLAIM 1 . A computer system for generating and processing dynamic HTML , said computer system connected to one or more data or process resources , comprising : memory for storing a plurality of HTML elements , each of said HTML elements either identifying an associated one of the data or process resources as an associated data resource from which to retrieve information and how said associated data resource is to be accessed or identifying said associated one of the data or process resources as an associated process resource to use to generate information and how said associated process resource is to be invoked ; said memory separately storing one or more templates comprising HTML elements ; a resource interface ; a processing engine responsive , at a first time , to one of said resource interfaces and operable to record in said memory those of said HTML elements which as associated with said resource interface ; said processing engine further responsive , at a second time , to requests from a server and operable to retrieve said templates , to crated a new HTML page , to parse said one of said templates and , for each of said HTML elements detected , to access said associated data resource if said each of said HTML elements detected identifies a data resource , to invoke said associated process resource if said each of said HTML elements detected identifies a process resource , and to embed said retrieved or said generated information into said new HTML page ; and said server (second user) further operable to present said resulting HTML page to a user . |
| US8869249B2 Filed: 2002-01-18 Issued: 2014-10-21 Protecting information on a computer system using multiple authentication methods (Original Assignee) PeopleChart Corp (Current Assignee) PeopleChart Corp R. David Holvey, Arthur Douglas Jopling | US5983267A Filed: 1997-09-23 Issued: 1999-11-09 System for indexing and displaying requested data having heterogeneous content and representation (Original Assignee) Information Architects Corp (Current Assignee) PENCON SYSTEMS Inc ; Information Architects Corp Leon Shklar, David Makower |
|---|---|
| US8869249B2 CLAIM 7 . The method of claim 1 , wherein the second user authentication information comprises an access code (source data) . |
US5983267A CLAIM 7 . The system of claim 1 , and comprising processing means for presenting the source data (access code) to the display system as a mark-up language file , image , executable code , video , audio , plain text , modeling language file , or a combination thereof . |
| US8869249B2 CLAIM 8 . The method of claim 7 , further comprising sending the access code (source data) to the user upon receiving the first user authentication information . |
US5983267A CLAIM 7 . The system of claim 1 , and comprising processing means for presenting the source data (access code) to the display system as a mark-up language file , image , executable code , video , audio , plain text , modeling language file , or a combination thereof . |
| US8869249B2 CLAIM 9 . The method of claim 8 , wherein the access code (source data) is sent to the user via a communication path that has been previously established . |
US5983267A CLAIM 7 . The system of claim 1 , and comprising processing means for presenting the source data (access code) to the display system as a mark-up language file , image , executable code , video , audio , plain text , modeling language file , or a combination thereof . |
| US8869249B2 CLAIM 10 . The method of claim 8 , wherein the access code (source data) is sent to the user via a different communication channel from which the first user authentication information is received . |
US5983267A CLAIM 7 . The system of claim 1 , and comprising processing means for presenting the source data (access code) to the display system as a mark-up language file , image , executable code , video , audio , plain text , modeling language file , or a combination thereof . |
| US8869249B2 CLAIM 11 . A non-transitory computer-readable storage medium containing instructions for controlling a computer system (stored data) to be configured for : receiving , for a user , first user authentication information for a first authentication method ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing system , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US5983267A CLAIM 1 . A system for interrogating stored data (computer system) at a source location , and for retrieving and displaying a select portion of said data at a display location via electronic networking , said system comprising : (a) a type specification particular to said data , and generating one or more encapsulation units comprising instructions for extracting from said data the select portion thereof ; (b) metadata including said encapsulation units identifying the select portion of said data for being displayed at the display location , and means for identifying how to present the select portion of said data at the display location , said metadata residing at a location suitable for communication with both of the source and the display locations ; and (c) means for processing said metadata to access and retrieve the select portion of said data defined by said encapsulation units , and for displaying the select portion of said data at the display location . |
| US8869249B2 CLAIM 13 . The non-transitory computer-readable storage medium of claim 11 , wherein the second user authentication information comprises an access code (source data) . |
US5983267A CLAIM 7 . The system of claim 1 , and comprising processing means for presenting the source data (access code) to the display system as a mark-up language file , image , executable code , video , audio , plain text , modeling language file , or a combination thereof . |
| US8869249B2 CLAIM 14 . The non-transitory computer-readable storage medium of claim 13 , wherein the access code (source data) is sent to the user via a different communication channel from which the first user authentication information is received . |
US5983267A CLAIM 7 . The system of claim 1 , and comprising processing means for presenting the source data (access code) to the display system as a mark-up language file , image , executable code , video , audio , plain text , modeling language file , or a combination thereof . |
| US8869249B2 CLAIM 18 . The method of claim 15 , wherein the second user authentication information comprises an access code (source data) . |
US5983267A CLAIM 7 . The system of claim 1 , and comprising processing means for presenting the source data (access code) to the display system as a mark-up language file , image , executable code , video , audio , plain text , modeling language file , or a combination thereof . |
| US8869249B2 CLAIM 19 . The method of claim 18 , further comprising sending the access code (source data) to the user upon receiving the first user authentication information . |
US5983267A CLAIM 7 . The system of claim 1 , and comprising processing means for presenting the source data (access code) to the display system as a mark-up language file , image , executable code , video , audio , plain text , modeling language file , or a combination thereof . |
| US8869249B2 CLAIM 20 . The method of claim 19 , wherein the access code (source data) is sent to the user via a different communication channel from which the first user authentication information is received . |
US5983267A CLAIM 7 . The system of claim 1 , and comprising processing means for presenting the source data (access code) to the display system as a mark-up language file , image , executable code , video , audio , plain text , modeling language file , or a combination thereof . |
| US8869249B2 Filed: 2002-01-18 Issued: 2014-10-21 Protecting information on a computer system using multiple authentication methods (Original Assignee) PeopleChart Corp (Current Assignee) PeopleChart Corp R. David Holvey, Arthur Douglas Jopling | US5956720A Filed: 1997-09-17 Issued: 1999-09-21 Method and apparatus for web site management (Original Assignee) AT&T Corp (Current Assignee) AT&T Intellectual Property II LP Maria F. Fernandez, Daniela Dina Florescu, Jaewoo Kang, Alon Yitzchak Levy, Dan Suciu |
|---|---|
| US8869249B2 CLAIM 1 . A method comprising : receiving , for a user , first user authentication information for a first authentication method ; receiving , for the user , second user (said server) authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving , by a computing device , a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US5956720A CLAIM 31 . An apparatus for managing a web-site , comprising : a terminal ; a network coupled to said terminal ; a plurality of servers storing non-uniform data connected to said network and accessible via said terminal ; a query processor coupled to said server (second user) s via said network for defining an integrated view of said non-uniform data ; a mediator coupled to said query processor for receiving said definition via a site definition query , and creating said integrated view ; a site definition module coupled to said mediator and said query processor for receiving a site definition query from said query processor for structuring said non-uniform data at the web-site ; and a hypertext markup language generator for graphically presenting said structured non-uniform data at the web-site . |
| US8869249B2 CLAIM 3 . The method of claim 1 , wherein the period of time starts upon authenticating the second user (said server) authentication information as long as the second user authentication information is authenticated within a prescheduled period of time . |
US5956720A CLAIM 31 . An apparatus for managing a web-site , comprising : a terminal ; a network coupled to said terminal ; a plurality of servers storing non-uniform data connected to said network and accessible via said terminal ; a query processor coupled to said server (second user) s via said network for defining an integrated view of said non-uniform data ; a mediator coupled to said query processor for receiving said definition via a site definition query , and creating said integrated view ; a site definition module coupled to said mediator and said query processor for receiving a site definition query from said query processor for structuring said non-uniform data at the web-site ; and a hypertext markup language generator for graphically presenting said structured non-uniform data at the web-site . |
| US8869249B2 CLAIM 4 . The method of claim 1 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user authentication information and the second user (said server) authentication information are authenticated . |
US5956720A CLAIM 31 . An apparatus for managing a web-site , comprising : a terminal ; a network coupled to said terminal ; a plurality of servers storing non-uniform data connected to said network and accessible via said terminal ; a query processor coupled to said server (second user) s via said network for defining an integrated view of said non-uniform data ; a mediator coupled to said query processor for receiving said definition via a site definition query , and creating said integrated view ; a site definition module coupled to said mediator and said query processor for receiving a site definition query from said query processor for structuring said non-uniform data at the web-site ; and a hypertext markup language generator for graphically presenting said structured non-uniform data at the web-site . |
| US8869249B2 CLAIM 7 . The method of claim 1 , wherein the second user (said server) authentication information comprises an access code . |
US5956720A CLAIM 31 . An apparatus for managing a web-site , comprising : a terminal ; a network coupled to said terminal ; a plurality of servers storing non-uniform data connected to said network and accessible via said terminal ; a query processor coupled to said server (second user) s via said network for defining an integrated view of said non-uniform data ; a mediator coupled to said query processor for receiving said definition via a site definition query , and creating said integrated view ; a site definition module coupled to said mediator and said query processor for receiving a site definition query from said query processor for structuring said non-uniform data at the web-site ; and a hypertext markup language generator for graphically presenting said structured non-uniform data at the web-site . |
| US8869249B2 CLAIM 11 . A non-transitory computer-readable storage medium containing instructions for controlling a computer system to be configured for : receiving , for a user , first user authentication information for a first authentication method ; receiving , for the user , second user (said server) authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing system , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US5956720A CLAIM 31 . An apparatus for managing a web-site , comprising : a terminal ; a network coupled to said terminal ; a plurality of servers storing non-uniform data connected to said network and accessible via said terminal ; a query processor coupled to said server (second user) s via said network for defining an integrated view of said non-uniform data ; a mediator coupled to said query processor for receiving said definition via a site definition query , and creating said integrated view ; a site definition module coupled to said mediator and said query processor for receiving a site definition query from said query processor for structuring said non-uniform data at the web-site ; and a hypertext markup language generator for graphically presenting said structured non-uniform data at the web-site . |
| US8869249B2 CLAIM 12 . The non-transitory computer-readable storage medium of claim 11 , further configured for : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user authentication information and the second user (said server) authentication information are authenticated . |
US5956720A CLAIM 31 . An apparatus for managing a web-site , comprising : a terminal ; a network coupled to said terminal ; a plurality of servers storing non-uniform data connected to said network and accessible via said terminal ; a query processor coupled to said server (second user) s via said network for defining an integrated view of said non-uniform data ; a mediator coupled to said query processor for receiving said definition via a site definition query , and creating said integrated view ; a site definition module coupled to said mediator and said query processor for receiving a site definition query from said query processor for structuring said non-uniform data at the web-site ; and a hypertext markup language generator for graphically presenting said structured non-uniform data at the web-site . |
| US8869249B2 CLAIM 13 . The non-transitory computer-readable storage medium of claim 11 , wherein the second user (said server) authentication information comprises an access code . |
US5956720A CLAIM 31 . An apparatus for managing a web-site , comprising : a terminal ; a network coupled to said terminal ; a plurality of servers storing non-uniform data connected to said network and accessible via said terminal ; a query processor coupled to said server (second user) s via said network for defining an integrated view of said non-uniform data ; a mediator coupled to said query processor for receiving said definition via a site definition query , and creating said integrated view ; a site definition module coupled to said mediator and said query processor for receiving a site definition query from said query processor for structuring said non-uniform data at the web-site ; and a hypertext markup language generator for graphically presenting said structured non-uniform data at the web-site . |
| US8869249B2 CLAIM 15 . A method comprising : receiving , for a user , first user authentication information for a first authentication method ; upon authenticating the first user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device after receiving , for the user , a second user (said server) authentication information , wherein the front-end storage device is accessible to a user device for the user via a network and the back-end storage device is not directly connected to the network ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the second user authentication information , enabling , by a computing device , user access to the subset of data that has been moved to the front-end storage device via the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US5956720A CLAIM 31 . An apparatus for managing a web-site , comprising : a terminal ; a network coupled to said terminal ; a plurality of servers storing non-uniform data connected to said network and accessible via said terminal ; a query processor coupled to said server (second user) s via said network for defining an integrated view of said non-uniform data ; a mediator coupled to said query processor for receiving said definition via a site definition query , and creating said integrated view ; a site definition module coupled to said mediator and said query processor for receiving a site definition query from said query processor for structuring said non-uniform data at the web-site ; and a hypertext markup language generator for graphically presenting said structured non-uniform data at the web-site . |
| US8869249B2 CLAIM 16 . The method of claim 15 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user authentication information and the second user (said server) authentication information are authenticated . |
US5956720A CLAIM 31 . An apparatus for managing a web-site , comprising : a terminal ; a network coupled to said terminal ; a plurality of servers storing non-uniform data connected to said network and accessible via said terminal ; a query processor coupled to said server (second user) s via said network for defining an integrated view of said non-uniform data ; a mediator coupled to said query processor for receiving said definition via a site definition query , and creating said integrated view ; a site definition module coupled to said mediator and said query processor for receiving a site definition query from said query processor for structuring said non-uniform data at the web-site ; and a hypertext markup language generator for graphically presenting said structured non-uniform data at the web-site . |
| US8869249B2 CLAIM 18 . The method of claim 15 , wherein the second user (said server) authentication information comprises an access code . |
US5956720A CLAIM 31 . An apparatus for managing a web-site , comprising : a terminal ; a network coupled to said terminal ; a plurality of servers storing non-uniform data connected to said network and accessible via said terminal ; a query processor coupled to said server (second user) s via said network for defining an integrated view of said non-uniform data ; a mediator coupled to said query processor for receiving said definition via a site definition query , and creating said integrated view ; a site definition module coupled to said mediator and said query processor for receiving a site definition query from said query processor for structuring said non-uniform data at the web-site ; and a hypertext markup language generator for graphically presenting said structured non-uniform data at the web-site . |
| US8869249B2 Filed: 2002-01-18 Issued: 2014-10-21 Protecting information on a computer system using multiple authentication methods (Original Assignee) PeopleChart Corp (Current Assignee) PeopleChart Corp R. David Holvey, Arthur Douglas Jopling | US5956730A Filed: 1997-08-15 Issued: 1999-09-21 Legacy subclassing (Original Assignee) International Business Machines Corp (Current Assignee) International Business Machines Corp Tracy Kim Burroughs, Wilson D. Lee, Cynthia Ann Rogers, Laura Jane Zaborowski |
|---|---|
| US8869249B2 CLAIM 11 . A non-transitory computer-readable storage medium containing instructions for controlling a computer system (computer system) to be configured for : receiving , for a user , first user authentication information for a first authentication method ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing system , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US5956730A CLAIM 11 . A computer program product for use in a computer system (computer system) for mapping an object between object-oriented schema and relational data store schema , said object having a class , said relational data store schema defined by a plurality of attribute columns and a tiebreaker column , said computer program product comprising a signal-bearing medium carrying thereon : mapping software code defining a selection of said class from among a plurality of classes in response to a value in said tiebreaker column , each class of said plurality of classes corresponding to one of a plurality of values ; and handle construction software code for constructing a handle including a reference to said class . |
| US8869249B2 Filed: 2002-01-18 Issued: 2014-10-21 Protecting information on a computer system using multiple authentication methods (Original Assignee) PeopleChart Corp (Current Assignee) PeopleChart Corp R. David Holvey, Arthur Douglas Jopling | WO9808344A2 Filed: 1997-08-08 Issued: 1998-02-26 Method and apparatus for viewing electronic reading materials (Original Assignee) Softbook Press, Inc. James Sachs, Thomas W. Pomeroy |
|---|---|
| US8869249B2 CLAIM 1 . A method comprising : receiving , for a user , first user authentication information for a first authentication (receiving input) method ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving , by a computing device , a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
WO9808344A2 CLAIM 1 . A system for distributing textual information , comprising : a host computer having a host memory for storing a plurality of units of textual information ; a first modem coupled to the host computer for transmitting textual information stored in the host memory over a transmission medium ; a portable electronic book for retrieving and displaying textual information , comprising : a housing including a display screen that displays textual information on display pages , the display screen also displays a plurality of function keys corresponding to functions provided by the electronic book in retrieving and displaying the textual information ; a memory for storing the textual information and information ; and a processor coupled to the memory and display screen for controlling the retrieval and display of the textual information , the processor receiving input (first authentication) from the function keys and for controlling the display of the functions on the display screen ; a second modem coupled to the portable electronic book for receiving textual information stored in the host computer via the transmission medium ; wherein the host memory includes a plurality of code numbers and wherein the memory of the portable electronic book includes a unique code number , the host computer providing the textual information to the portable electronic book upon matching of the unique code number with a code number in the plurality of code numbers stored in the host memory . |
| US8869249B2 CLAIM 11 . A non-transitory computer-readable storage medium containing instructions for controlling a computer system to be configured for : receiving , for a user , first user authentication information for a first authentication (receiving input) method ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing system , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
WO9808344A2 CLAIM 1 . A system for distributing textual information , comprising : a host computer having a host memory for storing a plurality of units of textual information ; a first modem coupled to the host computer for transmitting textual information stored in the host memory over a transmission medium ; a portable electronic book for retrieving and displaying textual information , comprising : a housing including a display screen that displays textual information on display pages , the display screen also displays a plurality of function keys corresponding to functions provided by the electronic book in retrieving and displaying the textual information ; a memory for storing the textual information and information ; and a processor coupled to the memory and display screen for controlling the retrieval and display of the textual information , the processor receiving input (first authentication) from the function keys and for controlling the display of the functions on the display screen ; a second modem coupled to the portable electronic book for receiving textual information stored in the host computer via the transmission medium ; wherein the host memory includes a plurality of code numbers and wherein the memory of the portable electronic book includes a unique code number , the host computer providing the textual information to the portable electronic book upon matching of the unique code number with a code number in the plurality of code numbers stored in the host memory . |
| US8869249B2 CLAIM 15 . A method comprising : receiving , for a user , first user authentication information for a first authentication (receiving input) method ; upon authenticating the first user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device after receiving , for the user , a second user authentication information , wherein the front-end storage device is accessible to a user device for the user via a network and the back-end storage device is not directly connected to the network ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the second user authentication information , enabling , by a computing device , user access to the subset of data that has been moved to the front-end storage device via the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
WO9808344A2 CLAIM 1 . A system for distributing textual information , comprising : a host computer having a host memory for storing a plurality of units of textual information ; a first modem coupled to the host computer for transmitting textual information stored in the host memory over a transmission medium ; a portable electronic book for retrieving and displaying textual information , comprising : a housing including a display screen that displays textual information on display pages , the display screen also displays a plurality of function keys corresponding to functions provided by the electronic book in retrieving and displaying the textual information ; a memory for storing the textual information and information ; and a processor coupled to the memory and display screen for controlling the retrieval and display of the textual information , the processor receiving input (first authentication) from the function keys and for controlling the display of the functions on the display screen ; a second modem coupled to the portable electronic book for receiving textual information stored in the host computer via the transmission medium ; wherein the host memory includes a plurality of code numbers and wherein the memory of the portable electronic book includes a unique code number , the host computer providing the textual information to the portable electronic book upon matching of the unique code number with a code number in the plurality of code numbers stored in the host memory . |
| US8869249B2 Filed: 2002-01-18 Issued: 2014-10-21 Protecting information on a computer system using multiple authentication methods (Original Assignee) PeopleChart Corp (Current Assignee) PeopleChart Corp R. David Holvey, Arthur Douglas Jopling | US5933816A Filed: 1997-08-07 Issued: 1999-08-03 System and method for delivering financial services (Original Assignee) Citicorp Development Center Inc (Current Assignee) Citicorp Credit Services Inc USA James Zeanah, Charles Abbott, Nik Boyd, Albert Cohen, James Cook, Michael Grandcolas, Sikhun Lan, Bonnie Lindsley, Grigor Markarian, Leslie Moss |
|---|---|
| US8869249B2 CLAIM 1 . A method comprising : receiving , for a user , first user (service provider) authentication information for a first authentication method ; receiving , for the user , second user authentication information for a second authentication (receiving messages) method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving , by a computing device , a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires (touch point) , the subset of data is removed from the front-end storage device . |
US5933816A CLAIM 23 . The system as set forth in claim 1 , further comprising an external service provider (first user) component for communicating with an external service provider . US5933816A CLAIM 28 . The system as set forth in claim 26 , further comprising a touch point (time expires) interface component for interfacing with a plurality of customers for a plurality of sessions and for routing the information from each customer to the mini-app dialog component associated with the respective session bubble . US5933816A CLAIM 30 . The system as set forth in claim 26 , further comprising a back door man component for receiving messages (second authentication) from an external service provider and for routing each message to the transaction executor component associated with the session bubble for each message . |
| US8869249B2 CLAIM 4 . The method of claim 1 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user (service provider) authentication information and the second user authentication information are authenticated . |
US5933816A CLAIM 23 . The system as set forth in claim 1 , further comprising an external service provider (first user) component for communicating with an external service provider . |
| US8869249B2 CLAIM 8 . The method of claim 7 , further comprising sending the access code to the user upon receiving the first user (service provider) authentication information . |
US5933816A CLAIM 23 . The system as set forth in claim 1 , further comprising an external service provider (first user) component for communicating with an external service provider . |
| US8869249B2 CLAIM 10 . The method of claim 8 , wherein the access code is sent to the user via a different communication channel from which the first user (service provider) authentication information is received . |
US5933816A CLAIM 23 . The system as set forth in claim 1 , further comprising an external service provider (first user) component for communicating with an external service provider . |
| US8869249B2 CLAIM 11 . A non-transitory computer-readable storage medium containing instructions for controlling a computer system to be configured for : receiving , for a user , first user (service provider) authentication information for a first authentication method ; receiving , for the user , second user authentication information for a second authentication (receiving messages) method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing system , wherein after the period of time expires (touch point) , the subset of data is removed from the front-end storage device . |
US5933816A CLAIM 23 . The system as set forth in claim 1 , further comprising an external service provider (first user) component for communicating with an external service provider . US5933816A CLAIM 28 . The system as set forth in claim 26 , further comprising a touch point (time expires) interface component for interfacing with a plurality of customers for a plurality of sessions and for routing the information from each customer to the mini-app dialog component associated with the respective session bubble . US5933816A CLAIM 30 . The system as set forth in claim 26 , further comprising a back door man component for receiving messages (second authentication) from an external service provider and for routing each message to the transaction executor component associated with the session bubble for each message . |
| US8869249B2 CLAIM 12 . The non-transitory computer-readable storage medium of claim 11 , further configured for : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user (service provider) authentication information and the second user authentication information are authenticated . |
US5933816A CLAIM 23 . The system as set forth in claim 1 , further comprising an external service provider (first user) component for communicating with an external service provider . |
| US8869249B2 CLAIM 14 . The non-transitory computer-readable storage medium of claim 13 , wherein the access code is sent to the user via a different communication channel from which the first user (service provider) authentication information is received . |
US5933816A CLAIM 23 . The system as set forth in claim 1 , further comprising an external service provider (first user) component for communicating with an external service provider . |
| US8869249B2 CLAIM 15 . A method comprising : receiving , for a user , first user (service provider) authentication information for a first authentication method ; upon authenticating the first user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device after receiving , for the user , a second user authentication information , wherein the front-end storage device is accessible to a user device for the user via a network and the back-end storage device is not directly connected to the network ; receiving , for the user , second user authentication information for a second authentication (receiving messages) method , the second authentication method being different from the first authentication method ; upon authenticating the second user authentication information , enabling , by a computing device , user access to the subset of data that has been moved to the front-end storage device via the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires (touch point) , the subset of data is removed from the front-end storage device . |
US5933816A CLAIM 23 . The system as set forth in claim 1 , further comprising an external service provider (first user) component for communicating with an external service provider . US5933816A CLAIM 28 . The system as set forth in claim 26 , further comprising a touch point (time expires) interface component for interfacing with a plurality of customers for a plurality of sessions and for routing the information from each customer to the mini-app dialog component associated with the respective session bubble . US5933816A CLAIM 30 . The system as set forth in claim 26 , further comprising a back door man component for receiving messages (second authentication) from an external service provider and for routing each message to the transaction executor component associated with the session bubble for each message . |
| US8869249B2 CLAIM 16 . The method of claim 15 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user (service provider) authentication information and the second user authentication information are authenticated . |
US5933816A CLAIM 23 . The system as set forth in claim 1 , further comprising an external service provider (first user) component for communicating with an external service provider . |
| US8869249B2 CLAIM 19 . The method of claim 18 , further comprising sending the access code to the user upon receiving the first user (service provider) authentication information . |
US5933816A CLAIM 23 . The system as set forth in claim 1 , further comprising an external service provider (first user) component for communicating with an external service provider . |
| US8869249B2 CLAIM 20 . The method of claim 19 , wherein the access code is sent to the user via a different communication channel from which the first user (service provider) authentication information is received . |
US5933816A CLAIM 23 . The system as set forth in claim 1 , further comprising an external service provider (first user) component for communicating with an external service provider . |
| US8869249B2 Filed: 2002-01-18 Issued: 2014-10-21 Protecting information on a computer system using multiple authentication methods (Original Assignee) PeopleChart Corp (Current Assignee) PeopleChart Corp R. David Holvey, Arthur Douglas Jopling | US5987440A Filed: 1997-07-22 Issued: 1999-11-16 Personal information security and exchange tool (Original Assignee) CYVA Res Corp (Current Assignee) CYVA RESEARCH HOLDINGS LLC Kevin O'Neil, Glenn R. Seidman |
|---|---|
| US8869249B2 CLAIM 1 . A method comprising : receiving , for a user , first user (action request) authentication information for a first authentication method ; receiving , for the user , second user (action request) authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving , by a computing device (computing device) , a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US5987440A CLAIM 1 . An electronic bazaar for the purpose of facilitating electronic commerce by auction comprising : an electronic bazaar electronic broker which securely processes a transaction to ensure that rules are satisfied before a transaction is processed ; an electronic personal information agent which securely encapsulates entities' ; personal information objects and rules governing processing ; a commercial activity dispatcher which handles all incoming transaction request (first user, second user) s with said electronic bazaar electronic broker ; a public product database which persistently stores product information processed by said electronic bazaar electronic broker ; a trusted token processor which stores and processes public keys from said electronic personal information agents and issues and validates trusted tokens presented by said electronic personal information agents ; an advertiser directory which stores and processes orders , product information and order forms as initiated by transaction requests ; and a private activities database which stores advertiser pending orders , inventories , and information necessary to carry out transactions . US5987440A CLAIM 22 . The computer-networked system of claim 21 , wherein said computer network is selected from the group consisting of the Internet , wireline telecomputing device (computing device) s and wireless telecomputing devices . |
| US8869249B2 CLAIM 3 . The method of claim 1 , wherein the period of time starts upon authenticating the second user (action request) authentication information as long as the second user authentication information is authenticated within a prescheduled period of time . |
US5987440A CLAIM 1 . An electronic bazaar for the purpose of facilitating electronic commerce by auction comprising : an electronic bazaar electronic broker which securely processes a transaction to ensure that rules are satisfied before a transaction is processed ; an electronic personal information agent which securely encapsulates entities' ; personal information objects and rules governing processing ; a commercial activity dispatcher which handles all incoming transaction request (first user, second user) s with said electronic bazaar electronic broker ; a public product database which persistently stores product information processed by said electronic bazaar electronic broker ; a trusted token processor which stores and processes public keys from said electronic personal information agents and issues and validates trusted tokens presented by said electronic personal information agents ; an advertiser directory which stores and processes orders , product information and order forms as initiated by transaction requests ; and a private activities database which stores advertiser pending orders , inventories , and information necessary to carry out transactions . |
| US8869249B2 CLAIM 4 . The method of claim 1 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user (action request) authentication information and the second user (action request) authentication information are authenticated . |
US5987440A CLAIM 1 . An electronic bazaar for the purpose of facilitating electronic commerce by auction comprising : an electronic bazaar electronic broker which securely processes a transaction to ensure that rules are satisfied before a transaction is processed ; an electronic personal information agent which securely encapsulates entities' ; personal information objects and rules governing processing ; a commercial activity dispatcher which handles all incoming transaction request (first user, second user) s with said electronic bazaar electronic broker ; a public product database which persistently stores product information processed by said electronic bazaar electronic broker ; a trusted token processor which stores and processes public keys from said electronic personal information agents and issues and validates trusted tokens presented by said electronic personal information agents ; an advertiser directory which stores and processes orders , product information and order forms as initiated by transaction requests ; and a private activities database which stores advertiser pending orders , inventories , and information necessary to carry out transactions . |
| US8869249B2 CLAIM 7 . The method of claim 1 , wherein the second user (action request) authentication information comprises an access code . |
US5987440A CLAIM 1 . An electronic bazaar for the purpose of facilitating electronic commerce by auction comprising : an electronic bazaar electronic broker which securely processes a transaction to ensure that rules are satisfied before a transaction is processed ; an electronic personal information agent which securely encapsulates entities' ; personal information objects and rules governing processing ; a commercial activity dispatcher which handles all incoming transaction request (first user, second user) s with said electronic bazaar electronic broker ; a public product database which persistently stores product information processed by said electronic bazaar electronic broker ; a trusted token processor which stores and processes public keys from said electronic personal information agents and issues and validates trusted tokens presented by said electronic personal information agents ; an advertiser directory which stores and processes orders , product information and order forms as initiated by transaction requests ; and a private activities database which stores advertiser pending orders , inventories , and information necessary to carry out transactions . |
| US8869249B2 CLAIM 8 . The method of claim 7 , further comprising sending the access code to the user upon receiving the first user (action request) authentication information . |
US5987440A CLAIM 1 . An electronic bazaar for the purpose of facilitating electronic commerce by auction comprising : an electronic bazaar electronic broker which securely processes a transaction to ensure that rules are satisfied before a transaction is processed ; an electronic personal information agent which securely encapsulates entities' ; personal information objects and rules governing processing ; a commercial activity dispatcher which handles all incoming transaction request (first user, second user) s with said electronic bazaar electronic broker ; a public product database which persistently stores product information processed by said electronic bazaar electronic broker ; a trusted token processor which stores and processes public keys from said electronic personal information agents and issues and validates trusted tokens presented by said electronic personal information agents ; an advertiser directory which stores and processes orders , product information and order forms as initiated by transaction requests ; and a private activities database which stores advertiser pending orders , inventories , and information necessary to carry out transactions . |
| US8869249B2 CLAIM 9 . The method of claim 8 , wherein the access code is sent to the user via a communication path (computer readable medium) that has been previously established . |
US5987440A CLAIM 34 . A distributed object resource management system for use in a personal security and exchange tool fixed in a computer readable medium (communication path, readable storage medium containing instructions) , comprising : a messaging subsystem which receives and dispatches electronic autonomous personal information agents , said electronic autonomous personal information agents comprising secured information and rules governing access to said information by other electronic autonomous personal information agents ; an electronic broker which securely intermediates between two or more electronic autonomous personal information agents ; an interaction processor which processes requests from said electronic autonomous personal information agents through said electronic broker ; a rules processor which processes rules from electronic autonomous personal information agents and determines that the rules are satisfied prior to permitting an exchange of information between the electronic autonomous personal information agents ; an object repository where the electronic brokers and the electronic personal agents are maintained persistently ; and a secure remote method invocation system and messaging system for permitting home electronic personal information agents to communicate with replicated electronic personal information agent counterparts . |
| US8869249B2 CLAIM 10 . The method of claim 8 , wherein the access code is sent to the user via a different communication channel from which the first user (action request) authentication information is received . |
US5987440A CLAIM 1 . An electronic bazaar for the purpose of facilitating electronic commerce by auction comprising : an electronic bazaar electronic broker which securely processes a transaction to ensure that rules are satisfied before a transaction is processed ; an electronic personal information agent which securely encapsulates entities' ; personal information objects and rules governing processing ; a commercial activity dispatcher which handles all incoming transaction request (first user, second user) s with said electronic bazaar electronic broker ; a public product database which persistently stores product information processed by said electronic bazaar electronic broker ; a trusted token processor which stores and processes public keys from said electronic personal information agents and issues and validates trusted tokens presented by said electronic personal information agents ; an advertiser directory which stores and processes orders , product information and order forms as initiated by transaction requests ; and a private activities database which stores advertiser pending orders , inventories , and information necessary to carry out transactions . |
| US8869249B2 CLAIM 11 . A non-transitory computer-readable storage medium containing instructions for controlling a computer system (computer system) to be configured for : receiving , for a user , first user (action request) authentication information for a first authentication method ; receiving , for the user , second user (action request) authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing system , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US5987440A CLAIM 1 . An electronic bazaar for the purpose of facilitating electronic commerce by auction comprising : an electronic bazaar electronic broker which securely processes a transaction to ensure that rules are satisfied before a transaction is processed ; an electronic personal information agent which securely encapsulates entities' ; personal information objects and rules governing processing ; a commercial activity dispatcher which handles all incoming transaction request (first user, second user) s with said electronic bazaar electronic broker ; a public product database which persistently stores product information processed by said electronic bazaar electronic broker ; a trusted token processor which stores and processes public keys from said electronic personal information agents and issues and validates trusted tokens presented by said electronic personal information agents ; an advertiser directory which stores and processes orders , product information and order forms as initiated by transaction requests ; and a private activities database which stores advertiser pending orders , inventories , and information necessary to carry out transactions . US5987440A CLAIM 33 . A trusted electronic exchange process operating on a programmable computer system (computer system) , the process comprising the steps of : receiving , at the computer system , a communication from an originating source , said communication comprising a) a digital certificate binding a public key to the originating source ; b) information in the form of information objects relating to said originating source ; c) privilege rules associated with said information objects , said privilege rules defining if and under what conditions said information objects may be processed by a receiving electronic entity ; and d) one or more interaction instructions collectively defining a set of search criteria ; verifying , at the computer system , that said communication was originated by said originating source ; securely identifying , at the computer system , and without access to said originating source , home electronic personal information agents that satisfy said search criteria , said home electronic personal information agents encapsulating secured information and privilege rules governing access to said information ; securely executing privilege rules encapsulated within the home electronic personal information agents on the information objects from said originating source , so as to determine if the information objects encapsulated within said home electronic personal information agents meet the conditions for further processing ; replicating the home electronic personal information agents satisfying said criteria and having at least one information object whose privilege rule has been satisfied , thereby generating a plurality of autonomous electronic personal information agents ; and securely dispatching said autonomous electronic personal information agents to the originating source . |
| US8869249B2 CLAIM 12 . The non-transitory computer-readable storage medium of claim 11 , further configured for : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user (action request) authentication information and the second user (action request) authentication information are authenticated . |
US5987440A CLAIM 1 . An electronic bazaar for the purpose of facilitating electronic commerce by auction comprising : an electronic bazaar electronic broker which securely processes a transaction to ensure that rules are satisfied before a transaction is processed ; an electronic personal information agent which securely encapsulates entities' ; personal information objects and rules governing processing ; a commercial activity dispatcher which handles all incoming transaction request (first user, second user) s with said electronic bazaar electronic broker ; a public product database which persistently stores product information processed by said electronic bazaar electronic broker ; a trusted token processor which stores and processes public keys from said electronic personal information agents and issues and validates trusted tokens presented by said electronic personal information agents ; an advertiser directory which stores and processes orders , product information and order forms as initiated by transaction requests ; and a private activities database which stores advertiser pending orders , inventories , and information necessary to carry out transactions . |
| US8869249B2 CLAIM 13 . The non-transitory computer-readable storage medium of claim 11 , wherein the second user (action request) authentication information comprises an access code . |
US5987440A CLAIM 1 . An electronic bazaar for the purpose of facilitating electronic commerce by auction comprising : an electronic bazaar electronic broker which securely processes a transaction to ensure that rules are satisfied before a transaction is processed ; an electronic personal information agent which securely encapsulates entities' ; personal information objects and rules governing processing ; a commercial activity dispatcher which handles all incoming transaction request (first user, second user) s with said electronic bazaar electronic broker ; a public product database which persistently stores product information processed by said electronic bazaar electronic broker ; a trusted token processor which stores and processes public keys from said electronic personal information agents and issues and validates trusted tokens presented by said electronic personal information agents ; an advertiser directory which stores and processes orders , product information and order forms as initiated by transaction requests ; and a private activities database which stores advertiser pending orders , inventories , and information necessary to carry out transactions . |
| US8869249B2 CLAIM 14 . The non-transitory computer-readable storage medium of claim 13 , wherein the access code is sent to the user via a different communication channel from which the first user (action request) authentication information is received . |
US5987440A CLAIM 1 . An electronic bazaar for the purpose of facilitating electronic commerce by auction comprising : an electronic bazaar electronic broker which securely processes a transaction to ensure that rules are satisfied before a transaction is processed ; an electronic personal information agent which securely encapsulates entities' ; personal information objects and rules governing processing ; a commercial activity dispatcher which handles all incoming transaction request (first user, second user) s with said electronic bazaar electronic broker ; a public product database which persistently stores product information processed by said electronic bazaar electronic broker ; a trusted token processor which stores and processes public keys from said electronic personal information agents and issues and validates trusted tokens presented by said electronic personal information agents ; an advertiser directory which stores and processes orders , product information and order forms as initiated by transaction requests ; and a private activities database which stores advertiser pending orders , inventories , and information necessary to carry out transactions . |
| US8869249B2 CLAIM 15 . A method comprising : receiving , for a user , first user (action request) authentication information for a first authentication method ; upon authenticating the first user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device after receiving , for the user , a second user (action request) authentication information , wherein the front-end storage device is accessible to a user device for the user via a network and the back-end storage device is not directly connected to the network ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the second user authentication information , enabling , by a computing device (computing device) , user access to the subset of data that has been moved to the front-end storage device via the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US5987440A CLAIM 1 . An electronic bazaar for the purpose of facilitating electronic commerce by auction comprising : an electronic bazaar electronic broker which securely processes a transaction to ensure that rules are satisfied before a transaction is processed ; an electronic personal information agent which securely encapsulates entities' ; personal information objects and rules governing processing ; a commercial activity dispatcher which handles all incoming transaction request (first user, second user) s with said electronic bazaar electronic broker ; a public product database which persistently stores product information processed by said electronic bazaar electronic broker ; a trusted token processor which stores and processes public keys from said electronic personal information agents and issues and validates trusted tokens presented by said electronic personal information agents ; an advertiser directory which stores and processes orders , product information and order forms as initiated by transaction requests ; and a private activities database which stores advertiser pending orders , inventories , and information necessary to carry out transactions . US5987440A CLAIM 22 . The computer-networked system of claim 21 , wherein said computer network is selected from the group consisting of the Internet , wireline telecomputing device (computing device) s and wireless telecomputing devices . |
| US8869249B2 CLAIM 16 . The method of claim 15 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user (action request) authentication information and the second user (action request) authentication information are authenticated . |
US5987440A CLAIM 1 . An electronic bazaar for the purpose of facilitating electronic commerce by auction comprising : an electronic bazaar electronic broker which securely processes a transaction to ensure that rules are satisfied before a transaction is processed ; an electronic personal information agent which securely encapsulates entities' ; personal information objects and rules governing processing ; a commercial activity dispatcher which handles all incoming transaction request (first user, second user) s with said electronic bazaar electronic broker ; a public product database which persistently stores product information processed by said electronic bazaar electronic broker ; a trusted token processor which stores and processes public keys from said electronic personal information agents and issues and validates trusted tokens presented by said electronic personal information agents ; an advertiser directory which stores and processes orders , product information and order forms as initiated by transaction requests ; and a private activities database which stores advertiser pending orders , inventories , and information necessary to carry out transactions . |
| US8869249B2 CLAIM 18 . The method of claim 15 , wherein the second user (action request) authentication information comprises an access code . |
US5987440A CLAIM 1 . An electronic bazaar for the purpose of facilitating electronic commerce by auction comprising : an electronic bazaar electronic broker which securely processes a transaction to ensure that rules are satisfied before a transaction is processed ; an electronic personal information agent which securely encapsulates entities' ; personal information objects and rules governing processing ; a commercial activity dispatcher which handles all incoming transaction request (first user, second user) s with said electronic bazaar electronic broker ; a public product database which persistently stores product information processed by said electronic bazaar electronic broker ; a trusted token processor which stores and processes public keys from said electronic personal information agents and issues and validates trusted tokens presented by said electronic personal information agents ; an advertiser directory which stores and processes orders , product information and order forms as initiated by transaction requests ; and a private activities database which stores advertiser pending orders , inventories , and information necessary to carry out transactions . |
| US8869249B2 CLAIM 19 . The method of claim 18 , further comprising sending the access code to the user upon receiving the first user (action request) authentication information . |
US5987440A CLAIM 1 . An electronic bazaar for the purpose of facilitating electronic commerce by auction comprising : an electronic bazaar electronic broker which securely processes a transaction to ensure that rules are satisfied before a transaction is processed ; an electronic personal information agent which securely encapsulates entities' ; personal information objects and rules governing processing ; a commercial activity dispatcher which handles all incoming transaction request (first user, second user) s with said electronic bazaar electronic broker ; a public product database which persistently stores product information processed by said electronic bazaar electronic broker ; a trusted token processor which stores and processes public keys from said electronic personal information agents and issues and validates trusted tokens presented by said electronic personal information agents ; an advertiser directory which stores and processes orders , product information and order forms as initiated by transaction requests ; and a private activities database which stores advertiser pending orders , inventories , and information necessary to carry out transactions . |
| US8869249B2 CLAIM 20 . The method of claim 19 , wherein the access code is sent to the user via a different communication channel from which the first user (action request) authentication information is received . |
US5987440A CLAIM 1 . An electronic bazaar for the purpose of facilitating electronic commerce by auction comprising : an electronic bazaar electronic broker which securely processes a transaction to ensure that rules are satisfied before a transaction is processed ; an electronic personal information agent which securely encapsulates entities' ; personal information objects and rules governing processing ; a commercial activity dispatcher which handles all incoming transaction request (first user, second user) s with said electronic bazaar electronic broker ; a public product database which persistently stores product information processed by said electronic bazaar electronic broker ; a trusted token processor which stores and processes public keys from said electronic personal information agents and issues and validates trusted tokens presented by said electronic personal information agents ; an advertiser directory which stores and processes orders , product information and order forms as initiated by transaction requests ; and a private activities database which stores advertiser pending orders , inventories , and information necessary to carry out transactions . |
| US8869249B2 Filed: 2002-01-18 Issued: 2014-10-21 Protecting information on a computer system using multiple authentication methods (Original Assignee) PeopleChart Corp (Current Assignee) PeopleChart Corp R. David Holvey, Arthur Douglas Jopling | US6044372A Filed: 1997-07-18 Issued: 2000-03-28 Method and apparatus for publishing information to a communications network and enabling subscriptions to such information (Original Assignee) Dazel Corp (Current Assignee) Google LLC ; Dazel Corp Eric J. Rothfus, Patrick J. Hill |
|---|---|
| US8869249B2 CLAIM 1 . A method comprising : receiving , for a user , first user (action request) authentication information for a first authentication method ; receiving , for the user , second user (action request) authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving , by a computing device , a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US6044372A CLAIM 13 . The apparatus of claim 1 wherein the information organizing means further includes : (a) reaction means programmed in the computer , the reaction means for producing an action request (first user, second user) for a predefined action in response to the occurrence of an event affecting the first network addressable location . |
| US8869249B2 CLAIM 3 . The method of claim 1 , wherein the period of time starts upon authenticating the second user (action request) authentication information as long as the second user authentication information is authenticated within a prescheduled period of time . |
US6044372A CLAIM 13 . The apparatus of claim 1 wherein the information organizing means further includes : (a) reaction means programmed in the computer , the reaction means for producing an action request (first user, second user) for a predefined action in response to the occurrence of an event affecting the first network addressable location . |
| US8869249B2 CLAIM 4 . The method of claim 1 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user (action request) authentication information and the second user (action request) authentication information are authenticated . |
US6044372A CLAIM 13 . The apparatus of claim 1 wherein the information organizing means further includes : (a) reaction means programmed in the computer , the reaction means for producing an action request (first user, second user) for a predefined action in response to the occurrence of an event affecting the first network addressable location . |
| US8869249B2 CLAIM 7 . The method of claim 1 , wherein the second user (action request) authentication information comprises an access code . |
US6044372A CLAIM 13 . The apparatus of claim 1 wherein the information organizing means further includes : (a) reaction means programmed in the computer , the reaction means for producing an action request (first user, second user) for a predefined action in response to the occurrence of an event affecting the first network addressable location . |
| US8869249B2 CLAIM 8 . The method of claim 7 , further comprising sending the access code to the user upon receiving the first user (action request) authentication information . |
US6044372A CLAIM 13 . The apparatus of claim 1 wherein the information organizing means further includes : (a) reaction means programmed in the computer , the reaction means for producing an action request (first user, second user) for a predefined action in response to the occurrence of an event affecting the first network addressable location . |
| US8869249B2 CLAIM 10 . The method of claim 8 , wherein the access code is sent to the user via a different communication channel from which the first user (action request) authentication information is received . |
US6044372A CLAIM 13 . The apparatus of claim 1 wherein the information organizing means further includes : (a) reaction means programmed in the computer , the reaction means for producing an action request (first user, second user) for a predefined action in response to the occurrence of an event affecting the first network addressable location . |
| US8869249B2 CLAIM 11 . A non-transitory computer-readable storage medium containing instructions for controlling a computer system (computer system) to be configured for : receiving , for a user , first user (action request) authentication information for a first authentication method ; receiving , for the user , second user (action request) authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing system , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US6044372A CLAIM 13 . The apparatus of claim 1 wherein the information organizing means further includes : (a) reaction means programmed in the computer , the reaction means for producing an action request (first user, second user) for a predefined action in response to the occurrence of an event affecting the first network addressable location . US6044372A CLAIM 28 . An apparatus for publishing information to an Internet location and improving access to such published information by an authorized Internet user : (a) a repository computer system (computer system) including a digital information storage device , the repository computer system adapted to receive identifying information relating to an information element and the information element which is to be accessible through a first Internet location and to store the information element at a second Internet location , the repository computer system including an Internet server process and operating to produce a repository handle when the information element is stored in the storage device , the repository handle including a URL for the second Internet location and identifying information relating to the information element ; and (b) a handle organizing computer system including a digital information storage device and an Internet server process , the handle organizing computer system adapted to receive from the repository computer system the repository handle associated with the information element and to store the repository handle under the first Internet location . |
| US8869249B2 CLAIM 12 . The non-transitory computer-readable storage medium of claim 11 , further configured for : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user (action request) authentication information and the second user (action request) authentication information are authenticated . |
US6044372A CLAIM 13 . The apparatus of claim 1 wherein the information organizing means further includes : (a) reaction means programmed in the computer , the reaction means for producing an action request (first user, second user) for a predefined action in response to the occurrence of an event affecting the first network addressable location . |
| US8869249B2 CLAIM 13 . The non-transitory computer-readable storage medium of claim 11 , wherein the second user (action request) authentication information comprises an access code . |
US6044372A CLAIM 13 . The apparatus of claim 1 wherein the information organizing means further includes : (a) reaction means programmed in the computer , the reaction means for producing an action request (first user, second user) for a predefined action in response to the occurrence of an event affecting the first network addressable location . |
| US8869249B2 CLAIM 14 . The non-transitory computer-readable storage medium of claim 13 , wherein the access code is sent to the user via a different communication channel from which the first user (action request) authentication information is received . |
US6044372A CLAIM 13 . The apparatus of claim 1 wherein the information organizing means further includes : (a) reaction means programmed in the computer , the reaction means for producing an action request (first user, second user) for a predefined action in response to the occurrence of an event affecting the first network addressable location . |
| US8869249B2 CLAIM 15 . A method comprising : receiving , for a user , first user (action request) authentication information for a first authentication method ; upon authenticating the first user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device after receiving , for the user , a second user (action request) authentication information , wherein the front-end storage device is accessible to a user device for the user via a network and the back-end storage device is not directly connected to the network ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the second user authentication information , enabling , by a computing device , user access to the subset of data that has been moved to the front-end storage device via the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US6044372A CLAIM 13 . The apparatus of claim 1 wherein the information organizing means further includes : (a) reaction means programmed in the computer , the reaction means for producing an action request (first user, second user) for a predefined action in response to the occurrence of an event affecting the first network addressable location . |
| US8869249B2 CLAIM 16 . The method of claim 15 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user (action request) authentication information and the second user (action request) authentication information are authenticated . |
US6044372A CLAIM 13 . The apparatus of claim 1 wherein the information organizing means further includes : (a) reaction means programmed in the computer , the reaction means for producing an action request (first user, second user) for a predefined action in response to the occurrence of an event affecting the first network addressable location . |
| US8869249B2 CLAIM 18 . The method of claim 15 , wherein the second user (action request) authentication information comprises an access code . |
US6044372A CLAIM 13 . The apparatus of claim 1 wherein the information organizing means further includes : (a) reaction means programmed in the computer , the reaction means for producing an action request (first user, second user) for a predefined action in response to the occurrence of an event affecting the first network addressable location . |
| US8869249B2 CLAIM 19 . The method of claim 18 , further comprising sending the access code to the user upon receiving the first user (action request) authentication information . |
US6044372A CLAIM 13 . The apparatus of claim 1 wherein the information organizing means further includes : (a) reaction means programmed in the computer , the reaction means for producing an action request (first user, second user) for a predefined action in response to the occurrence of an event affecting the first network addressable location . |
| US8869249B2 CLAIM 20 . The method of claim 19 , wherein the access code is sent to the user via a different communication channel from which the first user (action request) authentication information is received . |
US6044372A CLAIM 13 . The apparatus of claim 1 wherein the information organizing means further includes : (a) reaction means programmed in the computer , the reaction means for producing an action request (first user, second user) for a predefined action in response to the occurrence of an event affecting the first network addressable location . |
| US8869249B2 Filed: 2002-01-18 Issued: 2014-10-21 Protecting information on a computer system using multiple authentication methods (Original Assignee) PeopleChart Corp (Current Assignee) PeopleChart Corp R. David Holvey, Arthur Douglas Jopling | US6185551B1 Filed: 1997-06-16 Issued: 2001-02-06 Web-based electronic mail service apparatus and method using full text and label indexing (Original Assignee) Digital Equipment Corp (Current Assignee) Google LLC Andrew D. Birrell, Edward P. Wobber, Michael Schroeder |
|---|---|
| US8869249B2 CLAIM 11 . A non-transitory computer-readable storage medium containing instructions for controlling a computer system (computer system) to be configured for : receiving , for a user , first user authentication information for a first authentication method ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing system , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US6185551B1 CLAIM 9 . A computer program product for use in conjunction with a computer system (computer system) functioning as a mail server , the mail server operating in conjunction with a plurality of client computers that have means for being coupled to the mail server via a network , the client computers each including a browser application for viewing documents sent by server computers , including the mail server ; the computer program product comprising a computer readable storage medium and a computer program mechanism embedded therein , the computer program mechanism comprising : mail storage and indexing instructions for storing mail messages in message files , the mail messages received on behalf of users , indexing all words in the mail messages , and storing a full-text index of the mail messages , the full-text index containing location information for all words in the mail messages ; a mail access module for receiving and servicing a mail access request from one of the client computers , the client computer being operated on behalf of a particular one of the users , the mail access request including a query specifying one or more words associated with mail messages sought by the particular user , the mail access module including mail retrieval instructions for utilizing the full-text index to identify mail messages , if any , satisfying the query and sending a browser viewable document to the one client computer , the document containing information representing the identified mail messages ; wherein the mail access module includes label handling instructions for adding user-defined and system predefined labels to the mail messages , removing labels from the mail messages , and storing the labels in the full-text index ; the query specifies at least one user-defined label to be included in mail messages satisfying the query . |
| US8869249B2 Filed: 2002-01-18 Issued: 2014-10-21 Protecting information on a computer system using multiple authentication methods (Original Assignee) PeopleChart Corp (Current Assignee) PeopleChart Corp R. David Holvey, Arthur Douglas Jopling | US6070243A Filed: 1997-06-13 Issued: 2000-05-30 Deterministic user authentication service for communication network (Original Assignee) Xylan Corp (Current Assignee) Alcatel USA Sourcing LP ; Alcatel USA Marketing Inc Michael E. See, John W. Bailey, Charles L. Panza, Yuri Pikover, Geoffrey C. Stone |
|---|---|
| US8869249B2 CLAIM 1 . A method comprising : receiving , for a user , first user authentication information for a first authentication method ; receiving , for the user , second user (said server) authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving , by a computing device , a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US6070243A CLAIM 20 . The authentication agent according to claim 13 , wherein said processing means is operative for abolishing the established rules if said agent receives from said server (second user) a deactivation instruction for said system . |
| US8869249B2 CLAIM 3 . The method of claim 1 , wherein the period of time starts upon authenticating the second user (said server) authentication information as long as the second user authentication information is authenticated within a prescheduled period of time . |
US6070243A CLAIM 20 . The authentication agent according to claim 13 , wherein said processing means is operative for abolishing the established rules if said agent receives from said server (second user) a deactivation instruction for said system . |
| US8869249B2 CLAIM 4 . The method of claim 1 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user authentication information and the second user (said server) authentication information are authenticated . |
US6070243A CLAIM 20 . The authentication agent according to claim 13 , wherein said processing means is operative for abolishing the established rules if said agent receives from said server (second user) a deactivation instruction for said system . |
| US8869249B2 CLAIM 7 . The method of claim 1 , wherein the second user (said server) authentication information comprises an access code (authentication method) . |
US6070243A CLAIM 12 . A method for authenticating prospective users of a communication network including a plurality of nodes each having a different network interface , comprising : (a) accepting and storing , as associated entries for particular users , user identification information , groups of the nodes and enhanced authentication information , the enhanced authentication information identifying an enhanced authentication server operative in the network ; (b) accepting a log-in response on an end system in the network ; (c) comparing for a match the log-in response with the user identification information ; (d) if a match is found , conducting an enhanced authentication method (access code) between the system and the identified enhanced authentication server associated with the matching user identification information ; and (e) if the enhanced authentication method is successfully completed , establishing communicability between the system and each member of a group of the nodes associated with the matching user identification information . US6070243A CLAIM 20 . The authentication agent according to claim 13 , wherein said processing means is operative for abolishing the established rules if said agent receives from said server (second user) a deactivation instruction for said system . |
| US8869249B2 CLAIM 8 . The method of claim 7 , further comprising sending the access code (authentication method) to the user upon receiving the first user authentication information . |
US6070243A CLAIM 12 . A method for authenticating prospective users of a communication network including a plurality of nodes each having a different network interface , comprising : (a) accepting and storing , as associated entries for particular users , user identification information , groups of the nodes and enhanced authentication information , the enhanced authentication information identifying an enhanced authentication server operative in the network ; (b) accepting a log-in response on an end system in the network ; (c) comparing for a match the log-in response with the user identification information ; (d) if a match is found , conducting an enhanced authentication method (access code) between the system and the identified enhanced authentication server associated with the matching user identification information ; and (e) if the enhanced authentication method is successfully completed , establishing communicability between the system and each member of a group of the nodes associated with the matching user identification information . |
| US8869249B2 CLAIM 9 . The method of claim 8 , wherein the access code (authentication method) is sent to the user via a communication path that has been previously established . |
US6070243A CLAIM 12 . A method for authenticating prospective users of a communication network including a plurality of nodes each having a different network interface , comprising : (a) accepting and storing , as associated entries for particular users , user identification information , groups of the nodes and enhanced authentication information , the enhanced authentication information identifying an enhanced authentication server operative in the network ; (b) accepting a log-in response on an end system in the network ; (c) comparing for a match the log-in response with the user identification information ; (d) if a match is found , conducting an enhanced authentication method (access code) between the system and the identified enhanced authentication server associated with the matching user identification information ; and (e) if the enhanced authentication method is successfully completed , establishing communicability between the system and each member of a group of the nodes associated with the matching user identification information . |
| US8869249B2 CLAIM 10 . The method of claim 8 , wherein the access code (authentication method) is sent to the user via a different communication channel from which the first user authentication information is received . |
US6070243A CLAIM 12 . A method for authenticating prospective users of a communication network including a plurality of nodes each having a different network interface , comprising : (a) accepting and storing , as associated entries for particular users , user identification information , groups of the nodes and enhanced authentication information , the enhanced authentication information identifying an enhanced authentication server operative in the network ; (b) accepting a log-in response on an end system in the network ; (c) comparing for a match the log-in response with the user identification information ; (d) if a match is found , conducting an enhanced authentication method (access code) between the system and the identified enhanced authentication server associated with the matching user identification information ; and (e) if the enhanced authentication method is successfully completed , establishing communicability between the system and each member of a group of the nodes associated with the matching user identification information . |
| US8869249B2 CLAIM 11 . A non-transitory computer-readable storage medium containing instructions for controlling a computer system to be configured for : receiving , for a user , first user authentication information for a first authentication method ; receiving , for the user , second user (said server) authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing system , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US6070243A CLAIM 20 . The authentication agent according to claim 13 , wherein said processing means is operative for abolishing the established rules if said agent receives from said server (second user) a deactivation instruction for said system . |
| US8869249B2 CLAIM 12 . The non-transitory computer-readable storage medium of claim 11 , further configured for : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user authentication information and the second user (said server) authentication information are authenticated . |
US6070243A CLAIM 20 . The authentication agent according to claim 13 , wherein said processing means is operative for abolishing the established rules if said agent receives from said server (second user) a deactivation instruction for said system . |
| US8869249B2 CLAIM 13 . The non-transitory computer-readable storage medium of claim 11 , wherein the second user (said server) authentication information comprises an access code (authentication method) . |
US6070243A CLAIM 12 . A method for authenticating prospective users of a communication network including a plurality of nodes each having a different network interface , comprising : (a) accepting and storing , as associated entries for particular users , user identification information , groups of the nodes and enhanced authentication information , the enhanced authentication information identifying an enhanced authentication server operative in the network ; (b) accepting a log-in response on an end system in the network ; (c) comparing for a match the log-in response with the user identification information ; (d) if a match is found , conducting an enhanced authentication method (access code) between the system and the identified enhanced authentication server associated with the matching user identification information ; and (e) if the enhanced authentication method is successfully completed , establishing communicability between the system and each member of a group of the nodes associated with the matching user identification information . US6070243A CLAIM 20 . The authentication agent according to claim 13 , wherein said processing means is operative for abolishing the established rules if said agent receives from said server (second user) a deactivation instruction for said system . |
| US8869249B2 CLAIM 14 . The non-transitory computer-readable storage medium of claim 13 , wherein the access code (authentication method) is sent to the user via a different communication channel from which the first user authentication information is received . |
US6070243A CLAIM 12 . A method for authenticating prospective users of a communication network including a plurality of nodes each having a different network interface , comprising : (a) accepting and storing , as associated entries for particular users , user identification information , groups of the nodes and enhanced authentication information , the enhanced authentication information identifying an enhanced authentication server operative in the network ; (b) accepting a log-in response on an end system in the network ; (c) comparing for a match the log-in response with the user identification information ; (d) if a match is found , conducting an enhanced authentication method (access code) between the system and the identified enhanced authentication server associated with the matching user identification information ; and (e) if the enhanced authentication method is successfully completed , establishing communicability between the system and each member of a group of the nodes associated with the matching user identification information . |
| US8869249B2 CLAIM 15 . A method comprising : receiving , for a user , first user authentication information for a first authentication method ; upon authenticating the first user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device after receiving , for the user , a second user (said server) authentication information , wherein the front-end storage device is accessible to a user device for the user via a network and the back-end storage device is not directly connected to the network ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the second user authentication information , enabling , by a computing device , user access to the subset of data that has been moved to the front-end storage device via the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US6070243A CLAIM 20 . The authentication agent according to claim 13 , wherein said processing means is operative for abolishing the established rules if said agent receives from said server (second user) a deactivation instruction for said system . |
| US8869249B2 CLAIM 16 . The method of claim 15 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user authentication information and the second user (said server) authentication information are authenticated . |
US6070243A CLAIM 20 . The authentication agent according to claim 13 , wherein said processing means is operative for abolishing the established rules if said agent receives from said server (second user) a deactivation instruction for said system . |
| US8869249B2 CLAIM 18 . The method of claim 15 , wherein the second user (said server) authentication information comprises an access code (authentication method) . |
US6070243A CLAIM 12 . A method for authenticating prospective users of a communication network including a plurality of nodes each having a different network interface , comprising : (a) accepting and storing , as associated entries for particular users , user identification information , groups of the nodes and enhanced authentication information , the enhanced authentication information identifying an enhanced authentication server operative in the network ; (b) accepting a log-in response on an end system in the network ; (c) comparing for a match the log-in response with the user identification information ; (d) if a match is found , conducting an enhanced authentication method (access code) between the system and the identified enhanced authentication server associated with the matching user identification information ; and (e) if the enhanced authentication method is successfully completed , establishing communicability between the system and each member of a group of the nodes associated with the matching user identification information . US6070243A CLAIM 20 . The authentication agent according to claim 13 , wherein said processing means is operative for abolishing the established rules if said agent receives from said server (second user) a deactivation instruction for said system . |
| US8869249B2 CLAIM 19 . The method of claim 18 , further comprising sending the access code (authentication method) to the user upon receiving the first user authentication information . |
US6070243A CLAIM 12 . A method for authenticating prospective users of a communication network including a plurality of nodes each having a different network interface , comprising : (a) accepting and storing , as associated entries for particular users , user identification information , groups of the nodes and enhanced authentication information , the enhanced authentication information identifying an enhanced authentication server operative in the network ; (b) accepting a log-in response on an end system in the network ; (c) comparing for a match the log-in response with the user identification information ; (d) if a match is found , conducting an enhanced authentication method (access code) between the system and the identified enhanced authentication server associated with the matching user identification information ; and (e) if the enhanced authentication method is successfully completed , establishing communicability between the system and each member of a group of the nodes associated with the matching user identification information . |
| US8869249B2 CLAIM 20 . The method of claim 19 , wherein the access code (authentication method) is sent to the user via a different communication channel from which the first user authentication information is received . |
US6070243A CLAIM 12 . A method for authenticating prospective users of a communication network including a plurality of nodes each having a different network interface , comprising : (a) accepting and storing , as associated entries for particular users , user identification information , groups of the nodes and enhanced authentication information , the enhanced authentication information identifying an enhanced authentication server operative in the network ; (b) accepting a log-in response on an end system in the network ; (c) comparing for a match the log-in response with the user identification information ; (d) if a match is found , conducting an enhanced authentication method (access code) between the system and the identified enhanced authentication server associated with the matching user identification information ; and (e) if the enhanced authentication method is successfully completed , establishing communicability between the system and each member of a group of the nodes associated with the matching user identification information . |
| US8869249B2 Filed: 2002-01-18 Issued: 2014-10-21 Protecting information on a computer system using multiple authentication methods (Original Assignee) PeopleChart Corp (Current Assignee) PeopleChart Corp R. David Holvey, Arthur Douglas Jopling | US5987454A Filed: 1997-06-09 Issued: 1999-11-16 Method and apparatus for selectively augmenting retrieved text, numbers, maps, charts, still pictures and/or graphics, moving pictures and/or graphics and audio information from a network resource (Original Assignee) Hobbs; Allen (Current Assignee) Red Hat Inc Allen Hobbs |
|---|---|
| US8869249B2 CLAIM 1 . A method comprising : receiving , for a user , first user authentication information for a first authentication (first authentication) method ; receiving , for the user , second user (viewing area) authentication information for a second authentication method (viewing area) , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving , by a computing device , a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device (viewing area) for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US5987454A CLAIM 12 . The method of claim 9 , further comprising the steps of : determining whether a first authentication (first authentication) of a user is needed before said at least one request is sent to said second network resource ; and performing said first authentication of the user if said first authentication of the user is required . US5987454A CLAIM 27 . The method of claim 4 , wherein the user may cause through a graphical device on said display to increase and decrease a viewing area (second user, second user authentication information, second authentication method, user device) of any one of said plurality of frames . |
| US8869249B2 CLAIM 3 . The method of claim 1 , wherein the period of time starts upon authenticating the second user (viewing area) authentication information as long as the second user authentication information is authenticated within a prescheduled period of time . |
US5987454A CLAIM 27 . The method of claim 4 , wherein the user may cause through a graphical device on said display to increase and decrease a viewing area (second user, second user authentication information, second authentication method, user device) of any one of said plurality of frames . |
| US8869249B2 CLAIM 4 . The method of claim 1 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user authentication information and the second user (viewing area) authentication information are authenticated . |
US5987454A CLAIM 27 . The method of claim 4 , wherein the user may cause through a graphical device on said display to increase and decrease a viewing area (second user, second user authentication information, second authentication method, user device) of any one of said plurality of frames . |
| US8869249B2 CLAIM 7 . The method of claim 1 , wherein the second user (viewing area) authentication information comprises an access code . |
US5987454A CLAIM 27 . The method of claim 4 , wherein the user may cause through a graphical device on said display to increase and decrease a viewing area (second user, second user authentication information, second authentication method, user device) of any one of said plurality of frames . |
| US8869249B2 CLAIM 11 . A non-transitory computer-readable storage medium containing instructions for controlling a computer system to be configured for : receiving , for a user , first user authentication information for a first authentication (first authentication) method ; receiving , for the user , second user (viewing area) authentication information for a second authentication method (viewing area) , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device (viewing area) for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing system , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US5987454A CLAIM 12 . The method of claim 9 , further comprising the steps of : determining whether a first authentication (first authentication) of a user is needed before said at least one request is sent to said second network resource ; and performing said first authentication of the user if said first authentication of the user is required . US5987454A CLAIM 27 . The method of claim 4 , wherein the user may cause through a graphical device on said display to increase and decrease a viewing area (second user, second user authentication information, second authentication method, user device) of any one of said plurality of frames . |
| US8869249B2 CLAIM 12 . The non-transitory computer-readable storage medium of claim 11 , further configured for : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user authentication information and the second user (viewing area) authentication information are authenticated . |
US5987454A CLAIM 27 . The method of claim 4 , wherein the user may cause through a graphical device on said display to increase and decrease a viewing area (second user, second user authentication information, second authentication method, user device) of any one of said plurality of frames . |
| US8869249B2 CLAIM 13 . The non-transitory computer-readable storage medium of claim 11 , wherein the second user (viewing area) authentication information comprises an access code . |
US5987454A CLAIM 27 . The method of claim 4 , wherein the user may cause through a graphical device on said display to increase and decrease a viewing area (second user, second user authentication information, second authentication method, user device) of any one of said plurality of frames . |
| US8869249B2 CLAIM 15 . A method comprising : receiving , for a user , first user authentication information for a first authentication (first authentication) method ; upon authenticating the first user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device after receiving , for the user , a second user (viewing area) authentication information , wherein the front-end storage device is accessible to a user device (viewing area) for the user via a network and the back-end storage device is not directly connected to the network ; receiving , for the user , second user authentication information for a second authentication method (viewing area) , the second authentication method being different from the first authentication method ; upon authenticating the second user authentication information , enabling , by a computing device , user access to the subset of data that has been moved to the front-end storage device via the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US5987454A CLAIM 12 . The method of claim 9 , further comprising the steps of : determining whether a first authentication (first authentication) of a user is needed before said at least one request is sent to said second network resource ; and performing said first authentication of the user if said first authentication of the user is required . US5987454A CLAIM 27 . The method of claim 4 , wherein the user may cause through a graphical device on said display to increase and decrease a viewing area (second user, second user authentication information, second authentication method, user device) of any one of said plurality of frames . |
| US8869249B2 CLAIM 16 . The method of claim 15 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user authentication information and the second user (viewing area) authentication information are authenticated . |
US5987454A CLAIM 27 . The method of claim 4 , wherein the user may cause through a graphical device on said display to increase and decrease a viewing area (second user, second user authentication information, second authentication method, user device) of any one of said plurality of frames . |
| US8869249B2 CLAIM 18 . The method of claim 15 , wherein the second user (viewing area) authentication information comprises an access code . |
US5987454A CLAIM 27 . The method of claim 4 , wherein the user may cause through a graphical device on said display to increase and decrease a viewing area (second user, second user authentication information, second authentication method, user device) of any one of said plurality of frames . |
| US8869249B2 Filed: 2002-01-18 Issued: 2014-10-21 Protecting information on a computer system using multiple authentication methods (Original Assignee) PeopleChart Corp (Current Assignee) PeopleChart Corp R. David Holvey, Arthur Douglas Jopling | US6161123A Filed: 1997-05-06 Issued: 2000-12-12 Providing reliable communication over an unreliable transport layer in a hand-held device using a persistent session (Original Assignee) Intermec IP Corp (Current Assignee) Intermec IP Corp Julia J. Renouard, Alan Piercy, Steve Heckt, Joe Savarese |
|---|---|
| US8869249B2 CLAIM 1 . A method comprising : receiving , for a user , first user authentication information for a first authentication method ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving , by a computing device , a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires (sequence numbers) , the subset of data is removed from the front-end storage device . |
US6161123A CLAIM 14 . The method of claim 11 wherein the messages sent between the source computer and the destination computer have associated sequence numbers (time expires) , and wherein reestablishing the connection includes synchronizing the sequence numbers between the source computer and the destination computer . |
| US8869249B2 CLAIM 11 . A non-transitory computer-readable storage medium containing instructions for controlling a computer system to be configured for : receiving , for a user , first user authentication information for a first authentication method ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing system , wherein after the period of time expires (sequence numbers) , the subset of data is removed from the front-end storage device . |
US6161123A CLAIM 14 . The method of claim 11 wherein the messages sent between the source computer and the destination computer have associated sequence numbers (time expires) , and wherein reestablishing the connection includes synchronizing the sequence numbers between the source computer and the destination computer . |
| US8869249B2 CLAIM 15 . A method comprising : receiving , for a user , first user authentication information for a first authentication method ; upon authenticating the first user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device after receiving , for the user , a second user authentication information , wherein the front-end storage device is accessible to a user device for the user via a network and the back-end storage device is not directly connected to the network ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the second user authentication information , enabling , by a computing device , user access to the subset of data that has been moved to the front-end storage device via the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires (sequence numbers) , the subset of data is removed from the front-end storage device . |
US6161123A CLAIM 14 . The method of claim 11 wherein the messages sent between the source computer and the destination computer have associated sequence numbers (time expires) , and wherein reestablishing the connection includes synchronizing the sequence numbers between the source computer and the destination computer . |
| US8869249B2 Filed: 2002-01-18 Issued: 2014-10-21 Protecting information on a computer system using multiple authentication methods (Original Assignee) PeopleChart Corp (Current Assignee) PeopleChart Corp R. David Holvey, Arthur Douglas Jopling | US5869819A Filed: 1997-04-07 Issued: 1999-02-09 Internet-based system and method for tracking objects bearing URL-encoded bar code symbols (Original Assignee) Metrologic Instruments Inc (Current Assignee) Metrologic Instruments Inc Carl Harry Knowles, David Wilz |
|---|---|
| US8869249B2 CLAIM 11 . A non-transitory computer-readable storage medium containing instructions for controlling a computer system (computer system) to be configured for : receiving , for a user , first user authentication information for a first authentication method ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing system , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US5869819A CLAIM 4 . The system of claim 1 , wherein said Package Log-In/Shipping Computer Subsystem comprises a desktop computer system (computer system) and bar code symbol printer . |
| US8869249B2 Filed: 2002-01-18 Issued: 2014-10-21 Protecting information on a computer system using multiple authentication methods (Original Assignee) PeopleChart Corp (Current Assignee) PeopleChart Corp R. David Holvey, Arthur Douglas Jopling | US6055570A Filed: 1997-04-03 Issued: 2000-04-25 Subscribed update monitors (Original Assignee) Sun Microsystems Inc (Current Assignee) Oracle America Inc Jakob Nielsen |
|---|---|
| US8869249B2 CLAIM 1 . A method comprising : receiving , for a user , first user (service provider) authentication information for a first authentication method ; receiving , for the user , second user (said database, said server, respective network) authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving , by a computing device , a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device (said database, said server, respective network) for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US6055570A CLAIM 2 . Apparatus of claim 1 in which said database (second user, user access, user device, user device access) further includes a table relating subscribers to the network addresses that are to be monitored for a subscriber . US6055570A CLAIM 12 . The system of claim 8 in which said update monitor service server is configured to maintain a list of one or more users of user computers and respective network (second user, user access, user device, user device access) addresses of information stored on said network to be monitored for changes . US6055570A CLAIM 13 . The system of claim 8 in which said update monitor service server is run as a process on an internet service provider (first user) computer . US6055570A CLAIM 16 . The method of claim 15 further comprising the step of providing an element for performing the step of calculating a degree of change based on current and previous versions of information content stored on one or more network servers , if a change notification service is not provided by said server (second user, user access, user device, user device access) on which a network address is located . |
| US8869249B2 CLAIM 3 . The method of claim 1 , wherein the period of time starts upon authenticating the second user (said database, said server, respective network) authentication information as long as the second user authentication information is authenticated within a prescheduled period of time . |
US6055570A CLAIM 2 . Apparatus of claim 1 in which said database (second user, user access, user device, user device access) further includes a table relating subscribers to the network addresses that are to be monitored for a subscriber . US6055570A CLAIM 12 . The system of claim 8 in which said update monitor service server is configured to maintain a list of one or more users of user computers and respective network (second user, user access, user device, user device access) addresses of information stored on said network to be monitored for changes . US6055570A CLAIM 16 . The method of claim 15 further comprising the step of providing an element for performing the step of calculating a degree of change based on current and previous versions of information content stored on one or more network servers , if a change notification service is not provided by said server (second user, user access, user device, user device access) on which a network address is located . |
| US8869249B2 CLAIM 4 . The method of claim 1 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user (service provider) authentication information and the second user (said database, said server, respective network) authentication information are authenticated . |
US6055570A CLAIM 2 . Apparatus of claim 1 in which said database (second user, user access, user device, user device access) further includes a table relating subscribers to the network addresses that are to be monitored for a subscriber . US6055570A CLAIM 12 . The system of claim 8 in which said update monitor service server is configured to maintain a list of one or more users of user computers and respective network (second user, user access, user device, user device access) addresses of information stored on said network to be monitored for changes . US6055570A CLAIM 13 . The system of claim 8 in which said update monitor service server is run as a process on an internet service provider (first user) computer . US6055570A CLAIM 16 . The method of claim 15 further comprising the step of providing an element for performing the step of calculating a degree of change based on current and previous versions of information content stored on one or more network servers , if a change notification service is not provided by said server (second user, user access, user device, user device access) on which a network address is located . |
| US8869249B2 CLAIM 7 . The method of claim 1 , wherein the second user (said database, said server, respective network) authentication information comprises an access code . |
US6055570A CLAIM 2 . Apparatus of claim 1 in which said database (second user, user access, user device, user device access) further includes a table relating subscribers to the network addresses that are to be monitored for a subscriber . US6055570A CLAIM 12 . The system of claim 8 in which said update monitor service server is configured to maintain a list of one or more users of user computers and respective network (second user, user access, user device, user device access) addresses of information stored on said network to be monitored for changes . US6055570A CLAIM 16 . The method of claim 15 further comprising the step of providing an element for performing the step of calculating a degree of change based on current and previous versions of information content stored on one or more network servers , if a change notification service is not provided by said server (second user, user access, user device, user device access) on which a network address is located . |
| US8869249B2 CLAIM 8 . The method of claim 7 , further comprising sending the access code to the user upon receiving the first user (service provider) authentication information . |
US6055570A CLAIM 13 . The system of claim 8 in which said update monitor service server is run as a process on an internet service provider (first user) computer . |
| US8869249B2 CLAIM 10 . The method of claim 8 , wherein the access code is sent to the user via a different communication channel from which the first user (service provider) authentication information is received . |
US6055570A CLAIM 13 . The system of claim 8 in which said update monitor service server is run as a process on an internet service provider (first user) computer . |
| US8869249B2 CLAIM 11 . A non-transitory computer-readable storage medium containing instructions for controlling a computer system to be configured for : receiving , for a user , first user (service provider) authentication information for a first authentication method ; receiving , for the user , second user (said database, said server, respective network) authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device (said database, said server, respective network) for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing system , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US6055570A CLAIM 2 . Apparatus of claim 1 in which said database (second user, user access, user device, user device access) further includes a table relating subscribers to the network addresses that are to be monitored for a subscriber . US6055570A CLAIM 12 . The system of claim 8 in which said update monitor service server is configured to maintain a list of one or more users of user computers and respective network (second user, user access, user device, user device access) addresses of information stored on said network to be monitored for changes . US6055570A CLAIM 13 . The system of claim 8 in which said update monitor service server is run as a process on an internet service provider (first user) computer . US6055570A CLAIM 16 . The method of claim 15 further comprising the step of providing an element for performing the step of calculating a degree of change based on current and previous versions of information content stored on one or more network servers , if a change notification service is not provided by said server (second user, user access, user device, user device access) on which a network address is located . |
| US8869249B2 CLAIM 12 . The non-transitory computer-readable storage medium of claim 11 , further configured for : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user (service provider) authentication information and the second user (said database, said server, respective network) authentication information are authenticated . |
US6055570A CLAIM 2 . Apparatus of claim 1 in which said database (second user, user access, user device, user device access) further includes a table relating subscribers to the network addresses that are to be monitored for a subscriber . US6055570A CLAIM 12 . The system of claim 8 in which said update monitor service server is configured to maintain a list of one or more users of user computers and respective network (second user, user access, user device, user device access) addresses of information stored on said network to be monitored for changes . US6055570A CLAIM 13 . The system of claim 8 in which said update monitor service server is run as a process on an internet service provider (first user) computer . US6055570A CLAIM 16 . The method of claim 15 further comprising the step of providing an element for performing the step of calculating a degree of change based on current and previous versions of information content stored on one or more network servers , if a change notification service is not provided by said server (second user, user access, user device, user device access) on which a network address is located . |
| US8869249B2 CLAIM 13 . The non-transitory computer-readable storage medium of claim 11 , wherein the second user (said database, said server, respective network) authentication information comprises an access code . |
US6055570A CLAIM 2 . Apparatus of claim 1 in which said database (second user, user access, user device, user device access) further includes a table relating subscribers to the network addresses that are to be monitored for a subscriber . US6055570A CLAIM 12 . The system of claim 8 in which said update monitor service server is configured to maintain a list of one or more users of user computers and respective network (second user, user access, user device, user device access) addresses of information stored on said network to be monitored for changes . US6055570A CLAIM 16 . The method of claim 15 further comprising the step of providing an element for performing the step of calculating a degree of change based on current and previous versions of information content stored on one or more network servers , if a change notification service is not provided by said server (second user, user access, user device, user device access) on which a network address is located . |
| US8869249B2 CLAIM 14 . The non-transitory computer-readable storage medium of claim 13 , wherein the access code is sent to the user via a different communication channel from which the first user (service provider) authentication information is received . |
US6055570A CLAIM 13 . The system of claim 8 in which said update monitor service server is run as a process on an internet service provider (first user) computer . |
| US8869249B2 CLAIM 15 . A method comprising : receiving , for a user , first user (service provider) authentication information for a first authentication method ; upon authenticating the first user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device after receiving , for the user , a second user (said database, said server, respective network) authentication information , wherein the front-end storage device is accessible to a user device (said database, said server, respective network) for the user via a network and the back-end storage device is not directly connected to the network ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the second user authentication information , enabling , by a computing device , user access (said database, said server, respective network) to the subset of data that has been moved to the front-end storage device via the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US6055570A CLAIM 2 . Apparatus of claim 1 in which said database (second user, user access, user device, user device access) further includes a table relating subscribers to the network addresses that are to be monitored for a subscriber . US6055570A CLAIM 12 . The system of claim 8 in which said update monitor service server is configured to maintain a list of one or more users of user computers and respective network (second user, user access, user device, user device access) addresses of information stored on said network to be monitored for changes . US6055570A CLAIM 13 . The system of claim 8 in which said update monitor service server is run as a process on an internet service provider (first user) computer . US6055570A CLAIM 16 . The method of claim 15 further comprising the step of providing an element for performing the step of calculating a degree of change based on current and previous versions of information content stored on one or more network servers , if a change notification service is not provided by said server (second user, user access, user device, user device access) on which a network address is located . |
| US8869249B2 CLAIM 16 . The method of claim 15 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user (service provider) authentication information and the second user (said database, said server, respective network) authentication information are authenticated . |
US6055570A CLAIM 2 . Apparatus of claim 1 in which said database (second user, user access, user device, user device access) further includes a table relating subscribers to the network addresses that are to be monitored for a subscriber . US6055570A CLAIM 12 . The system of claim 8 in which said update monitor service server is configured to maintain a list of one or more users of user computers and respective network (second user, user access, user device, user device access) addresses of information stored on said network to be monitored for changes . US6055570A CLAIM 13 . The system of claim 8 in which said update monitor service server is run as a process on an internet service provider (first user) computer . US6055570A CLAIM 16 . The method of claim 15 further comprising the step of providing an element for performing the step of calculating a degree of change based on current and previous versions of information content stored on one or more network servers , if a change notification service is not provided by said server (second user, user access, user device, user device access) on which a network address is located . |
| US8869249B2 CLAIM 18 . The method of claim 15 , wherein the second user (said database, said server, respective network) authentication information comprises an access code . |
US6055570A CLAIM 2 . Apparatus of claim 1 in which said database (second user, user access, user device, user device access) further includes a table relating subscribers to the network addresses that are to be monitored for a subscriber . US6055570A CLAIM 12 . The system of claim 8 in which said update monitor service server is configured to maintain a list of one or more users of user computers and respective network (second user, user access, user device, user device access) addresses of information stored on said network to be monitored for changes . US6055570A CLAIM 16 . The method of claim 15 further comprising the step of providing an element for performing the step of calculating a degree of change based on current and previous versions of information content stored on one or more network servers , if a change notification service is not provided by said server (second user, user access, user device, user device access) on which a network address is located . |
| US8869249B2 CLAIM 19 . The method of claim 18 , further comprising sending the access code to the user upon receiving the first user (service provider) authentication information . |
US6055570A CLAIM 13 . The system of claim 8 in which said update monitor service server is run as a process on an internet service provider (first user) computer . |
| US8869249B2 CLAIM 20 . The method of claim 19 , wherein the access code is sent to the user via a different communication channel from which the first user (service provider) authentication information is received . |
US6055570A CLAIM 13 . The system of claim 8 in which said update monitor service server is run as a process on an internet service provider (first user) computer . |
| US8869249B2 Filed: 2002-01-18 Issued: 2014-10-21 Protecting information on a computer system using multiple authentication methods (Original Assignee) PeopleChart Corp (Current Assignee) PeopleChart Corp R. David Holvey, Arthur Douglas Jopling | US5983268A Filed: 1997-03-25 Issued: 1999-11-09 Spreadsheet user-interface for an internet-document change-detection tool (Original Assignee) NetMind Technologies Inc (Current Assignee) NetMind Technologies Inc ; Netmind Services Inc Matthew P. Freivald, Mark S. Richards, Alan C. Noble |
|---|---|
| US8869249B2 CLAIM 1 . A method comprising : receiving , for a user , first user authentication information for a first authentication method ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving , by a computing device , a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires (user selections) , the subset of data is removed from the front-end storage device . |
US5983268A CLAIM 9 . The change-detection web server of claim 1 further comprising : second web-page means , coupled to the network connection , for fetching a second web page from a second remote web-page server , the responder generating second markers for identifying locations of second numeric values on the second web page in response to user selections (time expires) , wherein the formulas operate on the numeric values from the web page and on the second numeric values from the second web page , whereby numeric values from two web pages are combined in formula to determine when the predetermined notification condition is met . |
| US8869249B2 CLAIM 11 . A non-transitory computer-readable storage medium containing instructions for controlling a computer system to be configured for : receiving , for a user , first user authentication information for a first authentication method ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing system , wherein after the period of time expires (user selections) , the subset of data is removed from the front-end storage device . |
US5983268A CLAIM 9 . The change-detection web server of claim 1 further comprising : second web-page means , coupled to the network connection , for fetching a second web page from a second remote web-page server , the responder generating second markers for identifying locations of second numeric values on the second web page in response to user selections (time expires) , wherein the formulas operate on the numeric values from the web page and on the second numeric values from the second web page , whereby numeric values from two web pages are combined in formula to determine when the predetermined notification condition is met . |
| US8869249B2 CLAIM 15 . A method comprising : receiving , for a user , first user authentication information for a first authentication method ; upon authenticating the first user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device after receiving , for the user , a second user authentication information , wherein the front-end storage device is accessible to a user device for the user via a network and the back-end storage device is not directly connected to the network ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the second user authentication information , enabling , by a computing device , user access to the subset of data that has been moved to the front-end storage device via the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires (user selections) , the subset of data is removed from the front-end storage device . |
US5983268A CLAIM 9 . The change-detection web server of claim 1 further comprising : second web-page means , coupled to the network connection , for fetching a second web page from a second remote web-page server , the responder generating second markers for identifying locations of second numeric values on the second web page in response to user selections (time expires) , wherein the formulas operate on the numeric values from the web page and on the second numeric values from the second web page , whereby numeric values from two web pages are combined in formula to determine when the predetermined notification condition is met . |
| US8869249B2 Filed: 2002-01-18 Issued: 2014-10-21 Protecting information on a computer system using multiple authentication methods (Original Assignee) PeopleChart Corp (Current Assignee) PeopleChart Corp R. David Holvey, Arthur Douglas Jopling | US5838916A Filed: 1997-03-14 Issued: 1998-11-17 Systems and methods for executing application programs from a memory device linked to a server (Original Assignee) EPICON Inc (Current Assignee) RPX Clearinghouse LLC ; Nortel Networks Applications Management Solutions Inc Steven D. Domenikos, George C. Domenikos |
|---|---|
| US8869249B2 CLAIM 1 . A method comprising : receiving , for a user , first user (said portion) authentication information for a first authentication method ; receiving , for the user , second user (said server) authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving , by a computing device , a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US5838916A CLAIM 9 . A method for allowing a server to provide remote execution of an application program stored on a memory device linked to said server (second user) , comprising the steps of generating an application information file representative of files and a file structure associated with said application program , generating a link representative of a pointer to said application information file , detecting a request from a client to execute said application program , and transmitting , responsive to said request , data signals to said client representative of said files associated with said application program . US5838916A CLAIM 12 . A method according to claim 10 , wherein said step of cache storing said portion (first user) of said file system includes the step of storing said portion of said file system according to a file structure employed by said server . |
| US8869249B2 CLAIM 3 . The method of claim 1 , wherein the period of time starts upon authenticating the second user (said server) authentication information as long as the second user authentication information is authenticated within a prescheduled period of time . |
US5838916A CLAIM 9 . A method for allowing a server to provide remote execution of an application program stored on a memory device linked to said server (second user) , comprising the steps of generating an application information file representative of files and a file structure associated with said application program , generating a link representative of a pointer to said application information file , detecting a request from a client to execute said application program , and transmitting , responsive to said request , data signals to said client representative of said files associated with said application program . |
| US8869249B2 CLAIM 4 . The method of claim 1 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user (said portion) authentication information and the second user (said server) authentication information are authenticated . |
US5838916A CLAIM 9 . A method for allowing a server to provide remote execution of an application program stored on a memory device linked to said server (second user) , comprising the steps of generating an application information file representative of files and a file structure associated with said application program , generating a link representative of a pointer to said application information file , detecting a request from a client to execute said application program , and transmitting , responsive to said request , data signals to said client representative of said files associated with said application program . US5838916A CLAIM 12 . A method according to claim 10 , wherein said step of cache storing said portion (first user) of said file system includes the step of storing said portion of said file system according to a file structure employed by said server . |
| US8869249B2 CLAIM 7 . The method of claim 1 , wherein the second user (said server) authentication information comprises an access code . |
US5838916A CLAIM 9 . A method for allowing a server to provide remote execution of an application program stored on a memory device linked to said server (second user) , comprising the steps of generating an application information file representative of files and a file structure associated with said application program , generating a link representative of a pointer to said application information file , detecting a request from a client to execute said application program , and transmitting , responsive to said request , data signals to said client representative of said files associated with said application program . |
| US8869249B2 CLAIM 8 . The method of claim 7 , further comprising sending the access code to the user upon receiving the first user (said portion) authentication information . |
US5838916A CLAIM 12 . A method according to claim 10 , wherein said step of cache storing said portion (first user) of said file system includes the step of storing said portion of said file system according to a file structure employed by said server . |
| US8869249B2 CLAIM 10 . The method of claim 8 , wherein the access code is sent to the user via a different communication channel from which the first user (said portion) authentication information is received . |
US5838916A CLAIM 12 . A method according to claim 10 , wherein said step of cache storing said portion (first user) of said file system includes the step of storing said portion of said file system according to a file structure employed by said server . |
| US8869249B2 CLAIM 11 . A non-transitory computer-readable storage medium containing instructions for controlling a computer system to be configured for : receiving , for a user , first user (said portion) authentication information for a first authentication method ; receiving , for the user , second user (said server) authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing system , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US5838916A CLAIM 9 . A method for allowing a server to provide remote execution of an application program stored on a memory device linked to said server (second user) , comprising the steps of generating an application information file representative of files and a file structure associated with said application program , generating a link representative of a pointer to said application information file , detecting a request from a client to execute said application program , and transmitting , responsive to said request , data signals to said client representative of said files associated with said application program . US5838916A CLAIM 12 . A method according to claim 10 , wherein said step of cache storing said portion (first user) of said file system includes the step of storing said portion of said file system according to a file structure employed by said server . |
| US8869249B2 CLAIM 12 . The non-transitory computer-readable storage medium of claim 11 , further configured for : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user (said portion) authentication information and the second user (said server) authentication information are authenticated . |
US5838916A CLAIM 9 . A method for allowing a server to provide remote execution of an application program stored on a memory device linked to said server (second user) , comprising the steps of generating an application information file representative of files and a file structure associated with said application program , generating a link representative of a pointer to said application information file , detecting a request from a client to execute said application program , and transmitting , responsive to said request , data signals to said client representative of said files associated with said application program . US5838916A CLAIM 12 . A method according to claim 10 , wherein said step of cache storing said portion (first user) of said file system includes the step of storing said portion of said file system according to a file structure employed by said server . |
| US8869249B2 CLAIM 13 . The non-transitory computer-readable storage medium of claim 11 , wherein the second user (said server) authentication information comprises an access code . |
US5838916A CLAIM 9 . A method for allowing a server to provide remote execution of an application program stored on a memory device linked to said server (second user) , comprising the steps of generating an application information file representative of files and a file structure associated with said application program , generating a link representative of a pointer to said application information file , detecting a request from a client to execute said application program , and transmitting , responsive to said request , data signals to said client representative of said files associated with said application program . |
| US8869249B2 CLAIM 14 . The non-transitory computer-readable storage medium of claim 13 , wherein the access code is sent to the user via a different communication channel from which the first user (said portion) authentication information is received . |
US5838916A CLAIM 12 . A method according to claim 10 , wherein said step of cache storing said portion (first user) of said file system includes the step of storing said portion of said file system according to a file structure employed by said server . |
| US8869249B2 CLAIM 15 . A method comprising : receiving , for a user , first user (said portion) authentication information for a first authentication method ; upon authenticating the first user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device after receiving , for the user , a second user (said server) authentication information , wherein the front-end storage device is accessible to a user device for the user via a network and the back-end storage device is not directly connected to the network ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the second user authentication information , enabling , by a computing device , user access (operating environment) to the subset of data that has been moved to the front-end storage device via the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US5838916A CLAIM 9 . A method for allowing a server to provide remote execution of an application program stored on a memory device linked to said server (second user) , comprising the steps of generating an application information file representative of files and a file structure associated with said application program , generating a link representative of a pointer to said application information file , detecting a request from a client to execute said application program , and transmitting , responsive to said request , data signals to said client representative of said files associated with said application program . US5838916A CLAIM 12 . A method according to claim 10 , wherein said step of cache storing said portion (first user) of said file system includes the step of storing said portion of said file system according to a file structure employed by said server . US5838916A CLAIM 16 . A method for allowing a server to provide remote execution of an application program stored on a memory device linked to said server , comprising the steps of generating an application information file representative of files associated with said application program and an operating environment (user access) for said application program , generating a link representative of a pointer to said application information file , detecting a request from a client to execute said application program , and transmitting , responsive to said request , data signals to said client representative of said files associated with said application program . |
| US8869249B2 CLAIM 16 . The method of claim 15 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user (said portion) authentication information and the second user (said server) authentication information are authenticated . |
US5838916A CLAIM 9 . A method for allowing a server to provide remote execution of an application program stored on a memory device linked to said server (second user) , comprising the steps of generating an application information file representative of files and a file structure associated with said application program , generating a link representative of a pointer to said application information file , detecting a request from a client to execute said application program , and transmitting , responsive to said request , data signals to said client representative of said files associated with said application program . US5838916A CLAIM 12 . A method according to claim 10 , wherein said step of cache storing said portion (first user) of said file system includes the step of storing said portion of said file system according to a file structure employed by said server . |
| US8869249B2 CLAIM 18 . The method of claim 15 , wherein the second user (said server) authentication information comprises an access code . |
US5838916A CLAIM 9 . A method for allowing a server to provide remote execution of an application program stored on a memory device linked to said server (second user) , comprising the steps of generating an application information file representative of files and a file structure associated with said application program , generating a link representative of a pointer to said application information file , detecting a request from a client to execute said application program , and transmitting , responsive to said request , data signals to said client representative of said files associated with said application program . |
| US8869249B2 CLAIM 19 . The method of claim 18 , further comprising sending the access code to the user upon receiving the first user (said portion) authentication information . |
US5838916A CLAIM 12 . A method according to claim 10 , wherein said step of cache storing said portion (first user) of said file system includes the step of storing said portion of said file system according to a file structure employed by said server . |
| US8869249B2 CLAIM 20 . The method of claim 19 , wherein the access code is sent to the user via a different communication channel from which the first user (said portion) authentication information is received . |
US5838916A CLAIM 12 . A method according to claim 10 , wherein said step of cache storing said portion (first user) of said file system includes the step of storing said portion of said file system according to a file structure employed by said server . |
| US8869249B2 Filed: 2002-01-18 Issued: 2014-10-21 Protecting information on a computer system using multiple authentication methods (Original Assignee) PeopleChart Corp (Current Assignee) PeopleChart Corp R. David Holvey, Arthur Douglas Jopling | US6131090A Filed: 1997-03-04 Issued: 2000-10-10 Method and system for providing controlled access to information stored on a portable recording medium (Original Assignee) Pitney Bowes Inc (Current Assignee) Pitney Bowes Inc Micheal R. Basso, Jr., Joonho Lee, Chunhua Li |
|---|---|
| US8869249B2 CLAIM 1 . A method comprising : receiving , for a user , first user authentication information for a first authentication method ; receiving , for the user , second user (said database) authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving , by a computing device , a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device (said database) for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US6131090A CLAIM 1 . A system for recording information and controlling access to said information , said system comprising : a) a portable recording medium including memory for storing encrypted individual user information locally and a microprocessor , said microprocessor being responsive to input of an access code to enable access to said encrypted information ; b) a remote data processing center including a database of a plurality of authorized service providers with respect to said information ; and a plurality of access codes corresponding to each of said plurality of authorized service providers , said access codes including a key for decrypting said encrypted information ; c) said database (second user, user device, user device access, user access) being created under the direction of said individual user ; d) a terminal communicating between said portable recording medium and said processing center ; wherein e) said processing center being responsive to a request initiated at said terminal by said service provider for access to said encrypted information , said data processing center accessing said database to determine if said identified service provider is authorized to access said encrypted information , and to output said access code to said identified service provider only if said identified service provider is authorized to access said encrypted information ; f) whereby accessing and decrypting said encrypted information at said portable medium only through use of said obtained access code . |
| US8869249B2 CLAIM 3 . The method of claim 1 , wherein the period of time starts upon authenticating the second user (said database) authentication information as long as the second user authentication information is authenticated within a prescheduled period of time . |
US6131090A CLAIM 1 . A system for recording information and controlling access to said information , said system comprising : a) a portable recording medium including memory for storing encrypted individual user information locally and a microprocessor , said microprocessor being responsive to input of an access code to enable access to said encrypted information ; b) a remote data processing center including a database of a plurality of authorized service providers with respect to said information ; and a plurality of access codes corresponding to each of said plurality of authorized service providers , said access codes including a key for decrypting said encrypted information ; c) said database (second user, user device, user device access, user access) being created under the direction of said individual user ; d) a terminal communicating between said portable recording medium and said processing center ; wherein e) said processing center being responsive to a request initiated at said terminal by said service provider for access to said encrypted information , said data processing center accessing said database to determine if said identified service provider is authorized to access said encrypted information , and to output said access code to said identified service provider only if said identified service provider is authorized to access said encrypted information ; f) whereby accessing and decrypting said encrypted information at said portable medium only through use of said obtained access code . |
| US8869249B2 CLAIM 4 . The method of claim 1 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user authentication information and the second user (said database) authentication information are authenticated . |
US6131090A CLAIM 1 . A system for recording information and controlling access to said information , said system comprising : a) a portable recording medium including memory for storing encrypted individual user information locally and a microprocessor , said microprocessor being responsive to input of an access code to enable access to said encrypted information ; b) a remote data processing center including a database of a plurality of authorized service providers with respect to said information ; and a plurality of access codes corresponding to each of said plurality of authorized service providers , said access codes including a key for decrypting said encrypted information ; c) said database (second user, user device, user device access, user access) being created under the direction of said individual user ; d) a terminal communicating between said portable recording medium and said processing center ; wherein e) said processing center being responsive to a request initiated at said terminal by said service provider for access to said encrypted information , said data processing center accessing said database to determine if said identified service provider is authorized to access said encrypted information , and to output said access code to said identified service provider only if said identified service provider is authorized to access said encrypted information ; f) whereby accessing and decrypting said encrypted information at said portable medium only through use of said obtained access code . |
| US8869249B2 CLAIM 7 . The method of claim 1 , wherein the second user (said database) authentication information comprises an access code . |
US6131090A CLAIM 1 . A system for recording information and controlling access to said information , said system comprising : a) a portable recording medium including memory for storing encrypted individual user information locally and a microprocessor , said microprocessor being responsive to input of an access code to enable access to said encrypted information ; b) a remote data processing center including a database of a plurality of authorized service providers with respect to said information ; and a plurality of access codes corresponding to each of said plurality of authorized service providers , said access codes including a key for decrypting said encrypted information ; c) said database (second user, user device, user device access, user access) being created under the direction of said individual user ; d) a terminal communicating between said portable recording medium and said processing center ; wherein e) said processing center being responsive to a request initiated at said terminal by said service provider for access to said encrypted information , said data processing center accessing said database to determine if said identified service provider is authorized to access said encrypted information , and to output said access code to said identified service provider only if said identified service provider is authorized to access said encrypted information ; f) whereby accessing and decrypting said encrypted information at said portable medium only through use of said obtained access code . |
| US8869249B2 CLAIM 10 . The method of claim 8 , wherein the access code is sent to the user via a different communication (new access) channel from which the first user authentication information is received . |
US6131090A CLAIM 16 . A system as described in claim 15 wherein said microprocessor decrypts said information with said current session key , outputs said decrypted information to said service provider , and re-encrypts said decrypted information with a next session key prior to rewriting said information to said memory , said next session key being determined as a predetermined function of access session information , said microprocessor then deleting said next session key , whereby said microprocessor cannot again decrypt said re-encrypted information until a new access (different communication, different communication channel) code is input ; and wherein further said data processing center also determines said next session key in accordance with said predetermined function and said access session information , whereby said data processing center is able to provide said new access code . |
| US8869249B2 CLAIM 11 . A non-transitory computer-readable storage medium containing instructions for controlling a computer system to be configured for : receiving , for a user , first user authentication information for a first authentication method ; receiving , for the user , second user (said database) authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device (said database) for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing system , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US6131090A CLAIM 1 . A system for recording information and controlling access to said information , said system comprising : a) a portable recording medium including memory for storing encrypted individual user information locally and a microprocessor , said microprocessor being responsive to input of an access code to enable access to said encrypted information ; b) a remote data processing center including a database of a plurality of authorized service providers with respect to said information ; and a plurality of access codes corresponding to each of said plurality of authorized service providers , said access codes including a key for decrypting said encrypted information ; c) said database (second user, user device, user device access, user access) being created under the direction of said individual user ; d) a terminal communicating between said portable recording medium and said processing center ; wherein e) said processing center being responsive to a request initiated at said terminal by said service provider for access to said encrypted information , said data processing center accessing said database to determine if said identified service provider is authorized to access said encrypted information , and to output said access code to said identified service provider only if said identified service provider is authorized to access said encrypted information ; f) whereby accessing and decrypting said encrypted information at said portable medium only through use of said obtained access code . |
| US8869249B2 CLAIM 12 . The non-transitory computer-readable storage medium of claim 11 , further configured for : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user authentication information and the second user (said database) authentication information are authenticated . |
US6131090A CLAIM 1 . A system for recording information and controlling access to said information , said system comprising : a) a portable recording medium including memory for storing encrypted individual user information locally and a microprocessor , said microprocessor being responsive to input of an access code to enable access to said encrypted information ; b) a remote data processing center including a database of a plurality of authorized service providers with respect to said information ; and a plurality of access codes corresponding to each of said plurality of authorized service providers , said access codes including a key for decrypting said encrypted information ; c) said database (second user, user device, user device access, user access) being created under the direction of said individual user ; d) a terminal communicating between said portable recording medium and said processing center ; wherein e) said processing center being responsive to a request initiated at said terminal by said service provider for access to said encrypted information , said data processing center accessing said database to determine if said identified service provider is authorized to access said encrypted information , and to output said access code to said identified service provider only if said identified service provider is authorized to access said encrypted information ; f) whereby accessing and decrypting said encrypted information at said portable medium only through use of said obtained access code . |
| US8869249B2 CLAIM 13 . The non-transitory computer-readable storage medium of claim 11 , wherein the second user (said database) authentication information comprises an access code . |
US6131090A CLAIM 1 . A system for recording information and controlling access to said information , said system comprising : a) a portable recording medium including memory for storing encrypted individual user information locally and a microprocessor , said microprocessor being responsive to input of an access code to enable access to said encrypted information ; b) a remote data processing center including a database of a plurality of authorized service providers with respect to said information ; and a plurality of access codes corresponding to each of said plurality of authorized service providers , said access codes including a key for decrypting said encrypted information ; c) said database (second user, user device, user device access, user access) being created under the direction of said individual user ; d) a terminal communicating between said portable recording medium and said processing center ; wherein e) said processing center being responsive to a request initiated at said terminal by said service provider for access to said encrypted information , said data processing center accessing said database to determine if said identified service provider is authorized to access said encrypted information , and to output said access code to said identified service provider only if said identified service provider is authorized to access said encrypted information ; f) whereby accessing and decrypting said encrypted information at said portable medium only through use of said obtained access code . |
| US8869249B2 CLAIM 14 . The non-transitory computer-readable storage medium of claim 13 , wherein the access code is sent to the user via a different communication (new access) channel from which the first user authentication information is received . |
US6131090A CLAIM 16 . A system as described in claim 15 wherein said microprocessor decrypts said information with said current session key , outputs said decrypted information to said service provider , and re-encrypts said decrypted information with a next session key prior to rewriting said information to said memory , said next session key being determined as a predetermined function of access session information , said microprocessor then deleting said next session key , whereby said microprocessor cannot again decrypt said re-encrypted information until a new access (different communication, different communication channel) code is input ; and wherein further said data processing center also determines said next session key in accordance with said predetermined function and said access session information , whereby said data processing center is able to provide said new access code . |
| US8869249B2 CLAIM 15 . A method comprising : receiving , for a user , first user authentication information for a first authentication method ; upon authenticating the first user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device after receiving , for the user , a second user (said database) authentication information , wherein the front-end storage device is accessible to a user device (said database) for the user via a network and the back-end storage device is not directly connected to the network ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the second user authentication information , enabling , by a computing device , user access (said database) to the subset of data that has been moved to the front-end storage device via the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US6131090A CLAIM 1 . A system for recording information and controlling access to said information , said system comprising : a) a portable recording medium including memory for storing encrypted individual user information locally and a microprocessor , said microprocessor being responsive to input of an access code to enable access to said encrypted information ; b) a remote data processing center including a database of a plurality of authorized service providers with respect to said information ; and a plurality of access codes corresponding to each of said plurality of authorized service providers , said access codes including a key for decrypting said encrypted information ; c) said database (second user, user device, user device access, user access) being created under the direction of said individual user ; d) a terminal communicating between said portable recording medium and said processing center ; wherein e) said processing center being responsive to a request initiated at said terminal by said service provider for access to said encrypted information , said data processing center accessing said database to determine if said identified service provider is authorized to access said encrypted information , and to output said access code to said identified service provider only if said identified service provider is authorized to access said encrypted information ; f) whereby accessing and decrypting said encrypted information at said portable medium only through use of said obtained access code . |
| US8869249B2 CLAIM 16 . The method of claim 15 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user authentication information and the second user (said database) authentication information are authenticated . |
US6131090A CLAIM 1 . A system for recording information and controlling access to said information , said system comprising : a) a portable recording medium including memory for storing encrypted individual user information locally and a microprocessor , said microprocessor being responsive to input of an access code to enable access to said encrypted information ; b) a remote data processing center including a database of a plurality of authorized service providers with respect to said information ; and a plurality of access codes corresponding to each of said plurality of authorized service providers , said access codes including a key for decrypting said encrypted information ; c) said database (second user, user device, user device access, user access) being created under the direction of said individual user ; d) a terminal communicating between said portable recording medium and said processing center ; wherein e) said processing center being responsive to a request initiated at said terminal by said service provider for access to said encrypted information , said data processing center accessing said database to determine if said identified service provider is authorized to access said encrypted information , and to output said access code to said identified service provider only if said identified service provider is authorized to access said encrypted information ; f) whereby accessing and decrypting said encrypted information at said portable medium only through use of said obtained access code . |
| US8869249B2 CLAIM 18 . The method of claim 15 , wherein the second user (said database) authentication information comprises an access code . |
US6131090A CLAIM 1 . A system for recording information and controlling access to said information , said system comprising : a) a portable recording medium including memory for storing encrypted individual user information locally and a microprocessor , said microprocessor being responsive to input of an access code to enable access to said encrypted information ; b) a remote data processing center including a database of a plurality of authorized service providers with respect to said information ; and a plurality of access codes corresponding to each of said plurality of authorized service providers , said access codes including a key for decrypting said encrypted information ; c) said database (second user, user device, user device access, user access) being created under the direction of said individual user ; d) a terminal communicating between said portable recording medium and said processing center ; wherein e) said processing center being responsive to a request initiated at said terminal by said service provider for access to said encrypted information , said data processing center accessing said database to determine if said identified service provider is authorized to access said encrypted information , and to output said access code to said identified service provider only if said identified service provider is authorized to access said encrypted information ; f) whereby accessing and decrypting said encrypted information at said portable medium only through use of said obtained access code . |
| US8869249B2 CLAIM 20 . The method of claim 19 , wherein the access code is sent to the user via a different communication (new access) channel from which the first user authentication information is received . |
US6131090A CLAIM 16 . A system as described in claim 15 wherein said microprocessor decrypts said information with said current session key , outputs said decrypted information to said service provider , and re-encrypts said decrypted information with a next session key prior to rewriting said information to said memory , said next session key being determined as a predetermined function of access session information , said microprocessor then deleting said next session key , whereby said microprocessor cannot again decrypt said re-encrypted information until a new access (different communication, different communication channel) code is input ; and wherein further said data processing center also determines said next session key in accordance with said predetermined function and said access session information , whereby said data processing center is able to provide said new access code . |
| US8869249B2 Filed: 2002-01-18 Issued: 2014-10-21 Protecting information on a computer system using multiple authentication methods (Original Assignee) PeopleChart Corp (Current Assignee) PeopleChart Corp R. David Holvey, Arthur Douglas Jopling | US5908469A Filed: 1997-02-14 Issued: 1999-06-01 Generic user authentication for network computers (Original Assignee) International Business Machines Corp (Current Assignee) Google LLC Patrick Samuel Botz, Thomas Michael Moskalik, Devon Daniel Snyder, Carol Jean Woodbury |
|---|---|
| US8869249B2 CLAIM 1 . A method comprising : receiving , for a user , first user authentication information for a first authentication method ; receiving , for the user , second user (said server) authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving , by a computing device , a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US5908469A CLAIM 15 . The program product of claim 13 further comprising a mechanism that retrieves a user password from said server (second user) based upon said user information . |
| US8869249B2 CLAIM 3 . The method of claim 1 , wherein the period of time starts upon authenticating the second user (said server) authentication information as long as the second user authentication information is authenticated within a prescheduled period of time . |
US5908469A CLAIM 15 . The program product of claim 13 further comprising a mechanism that retrieves a user password from said server (second user) based upon said user information . |
| US8869249B2 CLAIM 4 . The method of claim 1 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user authentication information and the second user (said server) authentication information are authenticated . |
US5908469A CLAIM 15 . The program product of claim 13 further comprising a mechanism that retrieves a user password from said server (second user) based upon said user information . |
| US8869249B2 CLAIM 7 . The method of claim 1 , wherein the second user (said server) authentication information comprises an access code . |
US5908469A CLAIM 15 . The program product of claim 13 further comprising a mechanism that retrieves a user password from said server (second user) based upon said user information . |
| US8869249B2 CLAIM 11 . A non-transitory computer-readable storage medium containing instructions for controlling a computer system to be configured for : receiving , for a user , first user authentication information for a first authentication method ; receiving , for the user , second user (said server) authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing system , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US5908469A CLAIM 15 . The program product of claim 13 further comprising a mechanism that retrieves a user password from said server (second user) based upon said user information . |
| US8869249B2 CLAIM 12 . The non-transitory computer-readable storage medium of claim 11 , further configured for : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user authentication information and the second user (said server) authentication information are authenticated . |
US5908469A CLAIM 15 . The program product of claim 13 further comprising a mechanism that retrieves a user password from said server (second user) based upon said user information . |
| US8869249B2 CLAIM 13 . The non-transitory computer-readable storage medium of claim 11 , wherein the second user (said server) authentication information comprises an access code . |
US5908469A CLAIM 15 . The program product of claim 13 further comprising a mechanism that retrieves a user password from said server (second user) based upon said user information . |
| US8869249B2 CLAIM 15 . A method comprising : receiving , for a user , first user authentication information for a first authentication method ; upon authenticating the first user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device after receiving , for the user , a second user (said server) authentication information , wherein the front-end storage device is accessible to a user device for the user via a network and the back-end storage device is not directly connected to the network ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the second user authentication information , enabling , by a computing device , user access to the subset of data that has been moved to the front-end storage device via the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US5908469A CLAIM 15 . The program product of claim 13 further comprising a mechanism that retrieves a user password from said server (second user) based upon said user information . |
| US8869249B2 CLAIM 16 . The method of claim 15 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user authentication information and the second user (said server) authentication information are authenticated . |
US5908469A CLAIM 15 . The program product of claim 13 further comprising a mechanism that retrieves a user password from said server (second user) based upon said user information . |
| US8869249B2 CLAIM 18 . The method of claim 15 , wherein the second user (said server) authentication information comprises an access code . |
US5908469A CLAIM 15 . The program product of claim 13 further comprising a mechanism that retrieves a user password from said server (second user) based upon said user information . |
| US8869249B2 Filed: 2002-01-18 Issued: 2014-10-21 Protecting information on a computer system using multiple authentication methods (Original Assignee) PeopleChart Corp (Current Assignee) PeopleChart Corp R. David Holvey, Arthur Douglas Jopling | US5892909A Filed: 1997-01-31 Issued: 1999-04-06 Intranet-based system with methods for co-active delivery of information to multiple users (Original Assignee) Diffusion Inc (Current Assignee) Open Text SA Charles A. Grasso, Richard Lee Schwartz |
|---|---|
| US8869249B2 CLAIM 11 . A non-transitory computer-readable storage medium containing instructions for controlling a computer system (computer system) to be configured for : receiving , for a user , first user authentication information for a first authentication method ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing system , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US5892909A CLAIM 1 . In a computer system (computer system) , a method for distributing information among members of an organization , the method comprising : defining a logical set of recipients , said logical set including at least some of the members of the organization on a basis other than a member' ; s identify as an individual ; defining a distribution specifying information which is to be distributed to the logical group of recipients ; and based on the defined distribution , distributing the information to recipients of the organization by : (i) determining a target distribution list by identifying those individuals of the organization currently within the logical set of recipients , and (ii) transmitting the information to those individuals identified on the target distribution list . |
| US8869249B2 Filed: 2002-01-18 Issued: 2014-10-21 Protecting information on a computer system using multiple authentication methods (Original Assignee) PeopleChart Corp (Current Assignee) PeopleChart Corp R. David Holvey, Arthur Douglas Jopling | US6076109A Filed: 1997-01-30 Issued: 2000-06-13 Simplified-file hyper text protocol (Original Assignee) Lextron Systems Inc (Current Assignee) Hanger Solutions LLC Dan Kikinis |
|---|---|
| US8869249B2 CLAIM 1 . A method comprising : receiving , for a user , first user (first number) authentication information for a first authentication method ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving , by a computing device , a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US6076109A CLAIM 4 . A computing system as in claim 2 wherein the Internet server accesses data comprising a first number (first user) of files and transposes the first number of files into a second and fewer number of files before transmitting the data to the client . |
| US8869249B2 CLAIM 4 . The method of claim 1 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user (first number) authentication information and the second user authentication information are authenticated . |
US6076109A CLAIM 4 . A computing system as in claim 2 wherein the Internet server accesses data comprising a first number (first user) of files and transposes the first number of files into a second and fewer number of files before transmitting the data to the client . |
| US8869249B2 CLAIM 8 . The method of claim 7 , further comprising sending the access code to the user upon receiving the first user (first number) authentication information . |
US6076109A CLAIM 4 . A computing system as in claim 2 wherein the Internet server accesses data comprising a first number (first user) of files and transposes the first number of files into a second and fewer number of files before transmitting the data to the client . |
| US8869249B2 CLAIM 10 . The method of claim 8 , wherein the access code is sent to the user via a different communication channel from which the first user (first number) authentication information is received . |
US6076109A CLAIM 4 . A computing system as in claim 2 wherein the Internet server accesses data comprising a first number (first user) of files and transposes the first number of files into a second and fewer number of files before transmitting the data to the client . |
| US8869249B2 CLAIM 11 . A non-transitory computer-readable storage medium containing instructions for controlling a computer system to be configured for : receiving , for a user , first user (first number) authentication information for a first authentication method ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing system (computing system) , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US6076109A CLAIM 1 . A computing system (computing system) comprising : a client ; and a server having server control routines and connected to the client by a data link ; wherein the server control routines are adapted to establish characteristics of the client and to transpose and transmit data to the client in a form specifically adapted to the characteristics of the client , and wherein the server saves a copy of the transposed data for future use with the client or another client having similar characteristics . US6076109A CLAIM 4 . A computing system as in claim 2 wherein the Internet server accesses data comprising a first number (first user) of files and transposes the first number of files into a second and fewer number of files before transmitting the data to the client . |
| US8869249B2 CLAIM 12 . The non-transitory computer-readable storage medium of claim 11 , further configured for : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user (first number) authentication information and the second user authentication information are authenticated . |
US6076109A CLAIM 4 . A computing system as in claim 2 wherein the Internet server accesses data comprising a first number (first user) of files and transposes the first number of files into a second and fewer number of files before transmitting the data to the client . |
| US8869249B2 CLAIM 14 . The non-transitory computer-readable storage medium of claim 13 , wherein the access code is sent to the user via a different communication channel from which the first user (first number) authentication information is received . |
US6076109A CLAIM 4 . A computing system as in claim 2 wherein the Internet server accesses data comprising a first number (first user) of files and transposes the first number of files into a second and fewer number of files before transmitting the data to the client . |
| US8869249B2 CLAIM 15 . A method comprising : receiving , for a user , first user (first number) authentication information for a first authentication method ; upon authenticating the first user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device after receiving , for the user , a second user authentication information , wherein the front-end storage device is accessible to a user device for the user via a network and the back-end storage device is not directly connected to the network ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the second user authentication information , enabling , by a computing device , user access to the subset of data that has been moved to the front-end storage device via the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US6076109A CLAIM 4 . A computing system as in claim 2 wherein the Internet server accesses data comprising a first number (first user) of files and transposes the first number of files into a second and fewer number of files before transmitting the data to the client . |
| US8869249B2 CLAIM 16 . The method of claim 15 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user (first number) authentication information and the second user authentication information are authenticated . |
US6076109A CLAIM 4 . A computing system as in claim 2 wherein the Internet server accesses data comprising a first number (first user) of files and transposes the first number of files into a second and fewer number of files before transmitting the data to the client . |
| US8869249B2 CLAIM 19 . The method of claim 18 , further comprising sending the access code to the user upon receiving the first user (first number) authentication information . |
US6076109A CLAIM 4 . A computing system as in claim 2 wherein the Internet server accesses data comprising a first number (first user) of files and transposes the first number of files into a second and fewer number of files before transmitting the data to the client . |
| US8869249B2 CLAIM 20 . The method of claim 19 , wherein the access code is sent to the user via a different communication channel from which the first user (first number) authentication information is received . |
US6076109A CLAIM 4 . A computing system as in claim 2 wherein the Internet server accesses data comprising a first number (first user) of files and transposes the first number of files into a second and fewer number of files before transmitting the data to the client . |
| US8869249B2 Filed: 2002-01-18 Issued: 2014-10-21 Protecting information on a computer system using multiple authentication methods (Original Assignee) PeopleChart Corp (Current Assignee) PeopleChart Corp R. David Holvey, Arthur Douglas Jopling | US5875296A Filed: 1997-01-28 Issued: 1999-02-23 Distributed file system web server user authentication with cookies (Original Assignee) International Business Machines Corp (Current Assignee) Alibaba Group Holding Ltd Shaw-Ben Shi, Michael Bradford Ault, Ernst Robert Plassmann, Bruce Arland Rich, Mickella Ann Rosiles, Theodore Jack London Shrader |
|---|---|
| US8869249B2 CLAIM 1 . A method comprising : receiving , for a user , first user (action request) authentication information for a first authentication method ; receiving , for the user , second user (action request) authentication information for a second authentication method (access rights) , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving , by a computing device , a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device (access rights) for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US5875296A CLAIM 7 . A method of authenticating a Web client to a Web server connectable to a distributed file system of a distributed computing environment , the distributed computing environment including a security service for returning a credential to a user authenticated to access the distributed file system , comprising the steps of : (a) responsive to receipt of a transaction request (first user, second user) from the Web client , executing a login protocol with the security service to determine whether the Web client has access rights (second user authentication information, second authentication method, end storage device, user device) to the distributed file system ; (b) if the Web client does not have access rights to the distributed file system , returning an error message to the Web client ; (c) if the Web client does have access rights to the distributed file system , storing a credential resulting from the login protocol in a database of credentials associated with authenticated users ; (d) returning to the Web client a cookie having an identifier uniquely associated with the Web client ; and (e) having the Web client use the cookie in lieu of a user id and password to obtain subsequent access to Web documents in the distributed file system . |
| US8869249B2 CLAIM 3 . The method of claim 1 , wherein the period of time starts upon authenticating the second user (action request) authentication information as long as the second user authentication information is authenticated within a prescheduled period of time . |
US5875296A CLAIM 7 . A method of authenticating a Web client to a Web server connectable to a distributed file system of a distributed computing environment , the distributed computing environment including a security service for returning a credential to a user authenticated to access the distributed file system , comprising the steps of : (a) responsive to receipt of a transaction request (first user, second user) from the Web client , executing a login protocol with the security service to determine whether the Web client has access rights (second user authentication information, second authentication method, end storage device, user device) to the distributed file system ; (b) if the Web client does not have access rights to the distributed file system , returning an error message to the Web client ; (c) if the Web client does have access rights to the distributed file system , storing a credential resulting from the login protocol in a database of credentials associated with authenticated users ; (d) returning to the Web client a cookie having an identifier uniquely associated with the Web client ; and (e) having the Web client use the cookie in lieu of a user id and password to obtain subsequent access to Web documents in the distributed file system . |
| US8869249B2 CLAIM 4 . The method of claim 1 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user (action request) authentication information and the second user (action request) authentication information are authenticated . |
US5875296A CLAIM 7 . A method of authenticating a Web client to a Web server connectable to a distributed file system of a distributed computing environment , the distributed computing environment including a security service for returning a credential to a user authenticated to access the distributed file system , comprising the steps of : (a) responsive to receipt of a transaction request (first user, second user) from the Web client , executing a login protocol with the security service to determine whether the Web client has access rights (second user authentication information, second authentication method, end storage device, user device) to the distributed file system ; (b) if the Web client does not have access rights to the distributed file system , returning an error message to the Web client ; (c) if the Web client does have access rights to the distributed file system , storing a credential resulting from the login protocol in a database of credentials associated with authenticated users ; (d) returning to the Web client a cookie having an identifier uniquely associated with the Web client ; and (e) having the Web client use the cookie in lieu of a user id and password to obtain subsequent access to Web documents in the distributed file system . |
| US8869249B2 CLAIM 7 . The method of claim 1 , wherein the second user (action request) authentication information comprises an access code . |
US5875296A CLAIM 7 . A method of authenticating a Web client to a Web server connectable to a distributed file system of a distributed computing environment , the distributed computing environment including a security service for returning a credential to a user authenticated to access the distributed file system , comprising the steps of : (a) responsive to receipt of a transaction request (first user, second user) from the Web client , executing a login protocol with the security service to determine whether the Web client has access rights (second user authentication information, second authentication method, end storage device, user device) to the distributed file system ; (b) if the Web client does not have access rights to the distributed file system , returning an error message to the Web client ; (c) if the Web client does have access rights to the distributed file system , storing a credential resulting from the login protocol in a database of credentials associated with authenticated users ; (d) returning to the Web client a cookie having an identifier uniquely associated with the Web client ; and (e) having the Web client use the cookie in lieu of a user id and password to obtain subsequent access to Web documents in the distributed file system . |
| US8869249B2 CLAIM 8 . The method of claim 7 , further comprising sending the access code to the user upon receiving the first user (action request) authentication information . |
US5875296A CLAIM 7 . A method of authenticating a Web client to a Web server connectable to a distributed file system of a distributed computing environment , the distributed computing environment including a security service for returning a credential to a user authenticated to access the distributed file system , comprising the steps of : (a) responsive to receipt of a transaction request (first user, second user) from the Web client , executing a login protocol with the security service to determine whether the Web client has access rights to the distributed file system ; (b) if the Web client does not have access rights to the distributed file system , returning an error message to the Web client ; (c) if the Web client does have access rights to the distributed file system , storing a credential resulting from the login protocol in a database of credentials associated with authenticated users ; (d) returning to the Web client a cookie having an identifier uniquely associated with the Web client ; and (e) having the Web client use the cookie in lieu of a user id and password to obtain subsequent access to Web documents in the distributed file system . |
| US8869249B2 CLAIM 10 . The method of claim 8 , wherein the access code is sent to the user via a different communication channel from which the first user (action request) authentication information is received . |
US5875296A CLAIM 7 . A method of authenticating a Web client to a Web server connectable to a distributed file system of a distributed computing environment , the distributed computing environment including a security service for returning a credential to a user authenticated to access the distributed file system , comprising the steps of : (a) responsive to receipt of a transaction request (first user, second user) from the Web client , executing a login protocol with the security service to determine whether the Web client has access rights to the distributed file system ; (b) if the Web client does not have access rights to the distributed file system , returning an error message to the Web client ; (c) if the Web client does have access rights to the distributed file system , storing a credential resulting from the login protocol in a database of credentials associated with authenticated users ; (d) returning to the Web client a cookie having an identifier uniquely associated with the Web client ; and (e) having the Web client use the cookie in lieu of a user id and password to obtain subsequent access to Web documents in the distributed file system . |
| US8869249B2 CLAIM 11 . A non-transitory computer-readable storage medium containing instructions for controlling a computer system to be configured for : receiving , for a user , first user (action request) authentication information for a first authentication method ; receiving , for the user , second user (action request) authentication information for a second authentication method (access rights) , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device (access rights) for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing system , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US5875296A CLAIM 7 . A method of authenticating a Web client to a Web server connectable to a distributed file system of a distributed computing environment , the distributed computing environment including a security service for returning a credential to a user authenticated to access the distributed file system , comprising the steps of : (a) responsive to receipt of a transaction request (first user, second user) from the Web client , executing a login protocol with the security service to determine whether the Web client has access rights (second user authentication information, second authentication method, end storage device, user device) to the distributed file system ; (b) if the Web client does not have access rights to the distributed file system , returning an error message to the Web client ; (c) if the Web client does have access rights to the distributed file system , storing a credential resulting from the login protocol in a database of credentials associated with authenticated users ; (d) returning to the Web client a cookie having an identifier uniquely associated with the Web client ; and (e) having the Web client use the cookie in lieu of a user id and password to obtain subsequent access to Web documents in the distributed file system . |
| US8869249B2 CLAIM 12 . The non-transitory computer-readable storage medium of claim 11 , further configured for : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user (action request) authentication information and the second user (action request) authentication information are authenticated . |
US5875296A CLAIM 7 . A method of authenticating a Web client to a Web server connectable to a distributed file system of a distributed computing environment , the distributed computing environment including a security service for returning a credential to a user authenticated to access the distributed file system , comprising the steps of : (a) responsive to receipt of a transaction request (first user, second user) from the Web client , executing a login protocol with the security service to determine whether the Web client has access rights (second user authentication information, second authentication method, end storage device, user device) to the distributed file system ; (b) if the Web client does not have access rights to the distributed file system , returning an error message to the Web client ; (c) if the Web client does have access rights to the distributed file system , storing a credential resulting from the login protocol in a database of credentials associated with authenticated users ; (d) returning to the Web client a cookie having an identifier uniquely associated with the Web client ; and (e) having the Web client use the cookie in lieu of a user id and password to obtain subsequent access to Web documents in the distributed file system . |
| US8869249B2 CLAIM 13 . The non-transitory computer-readable storage medium of claim 11 , wherein the second user (action request) authentication information comprises an access code . |
US5875296A CLAIM 7 . A method of authenticating a Web client to a Web server connectable to a distributed file system of a distributed computing environment , the distributed computing environment including a security service for returning a credential to a user authenticated to access the distributed file system , comprising the steps of : (a) responsive to receipt of a transaction request (first user, second user) from the Web client , executing a login protocol with the security service to determine whether the Web client has access rights (second user authentication information, second authentication method, end storage device, user device) to the distributed file system ; (b) if the Web client does not have access rights to the distributed file system , returning an error message to the Web client ; (c) if the Web client does have access rights to the distributed file system , storing a credential resulting from the login protocol in a database of credentials associated with authenticated users ; (d) returning to the Web client a cookie having an identifier uniquely associated with the Web client ; and (e) having the Web client use the cookie in lieu of a user id and password to obtain subsequent access to Web documents in the distributed file system . |
| US8869249B2 CLAIM 14 . The non-transitory computer-readable storage medium of claim 13 , wherein the access code is sent to the user via a different communication channel from which the first user (action request) authentication information is received . |
US5875296A CLAIM 7 . A method of authenticating a Web client to a Web server connectable to a distributed file system of a distributed computing environment , the distributed computing environment including a security service for returning a credential to a user authenticated to access the distributed file system , comprising the steps of : (a) responsive to receipt of a transaction request (first user, second user) from the Web client , executing a login protocol with the security service to determine whether the Web client has access rights to the distributed file system ; (b) if the Web client does not have access rights to the distributed file system , returning an error message to the Web client ; (c) if the Web client does have access rights to the distributed file system , storing a credential resulting from the login protocol in a database of credentials associated with authenticated users ; (d) returning to the Web client a cookie having an identifier uniquely associated with the Web client ; and (e) having the Web client use the cookie in lieu of a user id and password to obtain subsequent access to Web documents in the distributed file system . |
| US8869249B2 CLAIM 15 . A method comprising : receiving , for a user , first user (action request) authentication information for a first authentication method ; upon authenticating the first user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device after receiving , for the user , a second user (action request) authentication information , wherein the front-end storage device is accessible to a user device (access rights) for the user via a network and the back-end storage device is not directly connected to the network ; receiving , for the user , second user authentication information for a second authentication method (access rights) , the second authentication method being different from the first authentication method ; upon authenticating the second user authentication information , enabling , by a computing device , user access to the subset of data that has been moved to the front-end storage device via the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US5875296A CLAIM 7 . A method of authenticating a Web client to a Web server connectable to a distributed file system of a distributed computing environment , the distributed computing environment including a security service for returning a credential to a user authenticated to access the distributed file system , comprising the steps of : (a) responsive to receipt of a transaction request (first user, second user) from the Web client , executing a login protocol with the security service to determine whether the Web client has access rights (second user authentication information, second authentication method, end storage device, user device) to the distributed file system ; (b) if the Web client does not have access rights to the distributed file system , returning an error message to the Web client ; (c) if the Web client does have access rights to the distributed file system , storing a credential resulting from the login protocol in a database of credentials associated with authenticated users ; (d) returning to the Web client a cookie having an identifier uniquely associated with the Web client ; and (e) having the Web client use the cookie in lieu of a user id and password to obtain subsequent access to Web documents in the distributed file system . |
| US8869249B2 CLAIM 16 . The method of claim 15 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user (action request) authentication information and the second user (action request) authentication information are authenticated . |
US5875296A CLAIM 7 . A method of authenticating a Web client to a Web server connectable to a distributed file system of a distributed computing environment , the distributed computing environment including a security service for returning a credential to a user authenticated to access the distributed file system , comprising the steps of : (a) responsive to receipt of a transaction request (first user, second user) from the Web client , executing a login protocol with the security service to determine whether the Web client has access rights (second user authentication information, second authentication method, end storage device, user device) to the distributed file system ; (b) if the Web client does not have access rights to the distributed file system , returning an error message to the Web client ; (c) if the Web client does have access rights to the distributed file system , storing a credential resulting from the login protocol in a database of credentials associated with authenticated users ; (d) returning to the Web client a cookie having an identifier uniquely associated with the Web client ; and (e) having the Web client use the cookie in lieu of a user id and password to obtain subsequent access to Web documents in the distributed file system . |
| US8869249B2 CLAIM 18 . The method of claim 15 , wherein the second user (action request) authentication information comprises an access code . |
US5875296A CLAIM 7 . A method of authenticating a Web client to a Web server connectable to a distributed file system of a distributed computing environment , the distributed computing environment including a security service for returning a credential to a user authenticated to access the distributed file system , comprising the steps of : (a) responsive to receipt of a transaction request (first user, second user) from the Web client , executing a login protocol with the security service to determine whether the Web client has access rights (second user authentication information, second authentication method, end storage device, user device) to the distributed file system ; (b) if the Web client does not have access rights to the distributed file system , returning an error message to the Web client ; (c) if the Web client does have access rights to the distributed file system , storing a credential resulting from the login protocol in a database of credentials associated with authenticated users ; (d) returning to the Web client a cookie having an identifier uniquely associated with the Web client ; and (e) having the Web client use the cookie in lieu of a user id and password to obtain subsequent access to Web documents in the distributed file system . |
| US8869249B2 CLAIM 19 . The method of claim 18 , further comprising sending the access code to the user upon receiving the first user (action request) authentication information . |
US5875296A CLAIM 7 . A method of authenticating a Web client to a Web server connectable to a distributed file system of a distributed computing environment , the distributed computing environment including a security service for returning a credential to a user authenticated to access the distributed file system , comprising the steps of : (a) responsive to receipt of a transaction request (first user, second user) from the Web client , executing a login protocol with the security service to determine whether the Web client has access rights to the distributed file system ; (b) if the Web client does not have access rights to the distributed file system , returning an error message to the Web client ; (c) if the Web client does have access rights to the distributed file system , storing a credential resulting from the login protocol in a database of credentials associated with authenticated users ; (d) returning to the Web client a cookie having an identifier uniquely associated with the Web client ; and (e) having the Web client use the cookie in lieu of a user id and password to obtain subsequent access to Web documents in the distributed file system . |
| US8869249B2 CLAIM 20 . The method of claim 19 , wherein the access code is sent to the user via a different communication channel from which the first user (action request) authentication information is received . |
US5875296A CLAIM 7 . A method of authenticating a Web client to a Web server connectable to a distributed file system of a distributed computing environment , the distributed computing environment including a security service for returning a credential to a user authenticated to access the distributed file system , comprising the steps of : (a) responsive to receipt of a transaction request (first user, second user) from the Web client , executing a login protocol with the security service to determine whether the Web client has access rights to the distributed file system ; (b) if the Web client does not have access rights to the distributed file system , returning an error message to the Web client ; (c) if the Web client does have access rights to the distributed file system , storing a credential resulting from the login protocol in a database of credentials associated with authenticated users ; (d) returning to the Web client a cookie having an identifier uniquely associated with the Web client ; and (e) having the Web client use the cookie in lieu of a user id and password to obtain subsequent access to Web documents in the distributed file system . |
| US8869249B2 Filed: 2002-01-18 Issued: 2014-10-21 Protecting information on a computer system using multiple authentication methods (Original Assignee) PeopleChart Corp (Current Assignee) PeopleChart Corp R. David Holvey, Arthur Douglas Jopling | US5961593A Filed: 1997-01-22 Issued: 1999-10-05 System and method for providing anonymous personalized browsing by a proxy system in a network (Original Assignee) Nokia of America Corp (Current Assignee) Nokia of America Corp Eran Gabber, Phillip P. Gibbons, Yossi Matias, Alain J. Mayer |
|---|---|
| US8869249B2 CLAIM 11 . A non-transitory computer-readable storage medium containing instructions for controlling a computer system (computer system) to be configured for : receiving , for a user , first user authentication information for a first authentication method ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing system , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US5961593A CLAIM 29 . The peripheral proxy system as recited in claim 28 wherein said first and second routines are executable on a computer system (computer system) associated with said particular user and said central proxy system is a computer system having a network address different from said computer system associated with said particular user . |
| US8869249B2 Filed: 2002-01-18 Issued: 2014-10-21 Protecting information on a computer system using multiple authentication methods (Original Assignee) PeopleChart Corp (Current Assignee) PeopleChart Corp R. David Holvey, Arthur Douglas Jopling | US6119101A Filed: 1997-01-17 Issued: 2000-09-12 Intelligent agents for electronic commerce (Original Assignee) Personal Agents Inc (Current Assignee) Hanger Solutions LLC Douglas L. Peckover |
|---|---|
| US8869249B2 CLAIM 11 . A non-transitory computer-readable storage medium containing instructions for controlling a computer system (computer system) to be configured for : receiving , for a user , first user authentication information for a first authentication method ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing system (other components) , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US6119101A CLAIM 2 . A computer network agent system according to claim 1 wherein the consumer personal agent comprises , in combination : a unique identifier function for maintaining an identifier that uniquely identifies the consumer personal agent within the agent system ; an owner manager function for maintaining data about the consumer ; an individual firewall for protecting the data about the consumer from other agents , controlling all access to data that is maintained by the various internal functions , ensuring that only authenticated and authorized agents and users can access private data ; a preference manager for maintaining data about the preferences of the consumer ; a delivery manager for accepting messages generated by other agents or other components (computing system) of the system , that are directed to the consumer and delivers those messages according to the consumer' ; s desired delivery time and delivery media and rejecting unsolicited messages , unless an unsolicited message meets the consumer' ; s preferred criteria as maintained by the preference manager ; and a decision agent manager for assisting the consumer with the creation and management of decision agent . US6119101A CLAIM 36 . A method for searching for product offers , comprising : providing a computer system (computer system) adapted to operation of agents ; providing a consumer agent , each associated with and capable of communicating with a consumer ; providing a consumer data base of consumer preference data associated with each said consumer ; providing a data base of offers to sell and offers to buy ; concealing the identity of said consumer from agents not associated with said consumer ; said consumer agent assisting said consumer in composing a query for a product or product category ; said consumer agent searching said data base of offers to sell and offers to buy , wherein said searching generates persistent market data ; said consumer agent retaining search results of said searching until the associated consumer' ; s preferred delivery time ; said consumer agent automatically filtering out any of said search results that violate any of said consumer preference data ; said consumer agent ordering or ranking said search results according to said consumer preference data ; said consumer agent formatting said search results for delivery to said associated consumer' ; s preferred communication device ; and said consumer agent delivering said search results to said communication device ; whereby said consumer can gather product data that is automatically filtered and ranked according to said consumer preferences . |
| US8869249B2 Filed: 2002-01-18 Issued: 2014-10-21 Protecting information on a computer system using multiple authentication methods (Original Assignee) PeopleChart Corp (Current Assignee) PeopleChart Corp R. David Holvey, Arthur Douglas Jopling | US6175831B1 Filed: 1997-01-17 Issued: 2001-01-16 Method and apparatus for constructing a networking database and system (Original Assignee) six degrees Inc (Current Assignee) DEGREES OF CONNECTION LLC ; MACROVIEW COMMUNICATIONS CORP ; six degrees Inc Andrew P. Weinreich, Mark R. Salamon, Shoshana Zilberberg, Nicole D. Berlyn, Leeann Mitchell, Cliff Rosen, Adam Seifer, Justin Green, David Haber, David Samuels, Ron Chibnik, Scott Clifford, Chandrasekhar Boddu |
|---|---|
| US8869249B2 CLAIM 1 . A method comprising : receiving , for a user , first user (first user) authentication information for a first authentication method ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving , by a computing device , a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US6175831B1 CLAIM 3 . The system of claim 1 further comprising a network coupled to said web server at said communication port operable to connect a first user (first user) to said web server . |
| US8869249B2 CLAIM 4 . The method of claim 1 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user (first user) authentication information and the second user authentication information are authenticated . |
US6175831B1 CLAIM 3 . The system of claim 1 further comprising a network coupled to said web server at said communication port operable to connect a first user (first user) to said web server . |
| US8869249B2 CLAIM 8 . The method of claim 7 , further comprising sending the access code to the user upon receiving the first user (first user) authentication information . |
US6175831B1 CLAIM 3 . The system of claim 1 further comprising a network coupled to said web server at said communication port operable to connect a first user (first user) to said web server . |
| US8869249B2 CLAIM 10 . The method of claim 8 , wherein the access code is sent to the user via a different communication channel from which the first user (first user) authentication information is received . |
US6175831B1 CLAIM 3 . The system of claim 1 further comprising a network coupled to said web server at said communication port operable to connect a first user (first user) to said web server . |
| US8869249B2 CLAIM 11 . A non-transitory computer-readable storage medium containing instructions for controlling a computer system to be configured for : receiving , for a user , first user (first user) authentication information for a first authentication method ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing system , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US6175831B1 CLAIM 3 . The system of claim 1 further comprising a network coupled to said web server at said communication port operable to connect a first user (first user) to said web server . |
| US8869249B2 CLAIM 12 . The non-transitory computer-readable storage medium of claim 11 , further configured for : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user (first user) authentication information and the second user authentication information are authenticated . |
US6175831B1 CLAIM 3 . The system of claim 1 further comprising a network coupled to said web server at said communication port operable to connect a first user (first user) to said web server . |
| US8869249B2 CLAIM 14 . The non-transitory computer-readable storage medium of claim 13 , wherein the access code is sent to the user via a different communication channel from which the first user (first user) authentication information is received . |
US6175831B1 CLAIM 3 . The system of claim 1 further comprising a network coupled to said web server at said communication port operable to connect a first user (first user) to said web server . |
| US8869249B2 CLAIM 15 . A method comprising : receiving , for a user , first user (first user) authentication information for a first authentication method ; upon authenticating the first user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device after receiving , for the user , a second user authentication information , wherein the front-end storage device is accessible to a user device for the user via a network and the back-end storage device is not directly connected to the network ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the second user authentication information , enabling , by a computing device , user access to the subset of data that has been moved to the front-end storage device via the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US6175831B1 CLAIM 3 . The system of claim 1 further comprising a network coupled to said web server at said communication port operable to connect a first user (first user) to said web server . |
| US8869249B2 CLAIM 16 . The method of claim 15 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user (first user) authentication information and the second user authentication information are authenticated . |
US6175831B1 CLAIM 3 . The system of claim 1 further comprising a network coupled to said web server at said communication port operable to connect a first user (first user) to said web server . |
| US8869249B2 CLAIM 19 . The method of claim 18 , further comprising sending the access code to the user upon receiving the first user (first user) authentication information . |
US6175831B1 CLAIM 3 . The system of claim 1 further comprising a network coupled to said web server at said communication port operable to connect a first user (first user) to said web server . |
| US8869249B2 CLAIM 20 . The method of claim 19 , wherein the access code is sent to the user via a different communication channel from which the first user (first user) authentication information is received . |
US6175831B1 CLAIM 3 . The system of claim 1 further comprising a network coupled to said web server at said communication port operable to connect a first user (first user) to said web server . |
| US8869249B2 Filed: 2002-01-18 Issued: 2014-10-21 Protecting information on a computer system using multiple authentication methods (Original Assignee) PeopleChart Corp (Current Assignee) PeopleChart Corp R. David Holvey, Arthur Douglas Jopling | WO9726612A1 Filed: 1997-01-17 Issued: 1997-07-24 Intelligent agents for electronic commerce (Original Assignee) Personal Agents, Inc. Douglas L. Peckover |
|---|---|
| US8869249B2 CLAIM 11 . A non-transitory computer-readable storage medium containing instructions for controlling a computer system (computer system) to be configured for : receiving , for a user , first user authentication information for a first authentication method ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing system (other components) , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
WO9726612A1 CLAIM 2 . A computer network agent system according to Claim 1 wherein the consumer personal agent comprises , in combination : a unique identifier function for maintaining an identifier that uniquely identifies the consumer personal agent within the agent system ; an owner manager function for maintaining data about the consumer ; an individual firewall for protecting the data about the consumer from other agents , controlling all access to data that is maintained by the various internal functions , ensuring that only authenticated and authorized agents and users can access private data ; a preference manager for maintaining data about the preferences of the consumer ; a delivery manager for accepting messages generated by other agents or other components (computing system) of the system , that are directed to the consumer and delivers those messages according to the consumer' ; s desired delivery time and delivery media and rejecting unsolicited messages , unless an unsolicited message meets the consumer' ; s preferred criteria as maintained by the preference manager ; and a decision agent manager for assisting the consumer with the creation and management of decision agent . WO9726612A1 CLAIM 36 . A method for searching for product offers , comprising : providing a computer system (computer system) adapted to operation of agents ; providing a consumer agent , each associated with and capable of communicating with a consumer ; providing a consumer data base of consumer preference data associated with each said consumer ; providing a data base of offers to sell and offers to buy ; concealing the identity of said consumer from agents not associated with said consumer ; said consumer agent assisting said consumer in composing a query for a product or product category ; said consumer agent searching said data base of offers to sell and offers to buy , wherein said searching generates persistent market data ; said consumer agent retaining search results of said searching until the associated consumer' ; s preferred delivery time ; said consumer agent automatically filtering out any of said search results that violate any of said consumer preference data ; said consumer agent ordering or ranking said search results according to said consumer preference data ; said consumer agent formatting said search results for delivery to said associated consumer' ; s preferred communication device ; and said consumer agent delivering said search results to said communication device ; whereby said consumer can gather product data that is automatically filtered and ranked according to said consumer preferences . |
| US8869249B2 Filed: 2002-01-18 Issued: 2014-10-21 Protecting information on a computer system using multiple authentication methods (Original Assignee) PeopleChart Corp (Current Assignee) PeopleChart Corp R. David Holvey, Arthur Douglas Jopling | EP0848336A1 Filed: 1996-12-12 Issued: 1998-06-17 Server with automatic update tracking (Original Assignee) Sony Deutschland GmbH (Current Assignee) Sony Deutschland GmbH William Bunney, Kozo Tetsuya |
|---|---|
| US8869249B2 CLAIM 1 . A method comprising : receiving , for a user , first user authentication information for a first authentication method ; receiving , for the user , second user (said server) authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving , by a computing device , a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
EP0848336A1 CLAIM 1 A server computer adapted to communicate with a plurality of users' ; client computers via the Internet or an intranet , the server computer comprising : personal edition memory means (19) for storing at least one address of a resource accessible using Internet Protocols for each user ; log memory means (19) for storing the dates when a user accesses said server (second user) computer ; and automatic update tracking means (17) for automatically accessing at least one of the resources referred to by said addresses included in said personal information and determining whether that resource has been updated since said user last accessed said server computer . |
| US8869249B2 CLAIM 3 . The method of claim 1 , wherein the period of time starts upon authenticating the second user (said server) authentication information as long as the second user authentication information is authenticated within a prescheduled period of time . |
EP0848336A1 CLAIM 1 A server computer adapted to communicate with a plurality of users' ; client computers via the Internet or an intranet , the server computer comprising : personal edition memory means (19) for storing at least one address of a resource accessible using Internet Protocols for each user ; log memory means (19) for storing the dates when a user accesses said server (second user) computer ; and automatic update tracking means (17) for automatically accessing at least one of the resources referred to by said addresses included in said personal information and determining whether that resource has been updated since said user last accessed said server computer . |
| US8869249B2 CLAIM 4 . The method of claim 1 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user authentication information and the second user (said server) authentication information are authenticated . |
EP0848336A1 CLAIM 1 A server computer adapted to communicate with a plurality of users' ; client computers via the Internet or an intranet , the server computer comprising : personal edition memory means (19) for storing at least one address of a resource accessible using Internet Protocols for each user ; log memory means (19) for storing the dates when a user accesses said server (second user) computer ; and automatic update tracking means (17) for automatically accessing at least one of the resources referred to by said addresses included in said personal information and determining whether that resource has been updated since said user last accessed said server computer . |
| US8869249B2 CLAIM 7 . The method of claim 1 , wherein the second user (said server) authentication information comprises an access code . |
EP0848336A1 CLAIM 1 A server computer adapted to communicate with a plurality of users' ; client computers via the Internet or an intranet , the server computer comprising : personal edition memory means (19) for storing at least one address of a resource accessible using Internet Protocols for each user ; log memory means (19) for storing the dates when a user accesses said server (second user) computer ; and automatic update tracking means (17) for automatically accessing at least one of the resources referred to by said addresses included in said personal information and determining whether that resource has been updated since said user last accessed said server computer . |
| US8869249B2 CLAIM 11 . A non-transitory computer-readable storage medium containing instructions for controlling a computer system to be configured for : receiving , for a user , first user authentication information for a first authentication method ; receiving , for the user , second user (said server) authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing system , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
EP0848336A1 CLAIM 1 A server computer adapted to communicate with a plurality of users' ; client computers via the Internet or an intranet , the server computer comprising : personal edition memory means (19) for storing at least one address of a resource accessible using Internet Protocols for each user ; log memory means (19) for storing the dates when a user accesses said server (second user) computer ; and automatic update tracking means (17) for automatically accessing at least one of the resources referred to by said addresses included in said personal information and determining whether that resource has been updated since said user last accessed said server computer . |
| US8869249B2 CLAIM 12 . The non-transitory computer-readable storage medium of claim 11 , further configured for : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user authentication information and the second user (said server) authentication information are authenticated . |
EP0848336A1 CLAIM 1 A server computer adapted to communicate with a plurality of users' ; client computers via the Internet or an intranet , the server computer comprising : personal edition memory means (19) for storing at least one address of a resource accessible using Internet Protocols for each user ; log memory means (19) for storing the dates when a user accesses said server (second user) computer ; and automatic update tracking means (17) for automatically accessing at least one of the resources referred to by said addresses included in said personal information and determining whether that resource has been updated since said user last accessed said server computer . |
| US8869249B2 CLAIM 13 . The non-transitory computer-readable storage medium of claim 11 , wherein the second user (said server) authentication information comprises an access code . |
EP0848336A1 CLAIM 1 A server computer adapted to communicate with a plurality of users' ; client computers via the Internet or an intranet , the server computer comprising : personal edition memory means (19) for storing at least one address of a resource accessible using Internet Protocols for each user ; log memory means (19) for storing the dates when a user accesses said server (second user) computer ; and automatic update tracking means (17) for automatically accessing at least one of the resources referred to by said addresses included in said personal information and determining whether that resource has been updated since said user last accessed said server computer . |
| US8869249B2 CLAIM 15 . A method comprising : receiving , for a user , first user authentication information for a first authentication method ; upon authenticating the first user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device after receiving , for the user , a second user (said server) authentication information , wherein the front-end storage device is accessible to a user device for the user via a network and the back-end storage device is not directly connected to the network ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the second user authentication information , enabling , by a computing device , user access (user access) to the subset of data that has been moved to the front-end storage device via the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
EP0848336A1 CLAIM 1 A server computer adapted to communicate with a plurality of users' ; client computers via the Internet or an intranet , the server computer comprising : personal edition memory means (19) for storing at least one address of a resource accessible using Internet Protocols for each user ; log memory means (19) for storing the dates when a user access (user access) es said server (second user) computer ; and automatic update tracking means (17) for automatically accessing at least one of the resources referred to by said addresses included in said personal information and determining whether that resource has been updated since said user last accessed said server computer . |
| US8869249B2 CLAIM 16 . The method of claim 15 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user authentication information and the second user (said server) authentication information are authenticated . |
EP0848336A1 CLAIM 1 A server computer adapted to communicate with a plurality of users' ; client computers via the Internet or an intranet , the server computer comprising : personal edition memory means (19) for storing at least one address of a resource accessible using Internet Protocols for each user ; log memory means (19) for storing the dates when a user accesses said server (second user) computer ; and automatic update tracking means (17) for automatically accessing at least one of the resources referred to by said addresses included in said personal information and determining whether that resource has been updated since said user last accessed said server computer . |
| US8869249B2 CLAIM 18 . The method of claim 15 , wherein the second user (said server) authentication information comprises an access code . |
EP0848336A1 CLAIM 1 A server computer adapted to communicate with a plurality of users' ; client computers via the Internet or an intranet , the server computer comprising : personal edition memory means (19) for storing at least one address of a resource accessible using Internet Protocols for each user ; log memory means (19) for storing the dates when a user accesses said server (second user) computer ; and automatic update tracking means (17) for automatically accessing at least one of the resources referred to by said addresses included in said personal information and determining whether that resource has been updated since said user last accessed said server computer . |
| US8869249B2 Filed: 2002-01-18 Issued: 2014-10-21 Protecting information on a computer system using multiple authentication methods (Original Assignee) PeopleChart Corp (Current Assignee) PeopleChart Corp R. David Holvey, Arthur Douglas Jopling | US6005939A Filed: 1996-12-06 Issued: 1999-12-21 Method and apparatus for storing an internet user's identity and access rights to world wide web resources (Original Assignee) International Business Machines Corp (Current Assignee) Google LLC Keith Neil Fortenberry, Herman Rodriquez |
|---|---|
| US8869249B2 CLAIM 1 . A method comprising : receiving , for a user , first user authentication information for a first authentication method ; receiving , for the user , second user authentication information for a second authentication (third parties) method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving , by a computing device , a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires (key base) , the subset of data is removed from the front-end storage device . |
US6005939A CLAIM 7 . The method of claim 6 wherein the step (g) comprises : (g . 1) assigning an encryption key base (time expires) d on a password assigned to the user . US6005939A CLAIM 9 . A system for establishing a user passport comprising : a passport database for storing a plurality of user passports , each comprising a data structure containing user information with respect to a different one of a plurality of users ; means for receiving a request to generate a passport from a user ; means for establishing a secure communication channel to the user ; means for presenting a query to the user ; means for receiving user information entered in response to the query ; means for assigning a security level to each item of user information received by said means for receiving ; means for assigning an encryption key to the user ; means for storing the user information in one of the passports in said passport database corresponding to the user ; and means for transmitting a public key to the user , which corresponds to the assigned encryption key , for enabling the user to share the public key with one or more third parties (second authentication, second authentication method) and thereby enable the one or more third parties to access the user information stored in the corresponding passport in said passport database . |
| US8869249B2 CLAIM 11 . A non-transitory computer-readable storage medium containing instructions for controlling a computer system (computer system) to be configured for : receiving , for a user , first user authentication information for a first authentication method ; receiving , for the user , second user authentication information for a second authentication (third parties) method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing system , wherein after the period of time expires (key base) , the subset of data is removed from the front-end storage device . |
US6005939A CLAIM 7 . The method of claim 6 wherein the step (g) comprises : (g . 1) assigning an encryption key base (time expires) d on a password assigned to the user . US6005939A CLAIM 9 . A system for establishing a user passport comprising : a passport database for storing a plurality of user passports , each comprising a data structure containing user information with respect to a different one of a plurality of users ; means for receiving a request to generate a passport from a user ; means for establishing a secure communication channel to the user ; means for presenting a query to the user ; means for receiving user information entered in response to the query ; means for assigning a security level to each item of user information received by said means for receiving ; means for assigning an encryption key to the user ; means for storing the user information in one of the passports in said passport database corresponding to the user ; and means for transmitting a public key to the user , which corresponds to the assigned encryption key , for enabling the user to share the public key with one or more third parties (second authentication, second authentication method) and thereby enable the one or more third parties to access the user information stored in the corresponding passport in said passport database . US6005939A CLAIM 16 . The computer system (computer system) of claim 4 further comprising means responsive to the requests for transmitting to the destination node the one passport and a public key corresponding to the security level of the requested data items . |
| US8869249B2 CLAIM 15 . A method comprising : receiving , for a user , first user authentication information for a first authentication method ; upon authenticating the first user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device after receiving , for the user , a second user authentication information , wherein the front-end storage device is accessible to a user device for the user via a network and the back-end storage device is not directly connected to the network ; receiving , for the user , second user authentication information for a second authentication (third parties) method , the second authentication method being different from the first authentication method ; upon authenticating the second user authentication information , enabling , by a computing device , user access to the subset of data that has been moved to the front-end storage device via the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires (key base) , the subset of data is removed from the front-end storage device . |
US6005939A CLAIM 7 . The method of claim 6 wherein the step (g) comprises : (g . 1) assigning an encryption key base (time expires) d on a password assigned to the user . US6005939A CLAIM 9 . A system for establishing a user passport comprising : a passport database for storing a plurality of user passports , each comprising a data structure containing user information with respect to a different one of a plurality of users ; means for receiving a request to generate a passport from a user ; means for establishing a secure communication channel to the user ; means for presenting a query to the user ; means for receiving user information entered in response to the query ; means for assigning a security level to each item of user information received by said means for receiving ; means for assigning an encryption key to the user ; means for storing the user information in one of the passports in said passport database corresponding to the user ; and means for transmitting a public key to the user , which corresponds to the assigned encryption key , for enabling the user to share the public key with one or more third parties (second authentication, second authentication method) and thereby enable the one or more third parties to access the user information stored in the corresponding passport in said passport database . |
| US8869249B2 Filed: 2002-01-18 Issued: 2014-10-21 Protecting information on a computer system using multiple authentication methods (Original Assignee) PeopleChart Corp (Current Assignee) PeopleChart Corp R. David Holvey, Arthur Douglas Jopling | US5793302A Filed: 1996-11-12 Issued: 1998-08-11 Method for securing information relevant to a transaction (Original Assignee) Stambler; Leon Leon Stambler |
|---|---|
| US8869249B2 CLAIM 7 . The method of claim 1 , wherein the second user authentication information comprises an access code (control program) . |
US5793302A CLAIM 22 . In a computer system comprising a memory containing computer information or a first computer program stored in a controlled memory area to which access is granted only upon proper authentication of an authorized user of the computer system , the user including a person or a second computer program , the memory further including a stored control program (access code) for interacting with the user and for making a determination as to whether the user is an authorized user , the memory further including a first area not readily accessible to a user , the first area containing a first revisable code , and a second area containing a second revisable code , a method of authentication of a user comprising : receiving in the computer system identification information associated with the user ; generating or accessing first coded authentication information using the received identification information associated with the user ; retrieving the first revisable code from the first memory area and the second revisable code from the second memory area and deriving therefrom second coded authentication information ; comparing the first coded authentication information with the second coded authentication information ; authenticating the user , and granting access to the computer information or a first computer program stored in the controlled memory area to the user only if the first and second coded authentication information compare favorably . |
| US8869249B2 CLAIM 8 . The method of claim 7 , further comprising sending the access code (control program) to the user upon receiving the first user authentication information . |
US5793302A CLAIM 22 . In a computer system comprising a memory containing computer information or a first computer program stored in a controlled memory area to which access is granted only upon proper authentication of an authorized user of the computer system , the user including a person or a second computer program , the memory further including a stored control program (access code) for interacting with the user and for making a determination as to whether the user is an authorized user , the memory further including a first area not readily accessible to a user , the first area containing a first revisable code , and a second area containing a second revisable code , a method of authentication of a user comprising : receiving in the computer system identification information associated with the user ; generating or accessing first coded authentication information using the received identification information associated with the user ; retrieving the first revisable code from the first memory area and the second revisable code from the second memory area and deriving therefrom second coded authentication information ; comparing the first coded authentication information with the second coded authentication information ; authenticating the user , and granting access to the computer information or a first computer program stored in the controlled memory area to the user only if the first and second coded authentication information compare favorably . |
| US8869249B2 CLAIM 9 . The method of claim 8 , wherein the access code (control program) is sent to the user via a communication path that has been previously established . |
US5793302A CLAIM 22 . In a computer system comprising a memory containing computer information or a first computer program stored in a controlled memory area to which access is granted only upon proper authentication of an authorized user of the computer system , the user including a person or a second computer program , the memory further including a stored control program (access code) for interacting with the user and for making a determination as to whether the user is an authorized user , the memory further including a first area not readily accessible to a user , the first area containing a first revisable code , and a second area containing a second revisable code , a method of authentication of a user comprising : receiving in the computer system identification information associated with the user ; generating or accessing first coded authentication information using the received identification information associated with the user ; retrieving the first revisable code from the first memory area and the second revisable code from the second memory area and deriving therefrom second coded authentication information ; comparing the first coded authentication information with the second coded authentication information ; authenticating the user , and granting access to the computer information or a first computer program stored in the controlled memory area to the user only if the first and second coded authentication information compare favorably . |
| US8869249B2 CLAIM 10 . The method of claim 8 , wherein the access code (control program) is sent to the user via a different communication channel from which the first user authentication information is received . |
US5793302A CLAIM 22 . In a computer system comprising a memory containing computer information or a first computer program stored in a controlled memory area to which access is granted only upon proper authentication of an authorized user of the computer system , the user including a person or a second computer program , the memory further including a stored control program (access code) for interacting with the user and for making a determination as to whether the user is an authorized user , the memory further including a first area not readily accessible to a user , the first area containing a first revisable code , and a second area containing a second revisable code , a method of authentication of a user comprising : receiving in the computer system identification information associated with the user ; generating or accessing first coded authentication information using the received identification information associated with the user ; retrieving the first revisable code from the first memory area and the second revisable code from the second memory area and deriving therefrom second coded authentication information ; comparing the first coded authentication information with the second coded authentication information ; authenticating the user , and granting access to the computer information or a first computer program stored in the controlled memory area to the user only if the first and second coded authentication information compare favorably . |
| US8869249B2 CLAIM 11 . A non-transitory computer-readable storage medium containing instructions for controlling a computer system (computer system) to be configured for : receiving , for a user , first user authentication information for a first authentication method ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing system , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US5793302A CLAIM 22 . In a computer system (computer system) comprising a memory containing computer information or a first computer program stored in a controlled memory area to which access is granted only upon proper authentication of an authorized user of the computer system , the user including a person or a second computer program , the memory further including a stored control program for interacting with the user and for making a determination as to whether the user is an authorized user , the memory further including a first area not readily accessible to a user , the first area containing a first revisable code , and a second area containing a second revisable code , a method of authentication of a user comprising : receiving in the computer system identification information associated with the user ; generating or accessing first coded authentication information using the received identification information associated with the user ; retrieving the first revisable code from the first memory area and the second revisable code from the second memory area and deriving therefrom second coded authentication information ; comparing the first coded authentication information with the second coded authentication information ; authenticating the user , and granting access to the computer information or a first computer program stored in the controlled memory area to the user only if the first and second coded authentication information compare favorably . |
| US8869249B2 CLAIM 13 . The non-transitory computer-readable storage medium of claim 11 , wherein the second user authentication information comprises an access code (control program) . |
US5793302A CLAIM 22 . In a computer system comprising a memory containing computer information or a first computer program stored in a controlled memory area to which access is granted only upon proper authentication of an authorized user of the computer system , the user including a person or a second computer program , the memory further including a stored control program (access code) for interacting with the user and for making a determination as to whether the user is an authorized user , the memory further including a first area not readily accessible to a user , the first area containing a first revisable code , and a second area containing a second revisable code , a method of authentication of a user comprising : receiving in the computer system identification information associated with the user ; generating or accessing first coded authentication information using the received identification information associated with the user ; retrieving the first revisable code from the first memory area and the second revisable code from the second memory area and deriving therefrom second coded authentication information ; comparing the first coded authentication information with the second coded authentication information ; authenticating the user , and granting access to the computer information or a first computer program stored in the controlled memory area to the user only if the first and second coded authentication information compare favorably . |
| US8869249B2 CLAIM 14 . The non-transitory computer-readable storage medium of claim 13 , wherein the access code (control program) is sent to the user via a different communication channel from which the first user authentication information is received . |
US5793302A CLAIM 22 . In a computer system comprising a memory containing computer information or a first computer program stored in a controlled memory area to which access is granted only upon proper authentication of an authorized user of the computer system , the user including a person or a second computer program , the memory further including a stored control program (access code) for interacting with the user and for making a determination as to whether the user is an authorized user , the memory further including a first area not readily accessible to a user , the first area containing a first revisable code , and a second area containing a second revisable code , a method of authentication of a user comprising : receiving in the computer system identification information associated with the user ; generating or accessing first coded authentication information using the received identification information associated with the user ; retrieving the first revisable code from the first memory area and the second revisable code from the second memory area and deriving therefrom second coded authentication information ; comparing the first coded authentication information with the second coded authentication information ; authenticating the user , and granting access to the computer information or a first computer program stored in the controlled memory area to the user only if the first and second coded authentication information compare favorably . |
| US8869249B2 CLAIM 18 . The method of claim 15 , wherein the second user authentication information comprises an access code (control program) . |
US5793302A CLAIM 22 . In a computer system comprising a memory containing computer information or a first computer program stored in a controlled memory area to which access is granted only upon proper authentication of an authorized user of the computer system , the user including a person or a second computer program , the memory further including a stored control program (access code) for interacting with the user and for making a determination as to whether the user is an authorized user , the memory further including a first area not readily accessible to a user , the first area containing a first revisable code , and a second area containing a second revisable code , a method of authentication of a user comprising : receiving in the computer system identification information associated with the user ; generating or accessing first coded authentication information using the received identification information associated with the user ; retrieving the first revisable code from the first memory area and the second revisable code from the second memory area and deriving therefrom second coded authentication information ; comparing the first coded authentication information with the second coded authentication information ; authenticating the user , and granting access to the computer information or a first computer program stored in the controlled memory area to the user only if the first and second coded authentication information compare favorably . |
| US8869249B2 CLAIM 19 . The method of claim 18 , further comprising sending the access code (control program) to the user upon receiving the first user authentication information . |
US5793302A CLAIM 22 . In a computer system comprising a memory containing computer information or a first computer program stored in a controlled memory area to which access is granted only upon proper authentication of an authorized user of the computer system , the user including a person or a second computer program , the memory further including a stored control program (access code) for interacting with the user and for making a determination as to whether the user is an authorized user , the memory further including a first area not readily accessible to a user , the first area containing a first revisable code , and a second area containing a second revisable code , a method of authentication of a user comprising : receiving in the computer system identification information associated with the user ; generating or accessing first coded authentication information using the received identification information associated with the user ; retrieving the first revisable code from the first memory area and the second revisable code from the second memory area and deriving therefrom second coded authentication information ; comparing the first coded authentication information with the second coded authentication information ; authenticating the user , and granting access to the computer information or a first computer program stored in the controlled memory area to the user only if the first and second coded authentication information compare favorably . |
| US8869249B2 CLAIM 20 . The method of claim 19 , wherein the access code (control program) is sent to the user via a different communication channel from which the first user authentication information is received . |
US5793302A CLAIM 22 . In a computer system comprising a memory containing computer information or a first computer program stored in a controlled memory area to which access is granted only upon proper authentication of an authorized user of the computer system , the user including a person or a second computer program , the memory further including a stored control program (access code) for interacting with the user and for making a determination as to whether the user is an authorized user , the memory further including a first area not readily accessible to a user , the first area containing a first revisable code , and a second area containing a second revisable code , a method of authentication of a user comprising : receiving in the computer system identification information associated with the user ; generating or accessing first coded authentication information using the received identification information associated with the user ; retrieving the first revisable code from the first memory area and the second revisable code from the second memory area and deriving therefrom second coded authentication information ; comparing the first coded authentication information with the second coded authentication information ; authenticating the user , and granting access to the computer information or a first computer program stored in the controlled memory area to the user only if the first and second coded authentication information compare favorably . |
| US8869249B2 Filed: 2002-01-18 Issued: 2014-10-21 Protecting information on a computer system using multiple authentication methods (Original Assignee) PeopleChart Corp (Current Assignee) PeopleChart Corp R. David Holvey, Arthur Douglas Jopling | US5933604A Filed: 1996-11-05 Issued: 1999-08-03 Network resource monitoring system and method for providing notice of changes in resources in a network (Original Assignee) Fujitsu Ltd (Current Assignee) Fujitsu Ltd Hiroya Inakoshi |
|---|---|
| US8869249B2 CLAIM 1 . A method comprising : receiving , for a user , first user authentication information for a first authentication method ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving , by a computing device , a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device (input interface) for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US5933604A CLAIM 13 . An information processing terminal for use in an information processing system on a communication network through which information sent from a plurality of sending sources flows , comprising : input interface (user device) means for inputting a monitoring request from a user that requests monitoring of a state of a user-accessible resource on the communication network and specifies the resource ; and notification interface means for receiving change information that indicates a change in the state of the resource . |
| US8869249B2 CLAIM 11 . A non-transitory computer-readable storage medium containing instructions for controlling a computer system to be configured for : receiving , for a user , first user authentication information for a first authentication method ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device (input interface) for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing system , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US5933604A CLAIM 13 . An information processing terminal for use in an information processing system on a communication network through which information sent from a plurality of sending sources flows , comprising : input interface (user device) means for inputting a monitoring request from a user that requests monitoring of a state of a user-accessible resource on the communication network and specifies the resource ; and notification interface means for receiving change information that indicates a change in the state of the resource . |
| US8869249B2 CLAIM 15 . A method comprising : receiving , for a user , first user authentication information for a first authentication method ; upon authenticating the first user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device after receiving , for the user , a second user authentication information , wherein the front-end storage device is accessible to a user device (input interface) for the user via a network and the back-end storage device is not directly connected to the network ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the second user authentication information , enabling , by a computing device , user access to the subset of data that has been moved to the front-end storage device via the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US5933604A CLAIM 13 . An information processing terminal for use in an information processing system on a communication network through which information sent from a plurality of sending sources flows , comprising : input interface (user device) means for inputting a monitoring request from a user that requests monitoring of a state of a user-accessible resource on the communication network and specifies the resource ; and notification interface means for receiving change information that indicates a change in the state of the resource . |
| US8869249B2 Filed: 2002-01-18 Issued: 2014-10-21 Protecting information on a computer system using multiple authentication methods (Original Assignee) PeopleChart Corp (Current Assignee) PeopleChart Corp R. David Holvey, Arthur Douglas Jopling | US5855018A Filed: 1996-10-18 Issued: 1998-12-29 Private information retrieval (Original Assignee) Yeda Research and Development Co Ltd (Current Assignee) Yeda Research and Development Co Ltd Ben-Zion Chor, Oded Goldreich, Eyal Kushilevitz |
|---|---|
| US8869249B2 CLAIM 1 . A method comprising : receiving , for a user , first user authentication information for a first authentication method ; receiving , for the user , second user (said database) authentication information for a second authentication method (following steps) , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving , by a computing device , a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device (said database) for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US5855018A CLAIM 1 . A method for retrieving at least one sought l-bit-long (l≧1) data item from a database whilst essentially assuring the user' ; s privacy ; the database having k (k≧2) database copies designated as DB0 0 -DB k-1 having respective k indices 0 . . . k-1 ; each of said database (second user, user device, user device access, user access) copies includes a plurality of l-bit-long data items associated , each , with a unique database address ; the method comprising the following steps (second authentication method, end storage device) executed with respect to each one of said at least one sought l-bit-long data item : (i) providing a database address of said sought l-bit-long data item ; (ii) generating k strings S 0 . . . S k-1 , which when applied , each , to the respective databases DB 0 to DB k-1 , define in each one of them , a respective plurality of database addresses of a plurality of l-bit-long data items ; the plurality of database addresses that is defined by each one of said S 0 . . . S k-1 containing a common subset and a complementary subset of database addresses ; the respective complementary subsets of database addresses of S 0 -S k-1 , being distinguishable , one with respect to the other , contingent upon the database address stipulated in step (i) ; (iii) calculating for each database DB i , from among said databases DB 0 . . . DB k-1 , result i as a function of the plurality of l-bit-long data items of step (ii) , giving rise to the generation of k results from DB 0 . . . DB k-1 , respectively ; (iv) communicating the k results of (iii) to the user ; and (v) calculating the sought l-bit-long item as a function of said k results . |
| US8869249B2 CLAIM 3 . The method of claim 1 , wherein the period of time starts upon authenticating the second user (said database) authentication information as long as the second user authentication information is authenticated within a prescheduled period of time . |
US5855018A CLAIM 1 . A method for retrieving at least one sought l-bit-long (l≧1) data item from a database whilst essentially assuring the user' ; s privacy ; the database having k (k≧2) database copies designated as DB0 0 -DB k-1 having respective k indices 0 . . . k-1 ; each of said database (second user, user device, user device access, user access) copies includes a plurality of l-bit-long data items associated , each , with a unique database address ; the method comprising the following steps executed with respect to each one of said at least one sought l-bit-long data item : (i) providing a database address of said sought l-bit-long data item ; (ii) generating k strings S 0 . . . S k-1 , which when applied , each , to the respective databases DB 0 to DB k-1 , define in each one of them , a respective plurality of database addresses of a plurality of l-bit-long data items ; the plurality of database addresses that is defined by each one of said S 0 . . . S k-1 containing a common subset and a complementary subset of database addresses ; the respective complementary subsets of database addresses of S 0 -S k-1 , being distinguishable , one with respect to the other , contingent upon the database address stipulated in step (i) ; (iii) calculating for each database DB i , from among said databases DB 0 . . . DB k-1 , result i as a function of the plurality of l-bit-long data items of step (ii) , giving rise to the generation of k results from DB 0 . . . DB k-1 , respectively ; (iv) communicating the k results of (iii) to the user ; and (v) calculating the sought l-bit-long item as a function of said k results . |
| US8869249B2 CLAIM 4 . The method of claim 1 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user authentication information and the second user (said database) authentication information are authenticated . |
US5855018A CLAIM 1 . A method for retrieving at least one sought l-bit-long (l≧1) data item from a database whilst essentially assuring the user' ; s privacy ; the database having k (k≧2) database copies designated as DB0 0 -DB k-1 having respective k indices 0 . . . k-1 ; each of said database (second user, user device, user device access, user access) copies includes a plurality of l-bit-long data items associated , each , with a unique database address ; the method comprising the following steps executed with respect to each one of said at least one sought l-bit-long data item : (i) providing a database address of said sought l-bit-long data item ; (ii) generating k strings S 0 . . . S k-1 , which when applied , each , to the respective databases DB 0 to DB k-1 , define in each one of them , a respective plurality of database addresses of a plurality of l-bit-long data items ; the plurality of database addresses that is defined by each one of said S 0 . . . S k-1 containing a common subset and a complementary subset of database addresses ; the respective complementary subsets of database addresses of S 0 -S k-1 , being distinguishable , one with respect to the other , contingent upon the database address stipulated in step (i) ; (iii) calculating for each database DB i , from among said databases DB 0 . . . DB k-1 , result i as a function of the plurality of l-bit-long data items of step (ii) , giving rise to the generation of k results from DB 0 . . . DB k-1 , respectively ; (iv) communicating the k results of (iii) to the user ; and (v) calculating the sought l-bit-long item as a function of said k results . |
| US8869249B2 CLAIM 7 . The method of claim 1 , wherein the second user (said database) authentication information comprises an access code . |
US5855018A CLAIM 1 . A method for retrieving at least one sought l-bit-long (l≧1) data item from a database whilst essentially assuring the user' ; s privacy ; the database having k (k≧2) database copies designated as DB0 0 -DB k-1 having respective k indices 0 . . . k-1 ; each of said database (second user, user device, user device access, user access) copies includes a plurality of l-bit-long data items associated , each , with a unique database address ; the method comprising the following steps executed with respect to each one of said at least one sought l-bit-long data item : (i) providing a database address of said sought l-bit-long data item ; (ii) generating k strings S 0 . . . S k-1 , which when applied , each , to the respective databases DB 0 to DB k-1 , define in each one of them , a respective plurality of database addresses of a plurality of l-bit-long data items ; the plurality of database addresses that is defined by each one of said S 0 . . . S k-1 containing a common subset and a complementary subset of database addresses ; the respective complementary subsets of database addresses of S 0 -S k-1 , being distinguishable , one with respect to the other , contingent upon the database address stipulated in step (i) ; (iii) calculating for each database DB i , from among said databases DB 0 . . . DB k-1 , result i as a function of the plurality of l-bit-long data items of step (ii) , giving rise to the generation of k results from DB 0 . . . DB k-1 , respectively ; (iv) communicating the k results of (iii) to the user ; and (v) calculating the sought l-bit-long item as a function of said k results . |
| US8869249B2 CLAIM 11 . A non-transitory computer-readable storage medium containing instructions for controlling a computer system to be configured for : receiving , for a user , first user authentication information for a first authentication method ; receiving , for the user , second user (said database) authentication information for a second authentication method (following steps) , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device (said database) for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing system , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US5855018A CLAIM 1 . A method for retrieving at least one sought l-bit-long (l≧1) data item from a database whilst essentially assuring the user' ; s privacy ; the database having k (k≧2) database copies designated as DB0 0 -DB k-1 having respective k indices 0 . . . k-1 ; each of said database (second user, user device, user device access, user access) copies includes a plurality of l-bit-long data items associated , each , with a unique database address ; the method comprising the following steps (second authentication method, end storage device) executed with respect to each one of said at least one sought l-bit-long data item : (i) providing a database address of said sought l-bit-long data item ; (ii) generating k strings S 0 . . . S k-1 , which when applied , each , to the respective databases DB 0 to DB k-1 , define in each one of them , a respective plurality of database addresses of a plurality of l-bit-long data items ; the plurality of database addresses that is defined by each one of said S 0 . . . S k-1 containing a common subset and a complementary subset of database addresses ; the respective complementary subsets of database addresses of S 0 -S k-1 , being distinguishable , one with respect to the other , contingent upon the database address stipulated in step (i) ; (iii) calculating for each database DB i , from among said databases DB 0 . . . DB k-1 , result i as a function of the plurality of l-bit-long data items of step (ii) , giving rise to the generation of k results from DB 0 . . . DB k-1 , respectively ; (iv) communicating the k results of (iii) to the user ; and (v) calculating the sought l-bit-long item as a function of said k results . |
| US8869249B2 CLAIM 12 . The non-transitory computer-readable storage medium of claim 11 , further configured for : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user authentication information and the second user (said database) authentication information are authenticated . |
US5855018A CLAIM 1 . A method for retrieving at least one sought l-bit-long (l≧1) data item from a database whilst essentially assuring the user' ; s privacy ; the database having k (k≧2) database copies designated as DB0 0 -DB k-1 having respective k indices 0 . . . k-1 ; each of said database (second user, user device, user device access, user access) copies includes a plurality of l-bit-long data items associated , each , with a unique database address ; the method comprising the following steps executed with respect to each one of said at least one sought l-bit-long data item : (i) providing a database address of said sought l-bit-long data item ; (ii) generating k strings S 0 . . . S k-1 , which when applied , each , to the respective databases DB 0 to DB k-1 , define in each one of them , a respective plurality of database addresses of a plurality of l-bit-long data items ; the plurality of database addresses that is defined by each one of said S 0 . . . S k-1 containing a common subset and a complementary subset of database addresses ; the respective complementary subsets of database addresses of S 0 -S k-1 , being distinguishable , one with respect to the other , contingent upon the database address stipulated in step (i) ; (iii) calculating for each database DB i , from among said databases DB 0 . . . DB k-1 , result i as a function of the plurality of l-bit-long data items of step (ii) , giving rise to the generation of k results from DB 0 . . . DB k-1 , respectively ; (iv) communicating the k results of (iii) to the user ; and (v) calculating the sought l-bit-long item as a function of said k results . |
| US8869249B2 CLAIM 13 . The non-transitory computer-readable storage medium of claim 11 , wherein the second user (said database) authentication information comprises an access code . |
US5855018A CLAIM 1 . A method for retrieving at least one sought l-bit-long (l≧1) data item from a database whilst essentially assuring the user' ; s privacy ; the database having k (k≧2) database copies designated as DB0 0 -DB k-1 having respective k indices 0 . . . k-1 ; each of said database (second user, user device, user device access, user access) copies includes a plurality of l-bit-long data items associated , each , with a unique database address ; the method comprising the following steps executed with respect to each one of said at least one sought l-bit-long data item : (i) providing a database address of said sought l-bit-long data item ; (ii) generating k strings S 0 . . . S k-1 , which when applied , each , to the respective databases DB 0 to DB k-1 , define in each one of them , a respective plurality of database addresses of a plurality of l-bit-long data items ; the plurality of database addresses that is defined by each one of said S 0 . . . S k-1 containing a common subset and a complementary subset of database addresses ; the respective complementary subsets of database addresses of S 0 -S k-1 , being distinguishable , one with respect to the other , contingent upon the database address stipulated in step (i) ; (iii) calculating for each database DB i , from among said databases DB 0 . . . DB k-1 , result i as a function of the plurality of l-bit-long data items of step (ii) , giving rise to the generation of k results from DB 0 . . . DB k-1 , respectively ; (iv) communicating the k results of (iii) to the user ; and (v) calculating the sought l-bit-long item as a function of said k results . |
| US8869249B2 CLAIM 15 . A method comprising : receiving , for a user , first user authentication information for a first authentication method ; upon authenticating the first user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device after receiving , for the user , a second user (said database) authentication information , wherein the front-end storage device is accessible to a user device (said database) for the user via a network and the back-end storage device is not directly connected to the network ; receiving , for the user , second user authentication information for a second authentication method (following steps) , the second authentication method being different from the first authentication method ; upon authenticating the second user authentication information , enabling , by a computing device , user access (said database) to the subset of data that has been moved to the front-end storage device via the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US5855018A CLAIM 1 . A method for retrieving at least one sought l-bit-long (l≧1) data item from a database whilst essentially assuring the user' ; s privacy ; the database having k (k≧2) database copies designated as DB0 0 -DB k-1 having respective k indices 0 . . . k-1 ; each of said database (second user, user device, user device access, user access) copies includes a plurality of l-bit-long data items associated , each , with a unique database address ; the method comprising the following steps (second authentication method, end storage device) executed with respect to each one of said at least one sought l-bit-long data item : (i) providing a database address of said sought l-bit-long data item ; (ii) generating k strings S 0 . . . S k-1 , which when applied , each , to the respective databases DB 0 to DB k-1 , define in each one of them , a respective plurality of database addresses of a plurality of l-bit-long data items ; the plurality of database addresses that is defined by each one of said S 0 . . . S k-1 containing a common subset and a complementary subset of database addresses ; the respective complementary subsets of database addresses of S 0 -S k-1 , being distinguishable , one with respect to the other , contingent upon the database address stipulated in step (i) ; (iii) calculating for each database DB i , from among said databases DB 0 . . . DB k-1 , result i as a function of the plurality of l-bit-long data items of step (ii) , giving rise to the generation of k results from DB 0 . . . DB k-1 , respectively ; (iv) communicating the k results of (iii) to the user ; and (v) calculating the sought l-bit-long item as a function of said k results . |
| US8869249B2 CLAIM 16 . The method of claim 15 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user authentication information and the second user (said database) authentication information are authenticated . |
US5855018A CLAIM 1 . A method for retrieving at least one sought l-bit-long (l≧1) data item from a database whilst essentially assuring the user' ; s privacy ; the database having k (k≧2) database copies designated as DB0 0 -DB k-1 having respective k indices 0 . . . k-1 ; each of said database (second user, user device, user device access, user access) copies includes a plurality of l-bit-long data items associated , each , with a unique database address ; the method comprising the following steps executed with respect to each one of said at least one sought l-bit-long data item : (i) providing a database address of said sought l-bit-long data item ; (ii) generating k strings S 0 . . . S k-1 , which when applied , each , to the respective databases DB 0 to DB k-1 , define in each one of them , a respective plurality of database addresses of a plurality of l-bit-long data items ; the plurality of database addresses that is defined by each one of said S 0 . . . S k-1 containing a common subset and a complementary subset of database addresses ; the respective complementary subsets of database addresses of S 0 -S k-1 , being distinguishable , one with respect to the other , contingent upon the database address stipulated in step (i) ; (iii) calculating for each database DB i , from among said databases DB 0 . . . DB k-1 , result i as a function of the plurality of l-bit-long data items of step (ii) , giving rise to the generation of k results from DB 0 . . . DB k-1 , respectively ; (iv) communicating the k results of (iii) to the user ; and (v) calculating the sought l-bit-long item as a function of said k results . |
| US8869249B2 CLAIM 18 . The method of claim 15 , wherein the second user (said database) authentication information comprises an access code . |
US5855018A CLAIM 1 . A method for retrieving at least one sought l-bit-long (l≧1) data item from a database whilst essentially assuring the user' ; s privacy ; the database having k (k≧2) database copies designated as DB0 0 -DB k-1 having respective k indices 0 . . . k-1 ; each of said database (second user, user device, user device access, user access) copies includes a plurality of l-bit-long data items associated , each , with a unique database address ; the method comprising the following steps executed with respect to each one of said at least one sought l-bit-long data item : (i) providing a database address of said sought l-bit-long data item ; (ii) generating k strings S 0 . . . S k-1 , which when applied , each , to the respective databases DB 0 to DB k-1 , define in each one of them , a respective plurality of database addresses of a plurality of l-bit-long data items ; the plurality of database addresses that is defined by each one of said S 0 . . . S k-1 containing a common subset and a complementary subset of database addresses ; the respective complementary subsets of database addresses of S 0 -S k-1 , being distinguishable , one with respect to the other , contingent upon the database address stipulated in step (i) ; (iii) calculating for each database DB i , from among said databases DB 0 . . . DB k-1 , result i as a function of the plurality of l-bit-long data items of step (ii) , giving rise to the generation of k results from DB 0 . . . DB k-1 , respectively ; (iv) communicating the k results of (iii) to the user ; and (v) calculating the sought l-bit-long item as a function of said k results . |
| US8869249B2 Filed: 2002-01-18 Issued: 2014-10-21 Protecting information on a computer system using multiple authentication methods (Original Assignee) PeopleChart Corp (Current Assignee) PeopleChart Corp R. David Holvey, Arthur Douglas Jopling | US6181803B1 Filed: 1996-09-30 Issued: 2001-01-30 Apparatus and method for securely processing biometric information to control access to a node (Original Assignee) Intel Corp (Current Assignee) Intel Corp Derek L. Davis |
|---|---|
| US8869249B2 CLAIM 11 . A non-transitory computer-readable storage medium containing instructions for controlling a computer system (data capture, stored data) to be configured for : receiving , for a user , first user authentication information for a first authentication method ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing system , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US6181803B1 CLAIM 1 . A biometric device for controlling access to a node comprising : a semiconductor package ; a biometric processor placed in the semiconductor package , the biometric processor including a data capture (computer system) circuit contained in the semiconductor package , the data capture circuit to capture a plurality of successive clips of data associated with predetermined biometric characteristic , and a processing unit coupled to the data capture circuit and contained in the semiconductor package , the processing unit to extrapolate information from at least two data clips of the plurality of successive data clips to produce a composite data clip and compare the composite data clip with a clip of pre-stored data (computer system) being a master copy of the predetermined biometric characteristic ; and an input source placed outside the semiconductor package , the input source to receive data associated with the predetermined biometric characteristic . |
| US8869249B2 CLAIM 15 . A method comprising : receiving , for a user , first user authentication information for a first authentication method ; upon authenticating the first user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device after receiving , for the user , a second user authentication information , wherein the front-end storage device is accessible to a user device for the user via a network and the back-end storage device is not directly connected to the network ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the second user authentication information , enabling , by a computing device , user access (user access) to the subset of data that has been moved to the front-end storage device via the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US6181803B1 CLAIM 17 . A computer comprising : access control circuitry to control user access (user access) to the computer ; and a biometric device in communication with the access control circuitry to respond to periodic messages from the access control circuitry , the biometric device including a semiconductor package , a data capture circuit placed in the semiconductor package , the data capture circuit to capture a plurality of successive data clips of a predetermined biometric characteristic , and a processor coupled to the data capture circuit and placed in the semiconductor package , the processor including a memory unit to contain a clip of pre-stored data being a master copy of the predetermined biometric characteristic , and a computational element to extrapolate information from at least two data clips of the plurality of successive data clips to produce a composite data clip to compare the composite data clip with the clip of pre-stored data , and to provide a signal whether a match has been detected . |
| US8869249B2 Filed: 2002-01-18 Issued: 2014-10-21 Protecting information on a computer system using multiple authentication methods (Original Assignee) PeopleChart Corp (Current Assignee) PeopleChart Corp R. David Holvey, Arthur Douglas Jopling | US5862325A Filed: 1996-09-27 Issued: 1999-01-19 Computer-based communication system and method using metadata defining a control structure (Original Assignee) Intermind Corp (Current Assignee) Intermind Corp Drummond Shattuck Reed, Peter Earnshaw Heymann, Steven Mark Mushero, Kevin Benard Jones, Jeffrey Todd Oberlander, Dan Banay |
|---|---|
| US8869249B2 CLAIM 1 . A method comprising : receiving , for a user , first user (second information) authentication information for a first authentication method ; receiving , for the user , second user (said server) authentication information for a second authentication (access control information, digital signatures) method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving , by a computing device , a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US5862325A CLAIM 5 . The computer-based communication system of claim 1 , wherein said information includes a communications network server address and polling control data , and wherein said transfer metadata includes pull metadata describing associations between said network server address , said polling control data , and said associated information ; and wherein said processing means includes polling trigger means for processing said pull metadata to trigger update processing , transfer means for processing said update metadata to access a server at said network server address to request transfer of said updated information , and reception means for receiving said updated information transferred by said server (second user) in response to a request and storing said updated information in said consumer memory . US5862325A CLAIM 49 . The computer-based communication system of claim 48 , further comprising : value determining means coupled to said consumer memory for determining said preference values based upon second information (first user) in said consumer memory . US5862325A CLAIM 51 . The computer-based communication system of claim 1 or claim 20 , wherein said information includes access control information (second authentication) and wherein said metadata includes access control metadata describing associations between said access control information and said associated information ; and wherein said processing means includes access control means for processing said access control metadata to control access to said associated information . US5862325A CLAIM 57 . The computer-based communication system of claim 55 , wherein said encoding processes include at least one of compression , encryption , digital signatures (second authentication) , file formatting , data translation , and language translation . |
| US8869249B2 CLAIM 3 . The method of claim 1 , wherein the period of time starts upon authenticating the second user (said server) authentication information as long as the second user authentication information is authenticated within a prescheduled period of time . |
US5862325A CLAIM 5 . The computer-based communication system of claim 1 , wherein said information includes a communications network server address and polling control data , and wherein said transfer metadata includes pull metadata describing associations between said network server address , said polling control data , and said associated information ; and wherein said processing means includes polling trigger means for processing said pull metadata to trigger update processing , transfer means for processing said update metadata to access a server at said network server address to request transfer of said updated information , and reception means for receiving said updated information transferred by said server (second user) in response to a request and storing said updated information in said consumer memory . |
| US8869249B2 CLAIM 4 . The method of claim 1 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user (second information) authentication information and the second user (said server) authentication information are authenticated . |
US5862325A CLAIM 5 . The computer-based communication system of claim 1 , wherein said information includes a communications network server address and polling control data , and wherein said transfer metadata includes pull metadata describing associations between said network server address , said polling control data , and said associated information ; and wherein said processing means includes polling trigger means for processing said pull metadata to trigger update processing , transfer means for processing said update metadata to access a server at said network server address to request transfer of said updated information , and reception means for receiving said updated information transferred by said server (second user) in response to a request and storing said updated information in said consumer memory . US5862325A CLAIM 49 . The computer-based communication system of claim 48 , further comprising : value determining means coupled to said consumer memory for determining said preference values based upon second information (first user) in said consumer memory . |
| US8869249B2 CLAIM 7 . The method of claim 1 , wherein the second user (said server) authentication information comprises an access code . |
US5862325A CLAIM 5 . The computer-based communication system of claim 1 , wherein said information includes a communications network server address and polling control data , and wherein said transfer metadata includes pull metadata describing associations between said network server address , said polling control data , and said associated information ; and wherein said processing means includes polling trigger means for processing said pull metadata to trigger update processing , transfer means for processing said update metadata to access a server at said network server address to request transfer of said updated information , and reception means for receiving said updated information transferred by said server (second user) in response to a request and storing said updated information in said consumer memory . |
| US8869249B2 CLAIM 8 . The method of claim 7 , further comprising sending the access code to the user upon receiving the first user (second information) authentication information . |
US5862325A CLAIM 49 . The computer-based communication system of claim 48 , further comprising : value determining means coupled to said consumer memory for determining said preference values based upon second information (first user) in said consumer memory . |
| US8869249B2 CLAIM 10 . The method of claim 8 , wherein the access code is sent to the user via a different communication channel from which the first user (second information) authentication information is received . |
US5862325A CLAIM 49 . The computer-based communication system of claim 48 , further comprising : value determining means coupled to said consumer memory for determining said preference values based upon second information (first user) in said consumer memory . |
| US8869249B2 CLAIM 11 . A non-transitory computer-readable storage medium containing instructions for controlling a computer system to be configured for : receiving , for a user , first user (second information) authentication information for a first authentication method ; receiving , for the user , second user (said server) authentication information for a second authentication (access control information, digital signatures) method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing system (user identity information) , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US5862325A CLAIM 4 . The computer-based communication system of claim 1 , wherein said information includes user identity information (computing system) representing a plurality of users , and wherein said metadata includes multiuser metadata describing associations between said user identity information and said associated information ; and wherein said processing means includes multiuser means for processing said multiuser metadata to control associations between each of said users and said associated information . US5862325A CLAIM 5 . The computer-based communication system of claim 1 , wherein said information includes a communications network server address and polling control data , and wherein said transfer metadata includes pull metadata describing associations between said network server address , said polling control data , and said associated information ; and wherein said processing means includes polling trigger means for processing said pull metadata to trigger update processing , transfer means for processing said update metadata to access a server at said network server address to request transfer of said updated information , and reception means for receiving said updated information transferred by said server (second user) in response to a request and storing said updated information in said consumer memory . US5862325A CLAIM 49 . The computer-based communication system of claim 48 , further comprising : value determining means coupled to said consumer memory for determining said preference values based upon second information (first user) in said consumer memory . US5862325A CLAIM 51 . The computer-based communication system of claim 1 or claim 20 , wherein said information includes access control information (second authentication) and wherein said metadata includes access control metadata describing associations between said access control information and said associated information ; and wherein said processing means includes access control means for processing said access control metadata to control access to said associated information . US5862325A CLAIM 57 . The computer-based communication system of claim 55 , wherein said encoding processes include at least one of compression , encryption , digital signatures (second authentication) , file formatting , data translation , and language translation . |
| US8869249B2 CLAIM 12 . The non-transitory computer-readable storage medium of claim 11 , further configured for : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user (second information) authentication information and the second user (said server) authentication information are authenticated . |
US5862325A CLAIM 5 . The computer-based communication system of claim 1 , wherein said information includes a communications network server address and polling control data , and wherein said transfer metadata includes pull metadata describing associations between said network server address , said polling control data , and said associated information ; and wherein said processing means includes polling trigger means for processing said pull metadata to trigger update processing , transfer means for processing said update metadata to access a server at said network server address to request transfer of said updated information , and reception means for receiving said updated information transferred by said server (second user) in response to a request and storing said updated information in said consumer memory . US5862325A CLAIM 49 . The computer-based communication system of claim 48 , further comprising : value determining means coupled to said consumer memory for determining said preference values based upon second information (first user) in said consumer memory . |
| US8869249B2 CLAIM 13 . The non-transitory computer-readable storage medium of claim 11 , wherein the second user (said server) authentication information comprises an access code . |
US5862325A CLAIM 5 . The computer-based communication system of claim 1 , wherein said information includes a communications network server address and polling control data , and wherein said transfer metadata includes pull metadata describing associations between said network server address , said polling control data , and said associated information ; and wherein said processing means includes polling trigger means for processing said pull metadata to trigger update processing , transfer means for processing said update metadata to access a server at said network server address to request transfer of said updated information , and reception means for receiving said updated information transferred by said server (second user) in response to a request and storing said updated information in said consumer memory . |
| US8869249B2 CLAIM 14 . The non-transitory computer-readable storage medium of claim 13 , wherein the access code is sent to the user via a different communication channel from which the first user (second information) authentication information is received . |
US5862325A CLAIM 49 . The computer-based communication system of claim 48 , further comprising : value determining means coupled to said consumer memory for determining said preference values based upon second information (first user) in said consumer memory . |
| US8869249B2 CLAIM 15 . A method comprising : receiving , for a user , first user (second information) authentication information for a first authentication method ; upon authenticating the first user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device after receiving , for the user , a second user (said server) authentication information , wherein the front-end storage device is accessible to a user device for the user via a network and the back-end storage device is not directly connected to the network ; receiving , for the user , second user authentication information for a second authentication (access control information, digital signatures) method , the second authentication method being different from the first authentication method ; upon authenticating the second user authentication information , enabling , by a computing device , user access to the subset of data that has been moved to the front-end storage device via the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US5862325A CLAIM 5 . The computer-based communication system of claim 1 , wherein said information includes a communications network server address and polling control data , and wherein said transfer metadata includes pull metadata describing associations between said network server address , said polling control data , and said associated information ; and wherein said processing means includes polling trigger means for processing said pull metadata to trigger update processing , transfer means for processing said update metadata to access a server at said network server address to request transfer of said updated information , and reception means for receiving said updated information transferred by said server (second user) in response to a request and storing said updated information in said consumer memory . US5862325A CLAIM 49 . The computer-based communication system of claim 48 , further comprising : value determining means coupled to said consumer memory for determining said preference values based upon second information (first user) in said consumer memory . US5862325A CLAIM 51 . The computer-based communication system of claim 1 or claim 20 , wherein said information includes access control information (second authentication) and wherein said metadata includes access control metadata describing associations between said access control information and said associated information ; and wherein said processing means includes access control means for processing said access control metadata to control access to said associated information . US5862325A CLAIM 57 . The computer-based communication system of claim 55 , wherein said encoding processes include at least one of compression , encryption , digital signatures (second authentication) , file formatting , data translation , and language translation . |
| US8869249B2 CLAIM 16 . The method of claim 15 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user (second information) authentication information and the second user (said server) authentication information are authenticated . |
US5862325A CLAIM 5 . The computer-based communication system of claim 1 , wherein said information includes a communications network server address and polling control data , and wherein said transfer metadata includes pull metadata describing associations between said network server address , said polling control data , and said associated information ; and wherein said processing means includes polling trigger means for processing said pull metadata to trigger update processing , transfer means for processing said update metadata to access a server at said network server address to request transfer of said updated information , and reception means for receiving said updated information transferred by said server (second user) in response to a request and storing said updated information in said consumer memory . US5862325A CLAIM 49 . The computer-based communication system of claim 48 , further comprising : value determining means coupled to said consumer memory for determining said preference values based upon second information (first user) in said consumer memory . |
| US8869249B2 CLAIM 18 . The method of claim 15 , wherein the second user (said server) authentication information comprises an access code . |
US5862325A CLAIM 5 . The computer-based communication system of claim 1 , wherein said information includes a communications network server address and polling control data , and wherein said transfer metadata includes pull metadata describing associations between said network server address , said polling control data , and said associated information ; and wherein said processing means includes polling trigger means for processing said pull metadata to trigger update processing , transfer means for processing said update metadata to access a server at said network server address to request transfer of said updated information , and reception means for receiving said updated information transferred by said server (second user) in response to a request and storing said updated information in said consumer memory . |
| US8869249B2 CLAIM 19 . The method of claim 18 , further comprising sending the access code to the user upon receiving the first user (second information) authentication information . |
US5862325A CLAIM 49 . The computer-based communication system of claim 48 , further comprising : value determining means coupled to said consumer memory for determining said preference values based upon second information (first user) in said consumer memory . |
| US8869249B2 CLAIM 20 . The method of claim 19 , wherein the access code is sent to the user via a different communication channel from which the first user (second information) authentication information is received . |
US5862325A CLAIM 49 . The computer-based communication system of claim 48 , further comprising : value determining means coupled to said consumer memory for determining said preference values based upon second information (first user) in said consumer memory . |
| US8869249B2 Filed: 2002-01-18 Issued: 2014-10-21 Protecting information on a computer system using multiple authentication methods (Original Assignee) PeopleChart Corp (Current Assignee) PeopleChart Corp R. David Holvey, Arthur Douglas Jopling | US6018343A Filed: 1996-09-27 Issued: 2000-01-25 Web calendar architecture and uses thereof (Original Assignee) Timecruiser Computing Corp (Current Assignee) Vivint Inc Shou-Chung Wang, Wenwey Hseush, Anthony Ma |
|---|---|
| US8869249B2 CLAIM 11 . A non-transitory computer-readable storage medium containing instructions for controlling a computer system to be configured for : receiving , for a user , first user authentication information for a first authentication method ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing system (receiving seat) , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US6018343A CLAIM 8 . A method of performing scheduling transactions according to claim 5 , wherein the step of receiving a registration form includes receiving seat (computing system) ing information from the Java program downloaded to the user' ; s computer or from the server associated with the scheduled event . |
| US8869249B2 CLAIM 15 . A method comprising : receiving , for a user , first user authentication information for a first authentication method ; upon authenticating the first user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device after receiving , for the user , a second user authentication information , wherein the front-end storage device is accessible to a user device for the user via a network and the back-end storage device is not directly connected to the network ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the second user authentication information , enabling , by a computing device , user access (user access) to the subset of data that has been moved to the front-end storage device via the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US6018343A CLAIM 5 . A method of performing an Internet scheduling transaction using a Web-based calendar , comprising the steps of : accessing a Web site of a Web-based calendar , the Web-based calendar being a Java calendar program downloaded from a server for the Java calendar program to a user' ; s computer when the user access (user access) es the Web site ; selecting a scheduled event from the calendar ; receiving a registration form from the Java calendar program to the user' ; s computer or via the Internet from a server associated with the scheduled event ; registering for the scheduled event by providing registration information on the downloaded registration form to the server associated with the scheduled event ; and receiving a registration response from the server associated with the scheduled event . |
| US8869249B2 Filed: 2002-01-18 Issued: 2014-10-21 Protecting information on a computer system using multiple authentication methods (Original Assignee) PeopleChart Corp (Current Assignee) PeopleChart Corp R. David Holvey, Arthur Douglas Jopling | US5930759A Filed: 1996-04-30 Issued: 1999-07-27 Method and system for processing health care electronic data transactions (Original Assignee) Symbol Technologies LLC; OPTIMUM Inc (Current Assignee) Symbol Technologies LLC ; OPTIMUM Inc James G. Moore, Wayne E. Jones |
|---|---|
| US8869249B2 CLAIM 1 . A method comprising : receiving , for a user , first user authentication information for a first authentication (receiving input) method ; receiving , for the user , second user (dimensional bar code) authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving , by a computing device (electronic data, computer system, readable data) , a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US5930759A CLAIM 1 . A system for filing health care claims electronically when health care services are provided to a patient by a service provider and paid or recorded by a third party payor upon the receipt of a health care claim , said system comprising : (a) a personal data card to be carried by the patient , said card bearing human readable indicia identifying the patient , and a machine readable data (computing device, computer system) file , said data file including a two dimensional pattern of marks wherein the encoded marks together include a plurality of information words , including patient identification , third party insurer identification , and entitlement and benefit information relation to the relationship between the patient and the third party payor ; (b) a reader for scanning the machine readable data file and decoding said two dimensional pattern of marks into a plurality of separated patient digital fields and insurer digital fields , each of said fields enabling one or more information words to be decoded therefrom ; (c) means for entering a plurality of service provider digital fields entered by said service provider , said service provider digital fields representing service provided to said patient , (d) a data processing means for receiving said separated patient digital fields and said insurer digital fields from said reader , and said plurality of service provider digital fields entered by said service provider , said data processing means assembling said fields to form a health care claim to be presented to said payor for payment thereof on behalf of the patient ; (e) data memory means for storing one or more health care insurance claims for services rendered to one or more patients by said service provider as digital claims ; (f) data communication means for transmitting one or more of the digital claims from said service provider to said payor or clearing house via a common carrier . US5930759A CLAIM 14 . A health care data card for completing health care claims to be filed electronically as claimed in claim 13 wherein said machine readable data file is encoded in a two dimensional bar code (second user) format . US5930759A CLAIM 21 . A computer system (computing device, computer system) for electronically assembling a health insurance claim , each of said claims including patient related data and treatment related data , the system comprising : a data processing unit ; a memory unit including a claim assembly area ; means connecting the clearinghouse unit and the memory unit together to transmit data therebetween ; input means for receiving data , and including i) means to receive patient related data including patient identification , third party payor identification , and entitlement and benefit information relation to the relationship between the patient and the payor in an electronic format , and ii) means to receive input from an operator ; output means for transmitting data from the computer system , and including a screen ; and a control program stored in the data processing unit , and including i) a series of prompts , and ii) a claim assembling program to present the prompts on the screen in a predefined order to prompt the operator to input the treatment related data , and to transmit the patient related data and the treatment related data to the claim assembly area to assemble an electronic claim form therein . US5930759A CLAIM 25 . A system for processing insurance claims for services received by patients , the system comprising : a portable personal data file including a set of data related to a patient including patient identification , third party payor identification , and entitlement and benefit information relation to the relationship between the patient and the payor and encoded in a machine readable format ; a local telecommunications unit including i) input means for receiving input (first authentication) data from an operator , ii) output means , iii) a memory unit , iv) a control program , and v) a series of prompts stored in the memory area for soliciting input data from the operator related to services received by the patient ; and a reader for reading the patient related data from the portable personal data file and transmitting said patient related data to the processing unit ; wherein the control program operates (i) to present the prompts on the output means in a human understandable format and in an order determined in accordance with a preset program , to solicit from the operator the treatment related data , and (ii) to assemble the patient related data received from the reader and the treatment related data received from the operator , in the memory area to form an electronic claim form therein . US5930759A CLAIM 27 . A system according to claim 26 , wherein the means to transmit the electronic claim form includes : a common carrier of electronic data (computing device, computer system) ; a modem connected to the local telecommunications unit and the common carriers for receiving the electronic claim form from the local processing unit and converting the electronic claim form into a format suitable for transmission over the common carrier . |
| US8869249B2 CLAIM 3 . The method of claim 1 , wherein the period of time starts upon authenticating the second user (dimensional bar code) authentication information as long as the second user authentication information is authenticated within a prescheduled period of time . |
US5930759A CLAIM 14 . A health care data card for completing health care claims to be filed electronically as claimed in claim 13 wherein said machine readable data file is encoded in a two dimensional bar code (second user) format . |
| US8869249B2 CLAIM 4 . The method of claim 1 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user authentication information and the second user (dimensional bar code) authentication information are authenticated . |
US5930759A CLAIM 14 . A health care data card for completing health care claims to be filed electronically as claimed in claim 13 wherein said machine readable data file is encoded in a two dimensional bar code (second user) format . |
| US8869249B2 CLAIM 7 . The method of claim 1 , wherein the second user (dimensional bar code) authentication information comprises an access code (control program) . |
US5930759A CLAIM 14 . A health care data card for completing health care claims to be filed electronically as claimed in claim 13 wherein said machine readable data file is encoded in a two dimensional bar code (second user) format . US5930759A CLAIM 19 . A system for assembling , filing and processing health care claims made by patients pursuant to coverage policies issued to the patients by claim payors for service provided to the patients at health care facilities , the network comprising : a multitude of participating patients , each of the patients having a respective one portable personal data file including a set of patient related data including patient identification , third party payor identification , and entitlement and benefit information relation to the relationship between the patient and the payor and encoded in a machine readable format ; a multitude of health care facilities , for providing health care services to the participating patients , each of the health care facilities having i) a telecommunications unit , and ii) a file reader to read the data on the personal data files and to transmit the patient related data to the telecommunications unit at the facility , wherein the telecommunications unit includes a control program (access code) having (1) a series of prompts , and (2) a claim assembling program to present the prompts in a human understandable format to solicit from an operator data related to services provided to the patients at the health care facility , and to assemble the patient related data from the personal data files and the service related data from the operator into electronic claim forms ; a plurality of claim payor companies having telecommunications units ; a central clearinghouse connected to the telecommunications units of the health care facilities and connected to the telecommunications units of the claim payor companies , the claims processing unit including means to receive the electronic claim forms from the health care facilities , to check the electronic claim forms and to transmit said claims to the payor companies for adjudication and payment . |
| US8869249B2 CLAIM 8 . The method of claim 7 , further comprising sending the access code (control program) to the user upon receiving the first user authentication information . |
US5930759A CLAIM 19 . A system for assembling , filing and processing health care claims made by patients pursuant to coverage policies issued to the patients by claim payors for service provided to the patients at health care facilities , the network comprising : a multitude of participating patients , each of the patients having a respective one portable personal data file including a set of patient related data including patient identification , third party payor identification , and entitlement and benefit information relation to the relationship between the patient and the payor and encoded in a machine readable format ; a multitude of health care facilities , for providing health care services to the participating patients , each of the health care facilities having i) a telecommunications unit , and ii) a file reader to read the data on the personal data files and to transmit the patient related data to the telecommunications unit at the facility , wherein the telecommunications unit includes a control program (access code) having (1) a series of prompts , and (2) a claim assembling program to present the prompts in a human understandable format to solicit from an operator data related to services provided to the patients at the health care facility , and to assemble the patient related data from the personal data files and the service related data from the operator into electronic claim forms ; a plurality of claim payor companies having telecommunications units ; a central clearinghouse connected to the telecommunications units of the health care facilities and connected to the telecommunications units of the claim payor companies , the claims processing unit including means to receive the electronic claim forms from the health care facilities , to check the electronic claim forms and to transmit said claims to the payor companies for adjudication and payment . |
| US8869249B2 CLAIM 9 . The method of claim 8 , wherein the access code (control program) is sent to the user via a communication path that has been previously established . |
US5930759A CLAIM 19 . A system for assembling , filing and processing health care claims made by patients pursuant to coverage policies issued to the patients by claim payors for service provided to the patients at health care facilities , the network comprising : a multitude of participating patients , each of the patients having a respective one portable personal data file including a set of patient related data including patient identification , third party payor identification , and entitlement and benefit information relation to the relationship between the patient and the payor and encoded in a machine readable format ; a multitude of health care facilities , for providing health care services to the participating patients , each of the health care facilities having i) a telecommunications unit , and ii) a file reader to read the data on the personal data files and to transmit the patient related data to the telecommunications unit at the facility , wherein the telecommunications unit includes a control program (access code) having (1) a series of prompts , and (2) a claim assembling program to present the prompts in a human understandable format to solicit from an operator data related to services provided to the patients at the health care facility , and to assemble the patient related data from the personal data files and the service related data from the operator into electronic claim forms ; a plurality of claim payor companies having telecommunications units ; a central clearinghouse connected to the telecommunications units of the health care facilities and connected to the telecommunications units of the claim payor companies , the claims processing unit including means to receive the electronic claim forms from the health care facilities , to check the electronic claim forms and to transmit said claims to the payor companies for adjudication and payment . |
| US8869249B2 CLAIM 10 . The method of claim 8 , wherein the access code (control program) is sent to the user via a different communication channel from which the first user authentication information is received . |
US5930759A CLAIM 19 . A system for assembling , filing and processing health care claims made by patients pursuant to coverage policies issued to the patients by claim payors for service provided to the patients at health care facilities , the network comprising : a multitude of participating patients , each of the patients having a respective one portable personal data file including a set of patient related data including patient identification , third party payor identification , and entitlement and benefit information relation to the relationship between the patient and the payor and encoded in a machine readable format ; a multitude of health care facilities , for providing health care services to the participating patients , each of the health care facilities having i) a telecommunications unit , and ii) a file reader to read the data on the personal data files and to transmit the patient related data to the telecommunications unit at the facility , wherein the telecommunications unit includes a control program (access code) having (1) a series of prompts , and (2) a claim assembling program to present the prompts in a human understandable format to solicit from an operator data related to services provided to the patients at the health care facility , and to assemble the patient related data from the personal data files and the service related data from the operator into electronic claim forms ; a plurality of claim payor companies having telecommunications units ; a central clearinghouse connected to the telecommunications units of the health care facilities and connected to the telecommunications units of the claim payor companies , the claims processing unit including means to receive the electronic claim forms from the health care facilities , to check the electronic claim forms and to transmit said claims to the payor companies for adjudication and payment . |
| US8869249B2 CLAIM 11 . A non-transitory computer-readable storage medium containing instructions for controlling a computer system (electronic data, computer system, readable data) to be configured for : receiving , for a user , first user authentication information for a first authentication (receiving input) method ; receiving , for the user , second user (dimensional bar code) authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing system , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US5930759A CLAIM 1 . A system for filing health care claims electronically when health care services are provided to a patient by a service provider and paid or recorded by a third party payor upon the receipt of a health care claim , said system comprising : (a) a personal data card to be carried by the patient , said card bearing human readable indicia identifying the patient , and a machine readable data (computing device, computer system) file , said data file including a two dimensional pattern of marks wherein the encoded marks together include a plurality of information words , including patient identification , third party insurer identification , and entitlement and benefit information relation to the relationship between the patient and the third party payor ; (b) a reader for scanning the machine readable data file and decoding said two dimensional pattern of marks into a plurality of separated patient digital fields and insurer digital fields , each of said fields enabling one or more information words to be decoded therefrom ; (c) means for entering a plurality of service provider digital fields entered by said service provider , said service provider digital fields representing service provided to said patient , (d) a data processing means for receiving said separated patient digital fields and said insurer digital fields from said reader , and said plurality of service provider digital fields entered by said service provider , said data processing means assembling said fields to form a health care claim to be presented to said payor for payment thereof on behalf of the patient ; (e) data memory means for storing one or more health care insurance claims for services rendered to one or more patients by said service provider as digital claims ; (f) data communication means for transmitting one or more of the digital claims from said service provider to said payor or clearing house via a common carrier . US5930759A CLAIM 14 . A health care data card for completing health care claims to be filed electronically as claimed in claim 13 wherein said machine readable data file is encoded in a two dimensional bar code (second user) format . US5930759A CLAIM 21 . A computer system (computing device, computer system) for electronically assembling a health insurance claim , each of said claims including patient related data and treatment related data , the system comprising : a data processing unit ; a memory unit including a claim assembly area ; means connecting the clearinghouse unit and the memory unit together to transmit data therebetween ; input means for receiving data , and including i) means to receive patient related data including patient identification , third party payor identification , and entitlement and benefit information relation to the relationship between the patient and the payor in an electronic format , and ii) means to receive input from an operator ; output means for transmitting data from the computer system , and including a screen ; and a control program stored in the data processing unit , and including i) a series of prompts , and ii) a claim assembling program to present the prompts on the screen in a predefined order to prompt the operator to input the treatment related data , and to transmit the patient related data and the treatment related data to the claim assembly area to assemble an electronic claim form therein . US5930759A CLAIM 25 . A system for processing insurance claims for services received by patients , the system comprising : a portable personal data file including a set of data related to a patient including patient identification , third party payor identification , and entitlement and benefit information relation to the relationship between the patient and the payor and encoded in a machine readable format ; a local telecommunications unit including i) input means for receiving input (first authentication) data from an operator , ii) output means , iii) a memory unit , iv) a control program , and v) a series of prompts stored in the memory area for soliciting input data from the operator related to services received by the patient ; and a reader for reading the patient related data from the portable personal data file and transmitting said patient related data to the processing unit ; wherein the control program operates (i) to present the prompts on the output means in a human understandable format and in an order determined in accordance with a preset program , to solicit from the operator the treatment related data , and (ii) to assemble the patient related data received from the reader and the treatment related data received from the operator , in the memory area to form an electronic claim form therein . US5930759A CLAIM 27 . A system according to claim 26 , wherein the means to transmit the electronic claim form includes : a common carrier of electronic data (computing device, computer system) ; a modem connected to the local telecommunications unit and the common carriers for receiving the electronic claim form from the local processing unit and converting the electronic claim form into a format suitable for transmission over the common carrier . |
| US8869249B2 CLAIM 12 . The non-transitory computer-readable storage medium of claim 11 , further configured for : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user authentication information and the second user (dimensional bar code) authentication information are authenticated . |
US5930759A CLAIM 14 . A health care data card for completing health care claims to be filed electronically as claimed in claim 13 wherein said machine readable data file is encoded in a two dimensional bar code (second user) format . |
| US8869249B2 CLAIM 13 . The non-transitory computer-readable storage medium of claim 11 , wherein the second user (dimensional bar code) authentication information comprises an access code (control program) . |
US5930759A CLAIM 14 . A health care data card for completing health care claims to be filed electronically as claimed in claim 13 wherein said machine readable data file is encoded in a two dimensional bar code (second user) format . US5930759A CLAIM 19 . A system for assembling , filing and processing health care claims made by patients pursuant to coverage policies issued to the patients by claim payors for service provided to the patients at health care facilities , the network comprising : a multitude of participating patients , each of the patients having a respective one portable personal data file including a set of patient related data including patient identification , third party payor identification , and entitlement and benefit information relation to the relationship between the patient and the payor and encoded in a machine readable format ; a multitude of health care facilities , for providing health care services to the participating patients , each of the health care facilities having i) a telecommunications unit , and ii) a file reader to read the data on the personal data files and to transmit the patient related data to the telecommunications unit at the facility , wherein the telecommunications unit includes a control program (access code) having (1) a series of prompts , and (2) a claim assembling program to present the prompts in a human understandable format to solicit from an operator data related to services provided to the patients at the health care facility , and to assemble the patient related data from the personal data files and the service related data from the operator into electronic claim forms ; a plurality of claim payor companies having telecommunications units ; a central clearinghouse connected to the telecommunications units of the health care facilities and connected to the telecommunications units of the claim payor companies , the claims processing unit including means to receive the electronic claim forms from the health care facilities , to check the electronic claim forms and to transmit said claims to the payor companies for adjudication and payment . |
| US8869249B2 CLAIM 14 . The non-transitory computer-readable storage medium of claim 13 , wherein the access code (control program) is sent to the user via a different communication channel from which the first user authentication information is received . |
US5930759A CLAIM 19 . A system for assembling , filing and processing health care claims made by patients pursuant to coverage policies issued to the patients by claim payors for service provided to the patients at health care facilities , the network comprising : a multitude of participating patients , each of the patients having a respective one portable personal data file including a set of patient related data including patient identification , third party payor identification , and entitlement and benefit information relation to the relationship between the patient and the payor and encoded in a machine readable format ; a multitude of health care facilities , for providing health care services to the participating patients , each of the health care facilities having i) a telecommunications unit , and ii) a file reader to read the data on the personal data files and to transmit the patient related data to the telecommunications unit at the facility , wherein the telecommunications unit includes a control program (access code) having (1) a series of prompts , and (2) a claim assembling program to present the prompts in a human understandable format to solicit from an operator data related to services provided to the patients at the health care facility , and to assemble the patient related data from the personal data files and the service related data from the operator into electronic claim forms ; a plurality of claim payor companies having telecommunications units ; a central clearinghouse connected to the telecommunications units of the health care facilities and connected to the telecommunications units of the claim payor companies , the claims processing unit including means to receive the electronic claim forms from the health care facilities , to check the electronic claim forms and to transmit said claims to the payor companies for adjudication and payment . |
| US8869249B2 CLAIM 15 . A method comprising : receiving , for a user , first user authentication information for a first authentication (receiving input) method ; upon authenticating the first user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device after receiving , for the user , a second user (dimensional bar code) authentication information , wherein the front-end storage device is accessible to a user device for the user via a network and the back-end storage device is not directly connected to the network ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the second user authentication information , enabling , by a computing device (electronic data, computer system, readable data) , user access to the subset of data that has been moved to the front-end storage device via the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US5930759A CLAIM 1 . A system for filing health care claims electronically when health care services are provided to a patient by a service provider and paid or recorded by a third party payor upon the receipt of a health care claim , said system comprising : (a) a personal data card to be carried by the patient , said card bearing human readable indicia identifying the patient , and a machine readable data (computing device, computer system) file , said data file including a two dimensional pattern of marks wherein the encoded marks together include a plurality of information words , including patient identification , third party insurer identification , and entitlement and benefit information relation to the relationship between the patient and the third party payor ; (b) a reader for scanning the machine readable data file and decoding said two dimensional pattern of marks into a plurality of separated patient digital fields and insurer digital fields , each of said fields enabling one or more information words to be decoded therefrom ; (c) means for entering a plurality of service provider digital fields entered by said service provider , said service provider digital fields representing service provided to said patient , (d) a data processing means for receiving said separated patient digital fields and said insurer digital fields from said reader , and said plurality of service provider digital fields entered by said service provider , said data processing means assembling said fields to form a health care claim to be presented to said payor for payment thereof on behalf of the patient ; (e) data memory means for storing one or more health care insurance claims for services rendered to one or more patients by said service provider as digital claims ; (f) data communication means for transmitting one or more of the digital claims from said service provider to said payor or clearing house via a common carrier . US5930759A CLAIM 14 . A health care data card for completing health care claims to be filed electronically as claimed in claim 13 wherein said machine readable data file is encoded in a two dimensional bar code (second user) format . US5930759A CLAIM 21 . A computer system (computing device, computer system) for electronically assembling a health insurance claim , each of said claims including patient related data and treatment related data , the system comprising : a data processing unit ; a memory unit including a claim assembly area ; means connecting the clearinghouse unit and the memory unit together to transmit data therebetween ; input means for receiving data , and including i) means to receive patient related data including patient identification , third party payor identification , and entitlement and benefit information relation to the relationship between the patient and the payor in an electronic format , and ii) means to receive input from an operator ; output means for transmitting data from the computer system , and including a screen ; and a control program stored in the data processing unit , and including i) a series of prompts , and ii) a claim assembling program to present the prompts on the screen in a predefined order to prompt the operator to input the treatment related data , and to transmit the patient related data and the treatment related data to the claim assembly area to assemble an electronic claim form therein . US5930759A CLAIM 25 . A system for processing insurance claims for services received by patients , the system comprising : a portable personal data file including a set of data related to a patient including patient identification , third party payor identification , and entitlement and benefit information relation to the relationship between the patient and the payor and encoded in a machine readable format ; a local telecommunications unit including i) input means for receiving input (first authentication) data from an operator , ii) output means , iii) a memory unit , iv) a control program , and v) a series of prompts stored in the memory area for soliciting input data from the operator related to services received by the patient ; and a reader for reading the patient related data from the portable personal data file and transmitting said patient related data to the processing unit ; wherein the control program operates (i) to present the prompts on the output means in a human understandable format and in an order determined in accordance with a preset program , to solicit from the operator the treatment related data , and (ii) to assemble the patient related data received from the reader and the treatment related data received from the operator , in the memory area to form an electronic claim form therein . US5930759A CLAIM 27 . A system according to claim 26 , wherein the means to transmit the electronic claim form includes : a common carrier of electronic data (computing device, computer system) ; a modem connected to the local telecommunications unit and the common carriers for receiving the electronic claim form from the local processing unit and converting the electronic claim form into a format suitable for transmission over the common carrier . |
| US8869249B2 CLAIM 16 . The method of claim 15 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user authentication information and the second user (dimensional bar code) authentication information are authenticated . |
US5930759A CLAIM 14 . A health care data card for completing health care claims to be filed electronically as claimed in claim 13 wherein said machine readable data file is encoded in a two dimensional bar code (second user) format . |
| US8869249B2 CLAIM 18 . The method of claim 15 , wherein the second user (dimensional bar code) authentication information comprises an access code (control program) . |
US5930759A CLAIM 14 . A health care data card for completing health care claims to be filed electronically as claimed in claim 13 wherein said machine readable data file is encoded in a two dimensional bar code (second user) format . US5930759A CLAIM 19 . A system for assembling , filing and processing health care claims made by patients pursuant to coverage policies issued to the patients by claim payors for service provided to the patients at health care facilities , the network comprising : a multitude of participating patients , each of the patients having a respective one portable personal data file including a set of patient related data including patient identification , third party payor identification , and entitlement and benefit information relation to the relationship between the patient and the payor and encoded in a machine readable format ; a multitude of health care facilities , for providing health care services to the participating patients , each of the health care facilities having i) a telecommunications unit , and ii) a file reader to read the data on the personal data files and to transmit the patient related data to the telecommunications unit at the facility , wherein the telecommunications unit includes a control program (access code) having (1) a series of prompts , and (2) a claim assembling program to present the prompts in a human understandable format to solicit from an operator data related to services provided to the patients at the health care facility , and to assemble the patient related data from the personal data files and the service related data from the operator into electronic claim forms ; a plurality of claim payor companies having telecommunications units ; a central clearinghouse connected to the telecommunications units of the health care facilities and connected to the telecommunications units of the claim payor companies , the claims processing unit including means to receive the electronic claim forms from the health care facilities , to check the electronic claim forms and to transmit said claims to the payor companies for adjudication and payment . |
| US8869249B2 CLAIM 19 . The method of claim 18 , further comprising sending the access code (control program) to the user upon receiving the first user authentication information . |
US5930759A CLAIM 19 . A system for assembling , filing and processing health care claims made by patients pursuant to coverage policies issued to the patients by claim payors for service provided to the patients at health care facilities , the network comprising : a multitude of participating patients , each of the patients having a respective one portable personal data file including a set of patient related data including patient identification , third party payor identification , and entitlement and benefit information relation to the relationship between the patient and the payor and encoded in a machine readable format ; a multitude of health care facilities , for providing health care services to the participating patients , each of the health care facilities having i) a telecommunications unit , and ii) a file reader to read the data on the personal data files and to transmit the patient related data to the telecommunications unit at the facility , wherein the telecommunications unit includes a control program (access code) having (1) a series of prompts , and (2) a claim assembling program to present the prompts in a human understandable format to solicit from an operator data related to services provided to the patients at the health care facility , and to assemble the patient related data from the personal data files and the service related data from the operator into electronic claim forms ; a plurality of claim payor companies having telecommunications units ; a central clearinghouse connected to the telecommunications units of the health care facilities and connected to the telecommunications units of the claim payor companies , the claims processing unit including means to receive the electronic claim forms from the health care facilities , to check the electronic claim forms and to transmit said claims to the payor companies for adjudication and payment . |
| US8869249B2 CLAIM 20 . The method of claim 19 , wherein the access code (control program) is sent to the user via a different communication channel from which the first user authentication information is received . |
US5930759A CLAIM 19 . A system for assembling , filing and processing health care claims made by patients pursuant to coverage policies issued to the patients by claim payors for service provided to the patients at health care facilities , the network comprising : a multitude of participating patients , each of the patients having a respective one portable personal data file including a set of patient related data including patient identification , third party payor identification , and entitlement and benefit information relation to the relationship between the patient and the payor and encoded in a machine readable format ; a multitude of health care facilities , for providing health care services to the participating patients , each of the health care facilities having i) a telecommunications unit , and ii) a file reader to read the data on the personal data files and to transmit the patient related data to the telecommunications unit at the facility , wherein the telecommunications unit includes a control program (access code) having (1) a series of prompts , and (2) a claim assembling program to present the prompts in a human understandable format to solicit from an operator data related to services provided to the patients at the health care facility , and to assemble the patient related data from the personal data files and the service related data from the operator into electronic claim forms ; a plurality of claim payor companies having telecommunications units ; a central clearinghouse connected to the telecommunications units of the health care facilities and connected to the telecommunications units of the claim payor companies , the claims processing unit including means to receive the electronic claim forms from the health care facilities , to check the electronic claim forms and to transmit said claims to the payor companies for adjudication and payment . |
| US8869249B2 Filed: 2002-01-18 Issued: 2014-10-21 Protecting information on a computer system using multiple authentication methods (Original Assignee) PeopleChart Corp (Current Assignee) PeopleChart Corp R. David Holvey, Arthur Douglas Jopling | US5845073A Filed: 1996-04-18 Issued: 1998-12-01 Interactive system for remoting creating, editing and administrating an online communcation system for a plurality of online service providers (Original Assignee) Telescan Inc (Current Assignee) TD Ameritrade IP Co Inc Richard K. Carlin, II Joseph F. Frantz |
|---|---|
| US8869249B2 CLAIM 9 . The method of claim 8 , wherein the access code is sent to the user via a communication path (second list) that has been previously established . |
US5845073A CLAIM 15 . A multi-provider on-line system comprising : a host computer system for providing a plurality of on-line feature , said host computer system including a list of global features which can be included in a service map of any service provider and including a first list of private features owned by a service provider which may be included only in the service map of the owning provider and a second list (communication path) of private features owned by a service provider which are published by the owning provider , and which are made accessible to other service providers ; a plurality of subscriber terminals , a communications link between the host computer and said subscriber terminals ; a processor in said host system for orchestrating the transfer of data between the host computer system and the subscriber terminals ; an ID look-up table and subscriber control software for associating a subscriber terminal with a provider-defined service map defining a predetermined set of said on-line features ; provider specific menu data maintained in said host computer system for providing on-line features to the subscriber terminal based upon subscriber selections from the associated service map ; and system features and menu creation software for allowing providers to define unique service maps . |
| US8869249B2 CLAIM 11 . A non-transitory computer-readable storage medium containing instructions for controlling a computer system (stored data) to be configured for : receiving , for a user , first user authentication information for a first authentication method ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing system , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US5845073A CLAIM 7 . A method of providing an on-line service on a host computer between a plurality of service-providers and a plurality of subscribers comprising ; generating service maps for individual service providers , each service map capable of being edited or updated by said individual service-providers , and wherein each of said service maps defines a set of features accessible to an associated subscriber group ; transferring data from a first service provider to the host for storage by the host , and wherein the stored data (computer system) is made available to subscribers associated with said first service provider ; establishing a communications link between a host computer and a subscriber terminal ; associating the subscriber terminal with a service map of a particular service provider , and allowing the subscriber to access the set of features defined by the service provider in its associated service map . |
| US8869249B2 Filed: 2002-01-18 Issued: 2014-10-21 Protecting information on a computer system using multiple authentication methods (Original Assignee) PeopleChart Corp (Current Assignee) PeopleChart Corp R. David Holvey, Arthur Douglas Jopling | US5815665A Filed: 1996-04-03 Issued: 1998-09-29 System and method for providing trusted brokering services over a distributed network (Original Assignee) Microsoft Corp (Current Assignee) Microsoft Technology Licensing LLC Jeffrey A. Teper, Sudheer Koneru, Gordon Mangione, Rudolph Balaz, Aaron M. Contorer, Lucy Chao |
|---|---|
| US8869249B2 CLAIM 1 . A method comprising : receiving , for a user , first user (service provider) authentication information for a first authentication method ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving , by a computing device , a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US5815665A CLAIM 29 . A system for allowing users to securely access online service provider (first user) s over an untrusted distributed network , comprising : a plurality of Service Provider (SP) sites connected to the distributed network , each SP site running at least one service application to provide an online service to users over the distributed network ; a plurality of user computers connected to the distributed network , each user computer running at least one client application for accessing online services of the SP sites ; an online broker site connected to the plurality of SP sites , the online broker site running at least one brokering application to provide an online brokering service , the online broker site including a user database containing user-specific authentication information of users that have registered to use the online brokering service , the registered users accessing the SP sites from the users computers over the distributed network ; a database which stores user-specific customization data , the customization data specifying preferences of the registered users with respect to the online services of the SP sites , the customization data provided to the SP sites by the online brokering service to enable the SP sites to customize the online services to the preferences of individual registered users ; and an authentication protocol for allowing the online brokering service to authenticate registered users in response to user-specific authentication requests from the SP sites , the authentication requests responsive to requests from the user computers to access the online services of the SP sites , the authentication protocol implemented by software components of the user computers , the SP sites , and the online broker site . |
| US8869249B2 CLAIM 4 . The method of claim 1 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user (service provider) authentication information and the second user authentication information are authenticated . |
US5815665A CLAIM 29 . A system for allowing users to securely access online service provider (first user) s over an untrusted distributed network , comprising : a plurality of Service Provider (SP) sites connected to the distributed network , each SP site running at least one service application to provide an online service to users over the distributed network ; a plurality of user computers connected to the distributed network , each user computer running at least one client application for accessing online services of the SP sites ; an online broker site connected to the plurality of SP sites , the online broker site running at least one brokering application to provide an online brokering service , the online broker site including a user database containing user-specific authentication information of users that have registered to use the online brokering service , the registered users accessing the SP sites from the users computers over the distributed network ; a database which stores user-specific customization data , the customization data specifying preferences of the registered users with respect to the online services of the SP sites , the customization data provided to the SP sites by the online brokering service to enable the SP sites to customize the online services to the preferences of individual registered users ; and an authentication protocol for allowing the online brokering service to authenticate registered users in response to user-specific authentication requests from the SP sites , the authentication requests responsive to requests from the user computers to access the online services of the SP sites , the authentication protocol implemented by software components of the user computers , the SP sites , and the online broker site . |
| US8869249B2 CLAIM 8 . The method of claim 7 , further comprising sending the access code to the user upon receiving the first user (service provider) authentication information . |
US5815665A CLAIM 29 . A system for allowing users to securely access online service provider (first user) s over an untrusted distributed network , comprising : a plurality of Service Provider (SP) sites connected to the distributed network , each SP site running at least one service application to provide an online service to users over the distributed network ; a plurality of user computers connected to the distributed network , each user computer running at least one client application for accessing online services of the SP sites ; an online broker site connected to the plurality of SP sites , the online broker site running at least one brokering application to provide an online brokering service , the online broker site including a user database containing user-specific authentication information of users that have registered to use the online brokering service , the registered users accessing the SP sites from the users computers over the distributed network ; a database which stores user-specific customization data , the customization data specifying preferences of the registered users with respect to the online services of the SP sites , the customization data provided to the SP sites by the online brokering service to enable the SP sites to customize the online services to the preferences of individual registered users ; and an authentication protocol for allowing the online brokering service to authenticate registered users in response to user-specific authentication requests from the SP sites , the authentication requests responsive to requests from the user computers to access the online services of the SP sites , the authentication protocol implemented by software components of the user computers , the SP sites , and the online broker site . |
| US8869249B2 CLAIM 10 . The method of claim 8 , wherein the access code is sent to the user via a different communication channel from which the first user (service provider) authentication information is received . |
US5815665A CLAIM 29 . A system for allowing users to securely access online service provider (first user) s over an untrusted distributed network , comprising : a plurality of Service Provider (SP) sites connected to the distributed network , each SP site running at least one service application to provide an online service to users over the distributed network ; a plurality of user computers connected to the distributed network , each user computer running at least one client application for accessing online services of the SP sites ; an online broker site connected to the plurality of SP sites , the online broker site running at least one brokering application to provide an online brokering service , the online broker site including a user database containing user-specific authentication information of users that have registered to use the online brokering service , the registered users accessing the SP sites from the users computers over the distributed network ; a database which stores user-specific customization data , the customization data specifying preferences of the registered users with respect to the online services of the SP sites , the customization data provided to the SP sites by the online brokering service to enable the SP sites to customize the online services to the preferences of individual registered users ; and an authentication protocol for allowing the online brokering service to authenticate registered users in response to user-specific authentication requests from the SP sites , the authentication requests responsive to requests from the user computers to access the online services of the SP sites , the authentication protocol implemented by software components of the user computers , the SP sites , and the online broker site . |
| US8869249B2 CLAIM 11 . A non-transitory computer-readable storage medium containing instructions for controlling a computer system to be configured for : receiving , for a user , first user (service provider) authentication information for a first authentication method ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing system , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US5815665A CLAIM 29 . A system for allowing users to securely access online service provider (first user) s over an untrusted distributed network , comprising : a plurality of Service Provider (SP) sites connected to the distributed network , each SP site running at least one service application to provide an online service to users over the distributed network ; a plurality of user computers connected to the distributed network , each user computer running at least one client application for accessing online services of the SP sites ; an online broker site connected to the plurality of SP sites , the online broker site running at least one brokering application to provide an online brokering service , the online broker site including a user database containing user-specific authentication information of users that have registered to use the online brokering service , the registered users accessing the SP sites from the users computers over the distributed network ; a database which stores user-specific customization data , the customization data specifying preferences of the registered users with respect to the online services of the SP sites , the customization data provided to the SP sites by the online brokering service to enable the SP sites to customize the online services to the preferences of individual registered users ; and an authentication protocol for allowing the online brokering service to authenticate registered users in response to user-specific authentication requests from the SP sites , the authentication requests responsive to requests from the user computers to access the online services of the SP sites , the authentication protocol implemented by software components of the user computers , the SP sites , and the online broker site . |
| US8869249B2 CLAIM 12 . The non-transitory computer-readable storage medium of claim 11 , further configured for : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user (service provider) authentication information and the second user authentication information are authenticated . |
US5815665A CLAIM 29 . A system for allowing users to securely access online service provider (first user) s over an untrusted distributed network , comprising : a plurality of Service Provider (SP) sites connected to the distributed network , each SP site running at least one service application to provide an online service to users over the distributed network ; a plurality of user computers connected to the distributed network , each user computer running at least one client application for accessing online services of the SP sites ; an online broker site connected to the plurality of SP sites , the online broker site running at least one brokering application to provide an online brokering service , the online broker site including a user database containing user-specific authentication information of users that have registered to use the online brokering service , the registered users accessing the SP sites from the users computers over the distributed network ; a database which stores user-specific customization data , the customization data specifying preferences of the registered users with respect to the online services of the SP sites , the customization data provided to the SP sites by the online brokering service to enable the SP sites to customize the online services to the preferences of individual registered users ; and an authentication protocol for allowing the online brokering service to authenticate registered users in response to user-specific authentication requests from the SP sites , the authentication requests responsive to requests from the user computers to access the online services of the SP sites , the authentication protocol implemented by software components of the user computers , the SP sites , and the online broker site . |
| US8869249B2 CLAIM 14 . The non-transitory computer-readable storage medium of claim 13 , wherein the access code is sent to the user via a different communication channel from which the first user (service provider) authentication information is received . |
US5815665A CLAIM 29 . A system for allowing users to securely access online service provider (first user) s over an untrusted distributed network , comprising : a plurality of Service Provider (SP) sites connected to the distributed network , each SP site running at least one service application to provide an online service to users over the distributed network ; a plurality of user computers connected to the distributed network , each user computer running at least one client application for accessing online services of the SP sites ; an online broker site connected to the plurality of SP sites , the online broker site running at least one brokering application to provide an online brokering service , the online broker site including a user database containing user-specific authentication information of users that have registered to use the online brokering service , the registered users accessing the SP sites from the users computers over the distributed network ; a database which stores user-specific customization data , the customization data specifying preferences of the registered users with respect to the online services of the SP sites , the customization data provided to the SP sites by the online brokering service to enable the SP sites to customize the online services to the preferences of individual registered users ; and an authentication protocol for allowing the online brokering service to authenticate registered users in response to user-specific authentication requests from the SP sites , the authentication requests responsive to requests from the user computers to access the online services of the SP sites , the authentication protocol implemented by software components of the user computers , the SP sites , and the online broker site . |
| US8869249B2 CLAIM 15 . A method comprising : receiving , for a user , first user (service provider) authentication information for a first authentication method ; upon authenticating the first user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device after receiving , for the user , a second user authentication information , wherein the front-end storage device is accessible to a user device for the user via a network and the back-end storage device is not directly connected to the network ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the second user authentication information , enabling , by a computing device , user access (user access) to the subset of data that has been moved to the front-end storage device via the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US5815665A CLAIM 28 . A method as in claim 15 , wherein the online service comprises user access (user access) to an online version of a printed publication . US5815665A CLAIM 29 . A system for allowing users to securely access online service provider (first user) s over an untrusted distributed network , comprising : a plurality of Service Provider (SP) sites connected to the distributed network , each SP site running at least one service application to provide an online service to users over the distributed network ; a plurality of user computers connected to the distributed network , each user computer running at least one client application for accessing online services of the SP sites ; an online broker site connected to the plurality of SP sites , the online broker site running at least one brokering application to provide an online brokering service , the online broker site including a user database containing user-specific authentication information of users that have registered to use the online brokering service , the registered users accessing the SP sites from the users computers over the distributed network ; a database which stores user-specific customization data , the customization data specifying preferences of the registered users with respect to the online services of the SP sites , the customization data provided to the SP sites by the online brokering service to enable the SP sites to customize the online services to the preferences of individual registered users ; and an authentication protocol for allowing the online brokering service to authenticate registered users in response to user-specific authentication requests from the SP sites , the authentication requests responsive to requests from the user computers to access the online services of the SP sites , the authentication protocol implemented by software components of the user computers , the SP sites , and the online broker site . |
| US8869249B2 CLAIM 16 . The method of claim 15 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user (service provider) authentication information and the second user authentication information are authenticated . |
US5815665A CLAIM 29 . A system for allowing users to securely access online service provider (first user) s over an untrusted distributed network , comprising : a plurality of Service Provider (SP) sites connected to the distributed network , each SP site running at least one service application to provide an online service to users over the distributed network ; a plurality of user computers connected to the distributed network , each user computer running at least one client application for accessing online services of the SP sites ; an online broker site connected to the plurality of SP sites , the online broker site running at least one brokering application to provide an online brokering service , the online broker site including a user database containing user-specific authentication information of users that have registered to use the online brokering service , the registered users accessing the SP sites from the users computers over the distributed network ; a database which stores user-specific customization data , the customization data specifying preferences of the registered users with respect to the online services of the SP sites , the customization data provided to the SP sites by the online brokering service to enable the SP sites to customize the online services to the preferences of individual registered users ; and an authentication protocol for allowing the online brokering service to authenticate registered users in response to user-specific authentication requests from the SP sites , the authentication requests responsive to requests from the user computers to access the online services of the SP sites , the authentication protocol implemented by software components of the user computers , the SP sites , and the online broker site . |
| US8869249B2 CLAIM 19 . The method of claim 18 , further comprising sending the access code to the user upon receiving the first user (service provider) authentication information . |
US5815665A CLAIM 29 . A system for allowing users to securely access online service provider (first user) s over an untrusted distributed network , comprising : a plurality of Service Provider (SP) sites connected to the distributed network , each SP site running at least one service application to provide an online service to users over the distributed network ; a plurality of user computers connected to the distributed network , each user computer running at least one client application for accessing online services of the SP sites ; an online broker site connected to the plurality of SP sites , the online broker site running at least one brokering application to provide an online brokering service , the online broker site including a user database containing user-specific authentication information of users that have registered to use the online brokering service , the registered users accessing the SP sites from the users computers over the distributed network ; a database which stores user-specific customization data , the customization data specifying preferences of the registered users with respect to the online services of the SP sites , the customization data provided to the SP sites by the online brokering service to enable the SP sites to customize the online services to the preferences of individual registered users ; and an authentication protocol for allowing the online brokering service to authenticate registered users in response to user-specific authentication requests from the SP sites , the authentication requests responsive to requests from the user computers to access the online services of the SP sites , the authentication protocol implemented by software components of the user computers , the SP sites , and the online broker site . |
| US8869249B2 CLAIM 20 . The method of claim 19 , wherein the access code is sent to the user via a different communication channel from which the first user (service provider) authentication information is received . |
US5815665A CLAIM 29 . A system for allowing users to securely access online service provider (first user) s over an untrusted distributed network , comprising : a plurality of Service Provider (SP) sites connected to the distributed network , each SP site running at least one service application to provide an online service to users over the distributed network ; a plurality of user computers connected to the distributed network , each user computer running at least one client application for accessing online services of the SP sites ; an online broker site connected to the plurality of SP sites , the online broker site running at least one brokering application to provide an online brokering service , the online broker site including a user database containing user-specific authentication information of users that have registered to use the online brokering service , the registered users accessing the SP sites from the users computers over the distributed network ; a database which stores user-specific customization data , the customization data specifying preferences of the registered users with respect to the online services of the SP sites , the customization data provided to the SP sites by the online brokering service to enable the SP sites to customize the online services to the preferences of individual registered users ; and an authentication protocol for allowing the online brokering service to authenticate registered users in response to user-specific authentication requests from the SP sites , the authentication requests responsive to requests from the user computers to access the online services of the SP sites , the authentication protocol implemented by software components of the user computers , the SP sites , and the online broker site . |
| US8869249B2 Filed: 2002-01-18 Issued: 2014-10-21 Protecting information on a computer system using multiple authentication methods (Original Assignee) PeopleChart Corp (Current Assignee) PeopleChart Corp R. David Holvey, Arthur Douglas Jopling | US5838910A Filed: 1996-03-14 Issued: 1998-11-17 Systems and methods for executing application programs from a memory device linked to a server at an internet site (Original Assignee) EPICON Inc (Current Assignee) EPICON Inc ; RPX Clearinghouse LLC ; Nortel Networks Applications Management Solutions Inc Steven D. Domenikos, George C. Domenikos |
|---|---|
| US8869249B2 CLAIM 7 . The method of claim 1 , wherein the second user authentication information comprises an access code (control program) . |
US5838910A CLAIM 20 . A process according to claim 19 , including the further step of providing said server with a file access control program (access code) for determining , as a function of said client privilege signal , a set of file systems of computer files available to be mounted by said client . |
| US8869249B2 CLAIM 8 . The method of claim 7 , further comprising sending the access code (control program) to the user upon receiving the first user authentication information . |
US5838910A CLAIM 20 . A process according to claim 19 , including the further step of providing said server with a file access control program (access code) for determining , as a function of said client privilege signal , a set of file systems of computer files available to be mounted by said client . |
| US8869249B2 CLAIM 9 . The method of claim 8 , wherein the access code (control program) is sent to the user via a communication path that has been previously established . |
US5838910A CLAIM 20 . A process according to claim 19 , including the further step of providing said server with a file access control program (access code) for determining , as a function of said client privilege signal , a set of file systems of computer files available to be mounted by said client . |
| US8869249B2 CLAIM 10 . The method of claim 8 , wherein the access code (control program) is sent to the user via a different communication channel from which the first user authentication information is received . |
US5838910A CLAIM 20 . A process according to claim 19 , including the further step of providing said server with a file access control program (access code) for determining , as a function of said client privilege signal , a set of file systems of computer files available to be mounted by said client . |
| US8869249B2 CLAIM 13 . The non-transitory computer-readable storage medium of claim 11 , wherein the second user authentication information comprises an access code (control program) . |
US5838910A CLAIM 20 . A process according to claim 19 , including the further step of providing said server with a file access control program (access code) for determining , as a function of said client privilege signal , a set of file systems of computer files available to be mounted by said client . |
| US8869249B2 CLAIM 14 . The non-transitory computer-readable storage medium of claim 13 , wherein the access code (control program) is sent to the user via a different communication channel from which the first user authentication information is received . |
US5838910A CLAIM 20 . A process according to claim 19 , including the further step of providing said server with a file access control program (access code) for determining , as a function of said client privilege signal , a set of file systems of computer files available to be mounted by said client . |
| US8869249B2 CLAIM 18 . The method of claim 15 , wherein the second user authentication information comprises an access code (control program) . |
US5838910A CLAIM 20 . A process according to claim 19 , including the further step of providing said server with a file access control program (access code) for determining , as a function of said client privilege signal , a set of file systems of computer files available to be mounted by said client . |
| US8869249B2 CLAIM 19 . The method of claim 18 , further comprising sending the access code (control program) to the user upon receiving the first user authentication information . |
US5838910A CLAIM 20 . A process according to claim 19 , including the further step of providing said server with a file access control program (access code) for determining , as a function of said client privilege signal , a set of file systems of computer files available to be mounted by said client . |
| US8869249B2 CLAIM 20 . The method of claim 19 , wherein the access code (control program) is sent to the user via a different communication channel from which the first user authentication information is received . |
US5838910A CLAIM 20 . A process according to claim 19 , including the further step of providing said server with a file access control program (access code) for determining , as a function of said client privilege signal , a set of file systems of computer files available to be mounted by said client . |
| US8869249B2 Filed: 2002-01-18 Issued: 2014-10-21 Protecting information on a computer system using multiple authentication methods (Original Assignee) PeopleChart Corp (Current Assignee) PeopleChart Corp R. David Holvey, Arthur Douglas Jopling | US6006333A Filed: 1996-03-13 Issued: 1999-12-21 Password helper using a client-side master password which automatically presents the appropriate server-side password to a particular remote server (Original Assignee) Sun Microsystems Inc (Current Assignee) Oracle America Inc Jakob Nielsen |
|---|---|
| US8869249B2 CLAIM 1 . A method comprising : receiving , for a user , first user authentication information for a first authentication method ; receiving , for the user , second user (said database) authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving , by a computing device , a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device (said database) for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US6006333A CLAIM 2 . The method of claim 1 wherein said storing further comprises storing said user ID in said database (second user, user device, user device access, user access) along with said network address and said password in encrypted form . |
| US8869249B2 CLAIM 3 . The method of claim 1 , wherein the period of time starts upon authenticating the second user (said database) authentication information as long as the second user authentication information is authenticated within a prescheduled period of time . |
US6006333A CLAIM 2 . The method of claim 1 wherein said storing further comprises storing said user ID in said database (second user, user device, user device access, user access) along with said network address and said password in encrypted form . |
| US8869249B2 CLAIM 4 . The method of claim 1 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user authentication information and the second user (said database) authentication information are authenticated . |
US6006333A CLAIM 2 . The method of claim 1 wherein said storing further comprises storing said user ID in said database (second user, user device, user device access, user access) along with said network address and said password in encrypted form . |
| US8869249B2 CLAIM 7 . The method of claim 1 , wherein the second user (said database) authentication information comprises an access code . |
US6006333A CLAIM 2 . The method of claim 1 wherein said storing further comprises storing said user ID in said database (second user, user device, user device access, user access) along with said network address and said password in encrypted form . |
| US8869249B2 CLAIM 11 . A non-transitory computer-readable storage medium containing instructions for controlling a computer system to be configured for : receiving , for a user , first user authentication information for a first authentication method ; receiving , for the user , second user (said database) authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device (said database) for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing system , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US6006333A CLAIM 2 . The method of claim 1 wherein said storing further comprises storing said user ID in said database (second user, user device, user device access, user access) along with said network address and said password in encrypted form . |
| US8869249B2 CLAIM 12 . The non-transitory computer-readable storage medium of claim 11 , further configured for : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user authentication information and the second user (said database) authentication information are authenticated . |
US6006333A CLAIM 2 . The method of claim 1 wherein said storing further comprises storing said user ID in said database (second user, user device, user device access, user access) along with said network address and said password in encrypted form . |
| US8869249B2 CLAIM 13 . The non-transitory computer-readable storage medium of claim 11 , wherein the second user (said database) authentication information comprises an access code . |
US6006333A CLAIM 2 . The method of claim 1 wherein said storing further comprises storing said user ID in said database (second user, user device, user device access, user access) along with said network address and said password in encrypted form . |
| US8869249B2 CLAIM 15 . A method comprising : receiving , for a user , first user authentication information for a first authentication method ; upon authenticating the first user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device after receiving , for the user , a second user (said database) authentication information , wherein the front-end storage device is accessible to a user device (said database) for the user via a network and the back-end storage device is not directly connected to the network ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the second user authentication information , enabling , by a computing device , user access (said database) to the subset of data that has been moved to the front-end storage device via the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US6006333A CLAIM 2 . The method of claim 1 wherein said storing further comprises storing said user ID in said database (second user, user device, user device access, user access) along with said network address and said password in encrypted form . |
| US8869249B2 CLAIM 16 . The method of claim 15 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user authentication information and the second user (said database) authentication information are authenticated . |
US6006333A CLAIM 2 . The method of claim 1 wherein said storing further comprises storing said user ID in said database (second user, user device, user device access, user access) along with said network address and said password in encrypted form . |
| US8869249B2 CLAIM 18 . The method of claim 15 , wherein the second user (said database) authentication information comprises an access code . |
US6006333A CLAIM 2 . The method of claim 1 wherein said storing further comprises storing said user ID in said database (second user, user device, user device access, user access) along with said network address and said password in encrypted form . |
| US8869249B2 Filed: 2002-01-18 Issued: 2014-10-21 Protecting information on a computer system using multiple authentication methods (Original Assignee) PeopleChart Corp (Current Assignee) PeopleChart Corp R. David Holvey, Arthur Douglas Jopling | US5878219A Filed: 1996-03-12 Issued: 1999-03-02 System for integrating access to proprietary and internet resources (Original Assignee) America Online Inc (Current Assignee) Facebook Inc Robert B. Vance, Jr., John C. Pampuch, Bruce A. MacNaughton |
|---|---|
| US8869249B2 CLAIM 1 . A method comprising : receiving , for a user , first user authentication information for a first authentication method ; receiving , for the user , second user (said server) authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving , by a computing device , a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US5878219A CLAIM 1 . A computer information system , comprising : information resources accessible in accordance with a first protocol ; information resources accessible in accordance with a uniform addressing scheme ; extensions to said uniform addressing scheme , said extensions mapped to said first protocol : a first address in accordance with said uniform addressing scheme : a second address in accordance with said extensions to said uniform addressing scheme ; servers capable of storing said information resources accessible in accordance with said first protocol and said information resources accessible in accordance with said uniform addressing scheme ; and a client application for communicating said first address and said second address to said server (second user) s to access said information resources accessible in accordance with said first protocol and said information resources accessible in accordance with said uniform addressing scheme , said client application capable of displaying content pages for said information resources accessible in accordance with said first protocol and said information resources accessible in accordance with said uniform addressing scheme . |
| US8869249B2 CLAIM 3 . The method of claim 1 , wherein the period of time starts upon authenticating the second user (said server) authentication information as long as the second user authentication information is authenticated within a prescheduled period of time . |
US5878219A CLAIM 1 . A computer information system , comprising : information resources accessible in accordance with a first protocol ; information resources accessible in accordance with a uniform addressing scheme ; extensions to said uniform addressing scheme , said extensions mapped to said first protocol : a first address in accordance with said uniform addressing scheme : a second address in accordance with said extensions to said uniform addressing scheme ; servers capable of storing said information resources accessible in accordance with said first protocol and said information resources accessible in accordance with said uniform addressing scheme ; and a client application for communicating said first address and said second address to said server (second user) s to access said information resources accessible in accordance with said first protocol and said information resources accessible in accordance with said uniform addressing scheme , said client application capable of displaying content pages for said information resources accessible in accordance with said first protocol and said information resources accessible in accordance with said uniform addressing scheme . |
| US8869249B2 CLAIM 4 . The method of claim 1 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user authentication information and the second user (said server) authentication information are authenticated . |
US5878219A CLAIM 1 . A computer information system , comprising : information resources accessible in accordance with a first protocol ; information resources accessible in accordance with a uniform addressing scheme ; extensions to said uniform addressing scheme , said extensions mapped to said first protocol : a first address in accordance with said uniform addressing scheme : a second address in accordance with said extensions to said uniform addressing scheme ; servers capable of storing said information resources accessible in accordance with said first protocol and said information resources accessible in accordance with said uniform addressing scheme ; and a client application for communicating said first address and said second address to said server (second user) s to access said information resources accessible in accordance with said first protocol and said information resources accessible in accordance with said uniform addressing scheme , said client application capable of displaying content pages for said information resources accessible in accordance with said first protocol and said information resources accessible in accordance with said uniform addressing scheme . |
| US8869249B2 CLAIM 5 . The method of claim 1 , wherein : the network comprises an external network (based product) , and the back-end server is only accessible via the front-end server from an internal network . |
US5878219A CLAIM 4 . The system of claim 1 , wherein said client application is a Web-based product (external network) . |
| US8869249B2 CLAIM 6 . The method of claim 5 , wherein : the external network (based product) includes the Internet , and the internal network is not directly accessible from any access point connected to the external network . |
US5878219A CLAIM 4 . The system of claim 1 , wherein said client application is a Web-based product (external network) . |
| US8869249B2 CLAIM 7 . The method of claim 1 , wherein the second user (said server) authentication information comprises an access code . |
US5878219A CLAIM 1 . A computer information system , comprising : information resources accessible in accordance with a first protocol ; information resources accessible in accordance with a uniform addressing scheme ; extensions to said uniform addressing scheme , said extensions mapped to said first protocol : a first address in accordance with said uniform addressing scheme : a second address in accordance with said extensions to said uniform addressing scheme ; servers capable of storing said information resources accessible in accordance with said first protocol and said information resources accessible in accordance with said uniform addressing scheme ; and a client application for communicating said first address and said second address to said server (second user) s to access said information resources accessible in accordance with said first protocol and said information resources accessible in accordance with said uniform addressing scheme , said client application capable of displaying content pages for said information resources accessible in accordance with said first protocol and said information resources accessible in accordance with said uniform addressing scheme . |
| US8869249B2 CLAIM 11 . A non-transitory computer-readable storage medium containing instructions for controlling a computer system to be configured for : receiving , for a user , first user authentication information for a first authentication method ; receiving , for the user , second user (said server) authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing system , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US5878219A CLAIM 1 . A computer information system , comprising : information resources accessible in accordance with a first protocol ; information resources accessible in accordance with a uniform addressing scheme ; extensions to said uniform addressing scheme , said extensions mapped to said first protocol : a first address in accordance with said uniform addressing scheme : a second address in accordance with said extensions to said uniform addressing scheme ; servers capable of storing said information resources accessible in accordance with said first protocol and said information resources accessible in accordance with said uniform addressing scheme ; and a client application for communicating said first address and said second address to said server (second user) s to access said information resources accessible in accordance with said first protocol and said information resources accessible in accordance with said uniform addressing scheme , said client application capable of displaying content pages for said information resources accessible in accordance with said first protocol and said information resources accessible in accordance with said uniform addressing scheme . |
| US8869249B2 CLAIM 12 . The non-transitory computer-readable storage medium of claim 11 , further configured for : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user authentication information and the second user (said server) authentication information are authenticated . |
US5878219A CLAIM 1 . A computer information system , comprising : information resources accessible in accordance with a first protocol ; information resources accessible in accordance with a uniform addressing scheme ; extensions to said uniform addressing scheme , said extensions mapped to said first protocol : a first address in accordance with said uniform addressing scheme : a second address in accordance with said extensions to said uniform addressing scheme ; servers capable of storing said information resources accessible in accordance with said first protocol and said information resources accessible in accordance with said uniform addressing scheme ; and a client application for communicating said first address and said second address to said server (second user) s to access said information resources accessible in accordance with said first protocol and said information resources accessible in accordance with said uniform addressing scheme , said client application capable of displaying content pages for said information resources accessible in accordance with said first protocol and said information resources accessible in accordance with said uniform addressing scheme . |
| US8869249B2 CLAIM 13 . The non-transitory computer-readable storage medium of claim 11 , wherein the second user (said server) authentication information comprises an access code . |
US5878219A CLAIM 1 . A computer information system , comprising : information resources accessible in accordance with a first protocol ; information resources accessible in accordance with a uniform addressing scheme ; extensions to said uniform addressing scheme , said extensions mapped to said first protocol : a first address in accordance with said uniform addressing scheme : a second address in accordance with said extensions to said uniform addressing scheme ; servers capable of storing said information resources accessible in accordance with said first protocol and said information resources accessible in accordance with said uniform addressing scheme ; and a client application for communicating said first address and said second address to said server (second user) s to access said information resources accessible in accordance with said first protocol and said information resources accessible in accordance with said uniform addressing scheme , said client application capable of displaying content pages for said information resources accessible in accordance with said first protocol and said information resources accessible in accordance with said uniform addressing scheme . |
| US8869249B2 CLAIM 15 . A method comprising : receiving , for a user , first user authentication information for a first authentication method ; upon authenticating the first user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device after receiving , for the user , a second user (said server) authentication information , wherein the front-end storage device is accessible to a user device for the user via a network and the back-end storage device is not directly connected to the network ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the second user authentication information , enabling , by a computing device , user access to the subset of data that has been moved to the front-end storage device via the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US5878219A CLAIM 1 . A computer information system , comprising : information resources accessible in accordance with a first protocol ; information resources accessible in accordance with a uniform addressing scheme ; extensions to said uniform addressing scheme , said extensions mapped to said first protocol : a first address in accordance with said uniform addressing scheme : a second address in accordance with said extensions to said uniform addressing scheme ; servers capable of storing said information resources accessible in accordance with said first protocol and said information resources accessible in accordance with said uniform addressing scheme ; and a client application for communicating said first address and said second address to said server (second user) s to access said information resources accessible in accordance with said first protocol and said information resources accessible in accordance with said uniform addressing scheme , said client application capable of displaying content pages for said information resources accessible in accordance with said first protocol and said information resources accessible in accordance with said uniform addressing scheme . |
| US8869249B2 CLAIM 16 . The method of claim 15 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user authentication information and the second user (said server) authentication information are authenticated . |
US5878219A CLAIM 1 . A computer information system , comprising : information resources accessible in accordance with a first protocol ; information resources accessible in accordance with a uniform addressing scheme ; extensions to said uniform addressing scheme , said extensions mapped to said first protocol : a first address in accordance with said uniform addressing scheme : a second address in accordance with said extensions to said uniform addressing scheme ; servers capable of storing said information resources accessible in accordance with said first protocol and said information resources accessible in accordance with said uniform addressing scheme ; and a client application for communicating said first address and said second address to said server (second user) s to access said information resources accessible in accordance with said first protocol and said information resources accessible in accordance with said uniform addressing scheme , said client application capable of displaying content pages for said information resources accessible in accordance with said first protocol and said information resources accessible in accordance with said uniform addressing scheme . |
| US8869249B2 CLAIM 17 . The method of claim 15 , wherein : the network comprises an external network (based product) , and the back-end server is only accessible via the front-end server from an internal network . |
US5878219A CLAIM 4 . The system of claim 1 , wherein said client application is a Web-based product (external network) . |
| US8869249B2 CLAIM 18 . The method of claim 15 , wherein the second user (said server) authentication information comprises an access code . |
US5878219A CLAIM 1 . A computer information system , comprising : information resources accessible in accordance with a first protocol ; information resources accessible in accordance with a uniform addressing scheme ; extensions to said uniform addressing scheme , said extensions mapped to said first protocol : a first address in accordance with said uniform addressing scheme : a second address in accordance with said extensions to said uniform addressing scheme ; servers capable of storing said information resources accessible in accordance with said first protocol and said information resources accessible in accordance with said uniform addressing scheme ; and a client application for communicating said first address and said second address to said server (second user) s to access said information resources accessible in accordance with said first protocol and said information resources accessible in accordance with said uniform addressing scheme , said client application capable of displaying content pages for said information resources accessible in accordance with said first protocol and said information resources accessible in accordance with said uniform addressing scheme . |
| US8869249B2 Filed: 2002-01-18 Issued: 2014-10-21 Protecting information on a computer system using multiple authentication methods (Original Assignee) PeopleChart Corp (Current Assignee) PeopleChart Corp R. David Holvey, Arthur Douglas Jopling | US5974389A Filed: 1996-03-01 Issued: 1999-10-26 Medical record management system and process with improved workflow features (Original Assignee) Glaxo Wellcome Inc; Intelligent Medical Systems Inc (Current Assignee) GlaxoSmithKline LLC ; Intelligent Medical Systems Inc Melanie Ann Clark, John Finley Gold, Michael Edward Huska, Geoffrey Harold Kabel, Marc Merrill Graham |
|---|---|
| US8869249B2 CLAIM 1 . A method comprising : receiving , for a user , first user (said portion) authentication information for a first authentication method ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving , by a computing device , a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US5974389A CLAIM 2 . A patient record system as in claim 1 , wherein the predetermined set of access rules includes a rule selectively permitting access to a portion of the patient data responsive to the first caregiver having authorization for access to said portion (first user) of the patient data and responsive to the portion of data not being accessed by another caregiver . |
| US8869249B2 CLAIM 4 . The method of claim 1 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user (said portion) authentication information and the second user authentication information are authenticated . |
US5974389A CLAIM 2 . A patient record system as in claim 1 , wherein the predetermined set of access rules includes a rule selectively permitting access to a portion of the patient data responsive to the first caregiver having authorization for access to said portion (first user) of the patient data and responsive to the portion of data not being accessed by another caregiver . |
| US8869249B2 CLAIM 8 . The method of claim 7 , further comprising sending the access code to the user upon receiving the first user (said portion) authentication information . |
US5974389A CLAIM 2 . A patient record system as in claim 1 , wherein the predetermined set of access rules includes a rule selectively permitting access to a portion of the patient data responsive to the first caregiver having authorization for access to said portion (first user) of the patient data and responsive to the portion of data not being accessed by another caregiver . |
| US8869249B2 CLAIM 10 . The method of claim 8 , wherein the access code is sent to the user via a different communication channel from which the first user (said portion) authentication information is received . |
US5974389A CLAIM 2 . A patient record system as in claim 1 , wherein the predetermined set of access rules includes a rule selectively permitting access to a portion of the patient data responsive to the first caregiver having authorization for access to said portion (first user) of the patient data and responsive to the portion of data not being accessed by another caregiver . |
| US8869249B2 CLAIM 11 . A non-transitory computer-readable storage medium containing instructions for controlling a computer system (second terminals) to be configured for : receiving , for a user , first user (said portion) authentication information for a first authentication method ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing system , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US5974389A CLAIM 2 . A patient record system as in claim 1 , wherein the predetermined set of access rules includes a rule selectively permitting access to a portion of the patient data responsive to the first caregiver having authorization for access to said portion (first user) of the patient data and responsive to the portion of data not being accessed by another caregiver . US5974389A CLAIM 7 . A method of maintaining patient records , comprising : providing a first caregiver with a first terminal ; providing a second caregiver with a second terminal ; creating encounter records for a plurality of patients ; and selectively permitting the first and second caregivers , using said first and second terminals (computer system) , to access portions of patient data corresponding to a subset of said plurality of patients from a patient record database according to a predetermined set of access rules , the encounter records including a first contact record corresponding to access by the first caregiver to the patient records and a second contact record corresponding to access by the second caregiver to the patient records . |
| US8869249B2 CLAIM 12 . The non-transitory computer-readable storage medium of claim 11 , further configured for : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user (said portion) authentication information and the second user authentication information are authenticated . |
US5974389A CLAIM 2 . A patient record system as in claim 1 , wherein the predetermined set of access rules includes a rule selectively permitting access to a portion of the patient data responsive to the first caregiver having authorization for access to said portion (first user) of the patient data and responsive to the portion of data not being accessed by another caregiver . |
| US8869249B2 CLAIM 14 . The non-transitory computer-readable storage medium of claim 13 , wherein the access code is sent to the user via a different communication channel from which the first user (said portion) authentication information is received . |
US5974389A CLAIM 2 . A patient record system as in claim 1 , wherein the predetermined set of access rules includes a rule selectively permitting access to a portion of the patient data responsive to the first caregiver having authorization for access to said portion (first user) of the patient data and responsive to the portion of data not being accessed by another caregiver . |
| US8869249B2 CLAIM 15 . A method comprising : receiving , for a user , first user (said portion) authentication information for a first authentication method ; upon authenticating the first user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device after receiving , for the user , a second user authentication information , wherein the front-end storage device is accessible to a user device for the user via a network and the back-end storage device is not directly connected to the network ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the second user authentication information , enabling , by a computing device , user access to the subset of data that has been moved to the front-end storage device via the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US5974389A CLAIM 2 . A patient record system as in claim 1 , wherein the predetermined set of access rules includes a rule selectively permitting access to a portion of the patient data responsive to the first caregiver having authorization for access to said portion (first user) of the patient data and responsive to the portion of data not being accessed by another caregiver . |
| US8869249B2 CLAIM 16 . The method of claim 15 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user (said portion) authentication information and the second user authentication information are authenticated . |
US5974389A CLAIM 2 . A patient record system as in claim 1 , wherein the predetermined set of access rules includes a rule selectively permitting access to a portion of the patient data responsive to the first caregiver having authorization for access to said portion (first user) of the patient data and responsive to the portion of data not being accessed by another caregiver . |
| US8869249B2 CLAIM 19 . The method of claim 18 , further comprising sending the access code to the user upon receiving the first user (said portion) authentication information . |
US5974389A CLAIM 2 . A patient record system as in claim 1 , wherein the predetermined set of access rules includes a rule selectively permitting access to a portion of the patient data responsive to the first caregiver having authorization for access to said portion (first user) of the patient data and responsive to the portion of data not being accessed by another caregiver . |
| US8869249B2 CLAIM 20 . The method of claim 19 , wherein the access code is sent to the user via a different communication channel from which the first user (said portion) authentication information is received . |
US5974389A CLAIM 2 . A patient record system as in claim 1 , wherein the predetermined set of access rules includes a rule selectively permitting access to a portion of the patient data responsive to the first caregiver having authorization for access to said portion (first user) of the patient data and responsive to the portion of data not being accessed by another caregiver . |
| US8869249B2 Filed: 2002-01-18 Issued: 2014-10-21 Protecting information on a computer system using multiple authentication methods (Original Assignee) PeopleChart Corp (Current Assignee) PeopleChart Corp R. David Holvey, Arthur Douglas Jopling | US5790664A Filed: 1996-02-26 Issued: 1998-08-04 Automated system for management of licensed software (Original Assignee) Network Engr Software Inc (Current Assignee) GraphOn Corp Christopher D. Coley, Ralph E. Wesinger, Jr. |
|---|---|
| US8869249B2 CLAIM 1 . A method comprising : receiving , for a user , first user authentication information for a first authentication (shared key) method ; receiving , for the user , second user authentication information for a second authentication method (following steps) , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving , by a computing device , a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US5790664A CLAIM 12 . In a computer system having a plurality of computers connected by a computer network , the plurality of computers arranged in a hierarchy from a lowest level to highest level and having computer software that is enabled with a license , a method of enabling the computer software with a license , the method comprising the following steps (second authentication method, end storage device) : (a) maintaining a license server on a computer at the highest level in the hierarchical license system , the license server having a database of licensing information for enabling computer software on the plurality of computers in the hierarchy ; (b) requesting a license in a licensing module at a level L in the hierarchy from a licensing module on a computer at level L+1 in the hierarchy to enable computer software on a computer at a level L in the hierarchy , the licensing modules having : client component for communicating with agent components in licensing modules in a next level L+1 in the hierarchy , agent component for communicating with client components in licensing modules in a previous level L-1 in the hierarchy , and cache component for storing license information for computer software on computers in a previous level L-1 in the hierarchy , wherein the cache component is updated periodically with license information from agent components in a next level L+1 in the hierarchy ; (c) determining from the licensing module at the level L+1 if the requested license is in a cache component for the licensing module , and if not , (d) sending the request for the license to a licensing module at a next higher level in the hierarchy ; (e) repeating step (d) until the requested license is located in a cache component in a licensing module at a next highest level in the hierarchy , or the highest level in the hierarchy is reached , wherein the requested license is located on the license server . US5790664A CLAIM 25 . The system of claim 1 wherein the client computers and agent computers use a shared key (first authentication) to initialize encryption engines contained on the client and agent computers , wherein the encryption engines operate using the shared key . |
| US8869249B2 CLAIM 9 . The method of claim 8 , wherein the access code is sent to the user via a communication path (computer readable medium) that has been previously established . |
US5790664A CLAIM 13 . A computer readable medium (communication path, readable storage medium containing instructions) having stored therein instructions for causing a computer to execute the method of claim 12 . |
| US8869249B2 CLAIM 11 . A non-transitory computer-readable storage medium containing instructions for controlling a computer system (computer system) to be configured for : receiving , for a user , first user authentication information for a first authentication (shared key) method ; receiving , for the user , second user authentication information for a second authentication method (following steps) , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing system , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US5790664A CLAIM 12 . In a computer system (computer system) having a plurality of computers connected by a computer network , the plurality of computers arranged in a hierarchy from a lowest level to highest level and having computer software that is enabled with a license , a method of enabling the computer software with a license , the method comprising the following steps (second authentication method, end storage device) : (a) maintaining a license server on a computer at the highest level in the hierarchical license system , the license server having a database of licensing information for enabling computer software on the plurality of computers in the hierarchy ; (b) requesting a license in a licensing module at a level L in the hierarchy from a licensing module on a computer at level L+1 in the hierarchy to enable computer software on a computer at a level L in the hierarchy , the licensing modules having : client component for communicating with agent components in licensing modules in a next level L+1 in the hierarchy , agent component for communicating with client components in licensing modules in a previous level L-1 in the hierarchy , and cache component for storing license information for computer software on computers in a previous level L-1 in the hierarchy , wherein the cache component is updated periodically with license information from agent components in a next level L+1 in the hierarchy ; (c) determining from the licensing module at the level L+1 if the requested license is in a cache component for the licensing module , and if not , (d) sending the request for the license to a licensing module at a next higher level in the hierarchy ; (e) repeating step (d) until the requested license is located in a cache component in a licensing module at a next highest level in the hierarchy , or the highest level in the hierarchy is reached , wherein the requested license is located on the license server . US5790664A CLAIM 25 . The system of claim 1 wherein the client computers and agent computers use a shared key (first authentication) to initialize encryption engines contained on the client and agent computers , wherein the encryption engines operate using the shared key . |
| US8869249B2 CLAIM 15 . A method comprising : receiving , for a user , first user authentication information for a first authentication (shared key) method ; upon authenticating the first user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device after receiving , for the user , a second user authentication information , wherein the front-end storage device is accessible to a user device for the user via a network and the back-end storage device is not directly connected to the network ; receiving , for the user , second user authentication information for a second authentication method (following steps) , the second authentication method being different from the first authentication method ; upon authenticating the second user authentication information , enabling , by a computing device , user access to the subset of data that has been moved to the front-end storage device via the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US5790664A CLAIM 12 . In a computer system having a plurality of computers connected by a computer network , the plurality of computers arranged in a hierarchy from a lowest level to highest level and having computer software that is enabled with a license , a method of enabling the computer software with a license , the method comprising the following steps (second authentication method, end storage device) : (a) maintaining a license server on a computer at the highest level in the hierarchical license system , the license server having a database of licensing information for enabling computer software on the plurality of computers in the hierarchy ; (b) requesting a license in a licensing module at a level L in the hierarchy from a licensing module on a computer at level L+1 in the hierarchy to enable computer software on a computer at a level L in the hierarchy , the licensing modules having : client component for communicating with agent components in licensing modules in a next level L+1 in the hierarchy , agent component for communicating with client components in licensing modules in a previous level L-1 in the hierarchy , and cache component for storing license information for computer software on computers in a previous level L-1 in the hierarchy , wherein the cache component is updated periodically with license information from agent components in a next level L+1 in the hierarchy ; (c) determining from the licensing module at the level L+1 if the requested license is in a cache component for the licensing module , and if not , (d) sending the request for the license to a licensing module at a next higher level in the hierarchy ; (e) repeating step (d) until the requested license is located in a cache component in a licensing module at a next highest level in the hierarchy , or the highest level in the hierarchy is reached , wherein the requested license is located on the license server . US5790664A CLAIM 25 . The system of claim 1 wherein the client computers and agent computers use a shared key (first authentication) to initialize encryption engines contained on the client and agent computers , wherein the encryption engines operate using the shared key . |
| US8869249B2 Filed: 2002-01-18 Issued: 2014-10-21 Protecting information on a computer system using multiple authentication methods (Original Assignee) PeopleChart Corp (Current Assignee) PeopleChart Corp R. David Holvey, Arthur Douglas Jopling | US5867821A Filed: 1996-02-16 Issued: 1999-02-02 Method and apparatus for electronically accessing and distributing personal health care information and services in hospitals and homes (Original Assignee) Paxton Devs Inc (Current Assignee) Care Innovations LLC Douglas J. Ballantyne, Michael Mulhall |
|---|---|
| US8869249B2 CLAIM 1 . A method comprising : receiving , for a user , first user authentication information for a first authentication method ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving , by a computing device , a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device (medical staff) for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US5867821A CLAIM 1 . An electronic information system for distribution of medical information and patient services comprising : (a) a data source in the form of a Master Library (ML) storing data in digital compressed format , the ML being adapted to store unprocessed or digitally compressed data selected from one or more of the following : (i) patient/medical staff (user device) health record information , (ii) clinical data including X-Ray , MRI and video images , (iii) patient laboratory data to support medical diagnoses and investigations , (iv) educational/training information in video or textual format for the training of medical personnel and patient requirements , (v) pharmaceutical databases , (vi) entertainment audio/video data , (vii) monitored video of critical areas including operating rooms and psychiatric wards , (viii) general security video monitoring data , and (ix) management information data including accounting/billing and inventory control/ordering services ; (b) a communications interconnection system electronically associated with the ML ; (c) a computerized nursing station electronically associated with the ML through the internal medical information network for temporary storage of patients' ; health records that have been accessed and downloaded from the ML , said nursing station operating as a client/server computer system , wherein the server computer is part of the nursing station and the client systems are the interconnected Patient Care Stations (PCS) . The nursing station server system containing disk and random access memory (RAM) and the server computer to temporarily store health records for patients interfaced to this station ; (d) an electronic PCS comprising client computers located at each patient bedside communicating with the nursing station server system , said client computers each comprising a central processing unit with associated memory and the following items : (i) a monitor screen for display of normal NTSC video , RGB video and other interfaced/non-interlaced digital video formats ; (ii) interface means to electronically communicate through the communications interconnection system with the ML and with the nursing station ; (iii) a wireless/IR transmitter/receiver to communicate with a pen based computer device (Personal Data Assistant or PDA) ; (iv) an input entry device to facilitate the patient/medical staff communication within the system ; (v) compression and decompression means for data passed to and from the patient care station ; and (vi) application software supplying patient and medical staff services . |
| US8869249B2 CLAIM 7 . The method of claim 1 , wherein the second user authentication information comprises an access code (server computer system) . |
US5867821A CLAIM 1 . An electronic information system for distribution of medical information and patient services comprising : (a) a data source in the form of a Master Library (ML) storing data in digital compressed format , the ML being adapted to store unprocessed or digitally compressed data selected from one or more of the following : (i) patient/medical staff health record information , (ii) clinical data including X-Ray , MRI and video images , (iii) patient laboratory data to support medical diagnoses and investigations , (iv) educational/training information in video or textual format for the training of medical personnel and patient requirements , (v) pharmaceutical databases , (vi) entertainment audio/video data , (vii) monitored video of critical areas including operating rooms and psychiatric wards , (viii) general security video monitoring data , and (ix) management information data including accounting/billing and inventory control/ordering services ; (b) a communications interconnection system electronically associated with the ML ; (c) a computerized nursing station electronically associated with the ML through the internal medical information network for temporary storage of patients' ; health records that have been accessed and downloaded from the ML , said nursing station operating as a client/server computer system (access code) , wherein the server computer is part of the nursing station and the client systems are the interconnected Patient Care Stations (PCS) . The nursing station server system containing disk and random access memory (RAM) and the server computer to temporarily store health records for patients interfaced to this station ; (d) an electronic PCS comprising client computers located at each patient bedside communicating with the nursing station server system , said client computers each comprising a central processing unit with associated memory and the following items : (i) a monitor screen for display of normal NTSC video , RGB video and other interfaced/non-interlaced digital video formats ; (ii) interface means to electronically communicate through the communications interconnection system with the ML and with the nursing station ; (iii) a wireless/IR transmitter/receiver to communicate with a pen based computer device (Personal Data Assistant or PDA) ; (iv) an input entry device to facilitate the patient/medical staff communication within the system ; (v) compression and decompression means for data passed to and from the patient care station ; and (vi) application software supplying patient and medical staff services . |
| US8869249B2 CLAIM 8 . The method of claim 7 , further comprising sending the access code (server computer system) to the user upon receiving the first user authentication information . |
US5867821A CLAIM 1 . An electronic information system for distribution of medical information and patient services comprising : (a) a data source in the form of a Master Library (ML) storing data in digital compressed format , the ML being adapted to store unprocessed or digitally compressed data selected from one or more of the following : (i) patient/medical staff health record information , (ii) clinical data including X-Ray , MRI and video images , (iii) patient laboratory data to support medical diagnoses and investigations , (iv) educational/training information in video or textual format for the training of medical personnel and patient requirements , (v) pharmaceutical databases , (vi) entertainment audio/video data , (vii) monitored video of critical areas including operating rooms and psychiatric wards , (viii) general security video monitoring data , and (ix) management information data including accounting/billing and inventory control/ordering services ; (b) a communications interconnection system electronically associated with the ML ; (c) a computerized nursing station electronically associated with the ML through the internal medical information network for temporary storage of patients' ; health records that have been accessed and downloaded from the ML , said nursing station operating as a client/server computer system (access code) , wherein the server computer is part of the nursing station and the client systems are the interconnected Patient Care Stations (PCS) . The nursing station server system containing disk and random access memory (RAM) and the server computer to temporarily store health records for patients interfaced to this station ; (d) an electronic PCS comprising client computers located at each patient bedside communicating with the nursing station server system , said client computers each comprising a central processing unit with associated memory and the following items : (i) a monitor screen for display of normal NTSC video , RGB video and other interfaced/non-interlaced digital video formats ; (ii) interface means to electronically communicate through the communications interconnection system with the ML and with the nursing station ; (iii) a wireless/IR transmitter/receiver to communicate with a pen based computer device (Personal Data Assistant or PDA) ; (iv) an input entry device to facilitate the patient/medical staff communication within the system ; (v) compression and decompression means for data passed to and from the patient care station ; and (vi) application software supplying patient and medical staff services . |
| US8869249B2 CLAIM 9 . The method of claim 8 , wherein the access code (server computer system) is sent to the user via a communication path that has been previously established . |
US5867821A CLAIM 1 . An electronic information system for distribution of medical information and patient services comprising : (a) a data source in the form of a Master Library (ML) storing data in digital compressed format , the ML being adapted to store unprocessed or digitally compressed data selected from one or more of the following : (i) patient/medical staff health record information , (ii) clinical data including X-Ray , MRI and video images , (iii) patient laboratory data to support medical diagnoses and investigations , (iv) educational/training information in video or textual format for the training of medical personnel and patient requirements , (v) pharmaceutical databases , (vi) entertainment audio/video data , (vii) monitored video of critical areas including operating rooms and psychiatric wards , (viii) general security video monitoring data , and (ix) management information data including accounting/billing and inventory control/ordering services ; (b) a communications interconnection system electronically associated with the ML ; (c) a computerized nursing station electronically associated with the ML through the internal medical information network for temporary storage of patients' ; health records that have been accessed and downloaded from the ML , said nursing station operating as a client/server computer system (access code) , wherein the server computer is part of the nursing station and the client systems are the interconnected Patient Care Stations (PCS) . The nursing station server system containing disk and random access memory (RAM) and the server computer to temporarily store health records for patients interfaced to this station ; (d) an electronic PCS comprising client computers located at each patient bedside communicating with the nursing station server system , said client computers each comprising a central processing unit with associated memory and the following items : (i) a monitor screen for display of normal NTSC video , RGB video and other interfaced/non-interlaced digital video formats ; (ii) interface means to electronically communicate through the communications interconnection system with the ML and with the nursing station ; (iii) a wireless/IR transmitter/receiver to communicate with a pen based computer device (Personal Data Assistant or PDA) ; (iv) an input entry device to facilitate the patient/medical staff communication within the system ; (v) compression and decompression means for data passed to and from the patient care station ; and (vi) application software supplying patient and medical staff services . |
| US8869249B2 CLAIM 10 . The method of claim 8 , wherein the access code (server computer system) is sent to the user via a different communication channel from which the first user authentication information is received . |
US5867821A CLAIM 1 . An electronic information system for distribution of medical information and patient services comprising : (a) a data source in the form of a Master Library (ML) storing data in digital compressed format , the ML being adapted to store unprocessed or digitally compressed data selected from one or more of the following : (i) patient/medical staff health record information , (ii) clinical data including X-Ray , MRI and video images , (iii) patient laboratory data to support medical diagnoses and investigations , (iv) educational/training information in video or textual format for the training of medical personnel and patient requirements , (v) pharmaceutical databases , (vi) entertainment audio/video data , (vii) monitored video of critical areas including operating rooms and psychiatric wards , (viii) general security video monitoring data , and (ix) management information data including accounting/billing and inventory control/ordering services ; (b) a communications interconnection system electronically associated with the ML ; (c) a computerized nursing station electronically associated with the ML through the internal medical information network for temporary storage of patients' ; health records that have been accessed and downloaded from the ML , said nursing station operating as a client/server computer system (access code) , wherein the server computer is part of the nursing station and the client systems are the interconnected Patient Care Stations (PCS) . The nursing station server system containing disk and random access memory (RAM) and the server computer to temporarily store health records for patients interfaced to this station ; (d) an electronic PCS comprising client computers located at each patient bedside communicating with the nursing station server system , said client computers each comprising a central processing unit with associated memory and the following items : (i) a monitor screen for display of normal NTSC video , RGB video and other interfaced/non-interlaced digital video formats ; (ii) interface means to electronically communicate through the communications interconnection system with the ML and with the nursing station ; (iii) a wireless/IR transmitter/receiver to communicate with a pen based computer device (Personal Data Assistant or PDA) ; (iv) an input entry device to facilitate the patient/medical staff communication within the system ; (v) compression and decompression means for data passed to and from the patient care station ; and (vi) application software supplying patient and medical staff services . |
| US8869249B2 CLAIM 11 . A non-transitory computer-readable storage medium containing instructions for controlling a computer system (monitoring data) to be configured for : receiving , for a user , first user authentication information for a first authentication method ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device (medical staff) for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing system , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US5867821A CLAIM 1 . An electronic information system for distribution of medical information and patient services comprising : (a) a data source in the form of a Master Library (ML) storing data in digital compressed format , the ML being adapted to store unprocessed or digitally compressed data selected from one or more of the following : (i) patient/medical staff (user device) health record information , (ii) clinical data including X-Ray , MRI and video images , (iii) patient laboratory data to support medical diagnoses and investigations , (iv) educational/training information in video or textual format for the training of medical personnel and patient requirements , (v) pharmaceutical databases , (vi) entertainment audio/video data , (vii) monitored video of critical areas including operating rooms and psychiatric wards , (viii) general security video monitoring data (computer system) , and (ix) management information data including accounting/billing and inventory control/ordering services ; (b) a communications interconnection system electronically associated with the ML ; (c) a computerized nursing station electronically associated with the ML through the internal medical information network for temporary storage of patients' ; health records that have been accessed and downloaded from the ML , said nursing station operating as a client/server computer system , wherein the server computer is part of the nursing station and the client systems are the interconnected Patient Care Stations (PCS) . The nursing station server system containing disk and random access memory (RAM) and the server computer to temporarily store health records for patients interfaced to this station ; (d) an electronic PCS comprising client computers located at each patient bedside communicating with the nursing station server system , said client computers each comprising a central processing unit with associated memory and the following items : (i) a monitor screen for display of normal NTSC video , RGB video and other interfaced/non-interlaced digital video formats ; (ii) interface means to electronically communicate through the communications interconnection system with the ML and with the nursing station ; (iii) a wireless/IR transmitter/receiver to communicate with a pen based computer device (Personal Data Assistant or PDA) ; (iv) an input entry device to facilitate the patient/medical staff communication within the system ; (v) compression and decompression means for data passed to and from the patient care station ; and (vi) application software supplying patient and medical staff services . |
| US8869249B2 CLAIM 13 . The non-transitory computer-readable storage medium of claim 11 , wherein the second user authentication information comprises an access code (server computer system) . |
US5867821A CLAIM 1 . An electronic information system for distribution of medical information and patient services comprising : (a) a data source in the form of a Master Library (ML) storing data in digital compressed format , the ML being adapted to store unprocessed or digitally compressed data selected from one or more of the following : (i) patient/medical staff health record information , (ii) clinical data including X-Ray , MRI and video images , (iii) patient laboratory data to support medical diagnoses and investigations , (iv) educational/training information in video or textual format for the training of medical personnel and patient requirements , (v) pharmaceutical databases , (vi) entertainment audio/video data , (vii) monitored video of critical areas including operating rooms and psychiatric wards , (viii) general security video monitoring data , and (ix) management information data including accounting/billing and inventory control/ordering services ; (b) a communications interconnection system electronically associated with the ML ; (c) a computerized nursing station electronically associated with the ML through the internal medical information network for temporary storage of patients' ; health records that have been accessed and downloaded from the ML , said nursing station operating as a client/server computer system (access code) , wherein the server computer is part of the nursing station and the client systems are the interconnected Patient Care Stations (PCS) . The nursing station server system containing disk and random access memory (RAM) and the server computer to temporarily store health records for patients interfaced to this station ; (d) an electronic PCS comprising client computers located at each patient bedside communicating with the nursing station server system , said client computers each comprising a central processing unit with associated memory and the following items : (i) a monitor screen for display of normal NTSC video , RGB video and other interfaced/non-interlaced digital video formats ; (ii) interface means to electronically communicate through the communications interconnection system with the ML and with the nursing station ; (iii) a wireless/IR transmitter/receiver to communicate with a pen based computer device (Personal Data Assistant or PDA) ; (iv) an input entry device to facilitate the patient/medical staff communication within the system ; (v) compression and decompression means for data passed to and from the patient care station ; and (vi) application software supplying patient and medical staff services . |
| US8869249B2 CLAIM 14 . The non-transitory computer-readable storage medium of claim 13 , wherein the access code (server computer system) is sent to the user via a different communication channel from which the first user authentication information is received . |
US5867821A CLAIM 1 . An electronic information system for distribution of medical information and patient services comprising : (a) a data source in the form of a Master Library (ML) storing data in digital compressed format , the ML being adapted to store unprocessed or digitally compressed data selected from one or more of the following : (i) patient/medical staff health record information , (ii) clinical data including X-Ray , MRI and video images , (iii) patient laboratory data to support medical diagnoses and investigations , (iv) educational/training information in video or textual format for the training of medical personnel and patient requirements , (v) pharmaceutical databases , (vi) entertainment audio/video data , (vii) monitored video of critical areas including operating rooms and psychiatric wards , (viii) general security video monitoring data , and (ix) management information data including accounting/billing and inventory control/ordering services ; (b) a communications interconnection system electronically associated with the ML ; (c) a computerized nursing station electronically associated with the ML through the internal medical information network for temporary storage of patients' ; health records that have been accessed and downloaded from the ML , said nursing station operating as a client/server computer system (access code) , wherein the server computer is part of the nursing station and the client systems are the interconnected Patient Care Stations (PCS) . The nursing station server system containing disk and random access memory (RAM) and the server computer to temporarily store health records for patients interfaced to this station ; (d) an electronic PCS comprising client computers located at each patient bedside communicating with the nursing station server system , said client computers each comprising a central processing unit with associated memory and the following items : (i) a monitor screen for display of normal NTSC video , RGB video and other interfaced/non-interlaced digital video formats ; (ii) interface means to electronically communicate through the communications interconnection system with the ML and with the nursing station ; (iii) a wireless/IR transmitter/receiver to communicate with a pen based computer device (Personal Data Assistant or PDA) ; (iv) an input entry device to facilitate the patient/medical staff communication within the system ; (v) compression and decompression means for data passed to and from the patient care station ; and (vi) application software supplying patient and medical staff services . |
| US8869249B2 CLAIM 15 . A method comprising : receiving , for a user , first user authentication information for a first authentication method ; upon authenticating the first user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device after receiving , for the user , a second user authentication information , wherein the front-end storage device is accessible to a user device (medical staff) for the user via a network and the back-end storage device is not directly connected to the network ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the second user authentication information , enabling , by a computing device , user access (user access) to the subset of data that has been moved to the front-end storage device via the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US5867821A CLAIM 1 . An electronic information system for distribution of medical information and patient services comprising : (a) a data source in the form of a Master Library (ML) storing data in digital compressed format , the ML being adapted to store unprocessed or digitally compressed data selected from one or more of the following : (i) patient/medical staff (user device) health record information , (ii) clinical data including X-Ray , MRI and video images , (iii) patient laboratory data to support medical diagnoses and investigations , (iv) educational/training information in video or textual format for the training of medical personnel and patient requirements , (v) pharmaceutical databases , (vi) entertainment audio/video data , (vii) monitored video of critical areas including operating rooms and psychiatric wards , (viii) general security video monitoring data , and (ix) management information data including accounting/billing and inventory control/ordering services ; (b) a communications interconnection system electronically associated with the ML ; (c) a computerized nursing station electronically associated with the ML through the internal medical information network for temporary storage of patients' ; health records that have been accessed and downloaded from the ML , said nursing station operating as a client/server computer system , wherein the server computer is part of the nursing station and the client systems are the interconnected Patient Care Stations (PCS) . The nursing station server system containing disk and random access memory (RAM) and the server computer to temporarily store health records for patients interfaced to this station ; (d) an electronic PCS comprising client computers located at each patient bedside communicating with the nursing station server system , said client computers each comprising a central processing unit with associated memory and the following items : (i) a monitor screen for display of normal NTSC video , RGB video and other interfaced/non-interlaced digital video formats ; (ii) interface means to electronically communicate through the communications interconnection system with the ML and with the nursing station ; (iii) a wireless/IR transmitter/receiver to communicate with a pen based computer device (Personal Data Assistant or PDA) ; (iv) an input entry device to facilitate the patient/medical staff communication within the system ; (v) compression and decompression means for data passed to and from the patient care station ; and (vi) application software supplying patient and medical staff services . US5867821A CLAIM 9 . A system according to claim 1 that has been programmed to audit user access (user access) to all the archived electronic health records contained in the ML . |
| US8869249B2 CLAIM 18 . The method of claim 15 , wherein the second user authentication information comprises an access code (server computer system) . |
US5867821A CLAIM 1 . An electronic information system for distribution of medical information and patient services comprising : (a) a data source in the form of a Master Library (ML) storing data in digital compressed format , the ML being adapted to store unprocessed or digitally compressed data selected from one or more of the following : (i) patient/medical staff health record information , (ii) clinical data including X-Ray , MRI and video images , (iii) patient laboratory data to support medical diagnoses and investigations , (iv) educational/training information in video or textual format for the training of medical personnel and patient requirements , (v) pharmaceutical databases , (vi) entertainment audio/video data , (vii) monitored video of critical areas including operating rooms and psychiatric wards , (viii) general security video monitoring data , and (ix) management information data including accounting/billing and inventory control/ordering services ; (b) a communications interconnection system electronically associated with the ML ; (c) a computerized nursing station electronically associated with the ML through the internal medical information network for temporary storage of patients' ; health records that have been accessed and downloaded from the ML , said nursing station operating as a client/server computer system (access code) , wherein the server computer is part of the nursing station and the client systems are the interconnected Patient Care Stations (PCS) . The nursing station server system containing disk and random access memory (RAM) and the server computer to temporarily store health records for patients interfaced to this station ; (d) an electronic PCS comprising client computers located at each patient bedside communicating with the nursing station server system , said client computers each comprising a central processing unit with associated memory and the following items : (i) a monitor screen for display of normal NTSC video , RGB video and other interfaced/non-interlaced digital video formats ; (ii) interface means to electronically communicate through the communications interconnection system with the ML and with the nursing station ; (iii) a wireless/IR transmitter/receiver to communicate with a pen based computer device (Personal Data Assistant or PDA) ; (iv) an input entry device to facilitate the patient/medical staff communication within the system ; (v) compression and decompression means for data passed to and from the patient care station ; and (vi) application software supplying patient and medical staff services . |
| US8869249B2 Filed: 2002-01-18 Issued: 2014-10-21 Protecting information on a computer system using multiple authentication methods (Original Assignee) PeopleChart Corp (Current Assignee) PeopleChart Corp R. David Holvey, Arthur Douglas Jopling | US6047327A Filed: 1996-02-16 Issued: 2000-04-04 System for distributing electronic information to a targeted group of users (Original Assignee) Intel Corp (Current Assignee) Dialogic Corp Michael Man-Hak Tso, David Alfred Romrell, Daniel Joshua Gillespie |
|---|---|
| US8869249B2 CLAIM 1 . A method comprising : receiving , for a user , first user authentication information for a first authentication method ; receiving , for the user , second user (said database, said server) authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving , by a computing device , a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device (said database, said server) for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US6047327A CLAIM 1 . A server comprising : an information interface for creating an InfoBite from received information including summary information and a resource identifier wherein said resource identifier is a bit pattern associated with a Uniform Resource Locator (URL) stored within a resource database ; a message interface for coupling said server (second user, user device, user device access, user access) to a set of clients through a network ; and a first receiver which receives and stores real-time location information of said set of clients , said receiver coupled to said information interface ; wherein said server supports mobility of said set of clients through said receiver . US6047327A CLAIM 26 . A method comprising the steps of : transmitting a real-time location of a client ; receiving an InfoBite through a messaging interface , wherein said InfoBite includes summary information and a resource identifier wherein said resource identifier is a bit pattern associated with a Uniform Resource Locator (URL) stored within a resource database ; causing an information interface to update a database ; causing a browser to display said InfoBite and perform updates of a display from said database (second user, user device, user device access, user access) ; and if further information is requested , causing said browser to notify said server of said request . |
| US8869249B2 CLAIM 3 . The method of claim 1 , wherein the period of time starts upon authenticating the second user (said database, said server) authentication information as long as the second user authentication information is authenticated within a prescheduled period of time . |
US6047327A CLAIM 1 . A server comprising : an information interface for creating an InfoBite from received information including summary information and a resource identifier wherein said resource identifier is a bit pattern associated with a Uniform Resource Locator (URL) stored within a resource database ; a message interface for coupling said server (second user, user device, user device access, user access) to a set of clients through a network ; and a first receiver which receives and stores real-time location information of said set of clients , said receiver coupled to said information interface ; wherein said server supports mobility of said set of clients through said receiver . US6047327A CLAIM 26 . A method comprising the steps of : transmitting a real-time location of a client ; receiving an InfoBite through a messaging interface , wherein said InfoBite includes summary information and a resource identifier wherein said resource identifier is a bit pattern associated with a Uniform Resource Locator (URL) stored within a resource database ; causing an information interface to update a database ; causing a browser to display said InfoBite and perform updates of a display from said database (second user, user device, user device access, user access) ; and if further information is requested , causing said browser to notify said server of said request . |
| US8869249B2 CLAIM 4 . The method of claim 1 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user authentication information and the second user (said database, said server) authentication information are authenticated . |
US6047327A CLAIM 1 . A server comprising : an information interface for creating an InfoBite from received information including summary information and a resource identifier wherein said resource identifier is a bit pattern associated with a Uniform Resource Locator (URL) stored within a resource database ; a message interface for coupling said server (second user, user device, user device access, user access) to a set of clients through a network ; and a first receiver which receives and stores real-time location information of said set of clients , said receiver coupled to said information interface ; wherein said server supports mobility of said set of clients through said receiver . US6047327A CLAIM 26 . A method comprising the steps of : transmitting a real-time location of a client ; receiving an InfoBite through a messaging interface , wherein said InfoBite includes summary information and a resource identifier wherein said resource identifier is a bit pattern associated with a Uniform Resource Locator (URL) stored within a resource database ; causing an information interface to update a database ; causing a browser to display said InfoBite and perform updates of a display from said database (second user, user device, user device access, user access) ; and if further information is requested , causing said browser to notify said server of said request . |
| US8869249B2 CLAIM 7 . The method of claim 1 , wherein the second user (said database, said server) authentication information comprises an access code (source data) . |
US6047327A CLAIM 1 . A server comprising : an information interface for creating an InfoBite from received information including summary information and a resource identifier wherein said resource identifier is a bit pattern associated with a Uniform Resource Locator (URL) stored within a resource data (access code) base ; a message interface for coupling said server (second user, user device, user device access, user access) to a set of clients through a network ; and a first receiver which receives and stores real-time location information of said set of clients , said receiver coupled to said information interface ; wherein said server supports mobility of said set of clients through said receiver . US6047327A CLAIM 26 . A method comprising the steps of : transmitting a real-time location of a client ; receiving an InfoBite through a messaging interface , wherein said InfoBite includes summary information and a resource identifier wherein said resource identifier is a bit pattern associated with a Uniform Resource Locator (URL) stored within a resource database ; causing an information interface to update a database ; causing a browser to display said InfoBite and perform updates of a display from said database (second user, user device, user device access, user access) ; and if further information is requested , causing said browser to notify said server of said request . |
| US8869249B2 CLAIM 8 . The method of claim 7 , further comprising sending the access code (source data) to the user upon receiving the first user authentication information . |
US6047327A CLAIM 1 . A server comprising : an information interface for creating an InfoBite from received information including summary information and a resource identifier wherein said resource identifier is a bit pattern associated with a Uniform Resource Locator (URL) stored within a resource data (access code) base ; a message interface for coupling said server to a set of clients through a network ; and a first receiver which receives and stores real-time location information of said set of clients , said receiver coupled to said information interface ; wherein said server supports mobility of said set of clients through said receiver . |
| US8869249B2 CLAIM 9 . The method of claim 8 , wherein the access code (source data) is sent to the user via a communication path that has been previously established . |
US6047327A CLAIM 1 . A server comprising : an information interface for creating an InfoBite from received information including summary information and a resource identifier wherein said resource identifier is a bit pattern associated with a Uniform Resource Locator (URL) stored within a resource data (access code) base ; a message interface for coupling said server to a set of clients through a network ; and a first receiver which receives and stores real-time location information of said set of clients , said receiver coupled to said information interface ; wherein said server supports mobility of said set of clients through said receiver . |
| US8869249B2 CLAIM 10 . The method of claim 8 , wherein the access code (source data) is sent to the user via a different communication channel from which the first user authentication information is received . |
US6047327A CLAIM 1 . A server comprising : an information interface for creating an InfoBite from received information including summary information and a resource identifier wherein said resource identifier is a bit pattern associated with a Uniform Resource Locator (URL) stored within a resource data (access code) base ; a message interface for coupling said server to a set of clients through a network ; and a first receiver which receives and stores real-time location information of said set of clients , said receiver coupled to said information interface ; wherein said server supports mobility of said set of clients through said receiver . |
| US8869249B2 CLAIM 11 . A non-transitory computer-readable storage medium containing instructions for controlling a computer system to be configured for : receiving , for a user , first user authentication information for a first authentication method ; receiving , for the user , second user (said database, said server) authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device (said database, said server) for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing system , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US6047327A CLAIM 1 . A server comprising : an information interface for creating an InfoBite from received information including summary information and a resource identifier wherein said resource identifier is a bit pattern associated with a Uniform Resource Locator (URL) stored within a resource database ; a message interface for coupling said server (second user, user device, user device access, user access) to a set of clients through a network ; and a first receiver which receives and stores real-time location information of said set of clients , said receiver coupled to said information interface ; wherein said server supports mobility of said set of clients through said receiver . US6047327A CLAIM 26 . A method comprising the steps of : transmitting a real-time location of a client ; receiving an InfoBite through a messaging interface , wherein said InfoBite includes summary information and a resource identifier wherein said resource identifier is a bit pattern associated with a Uniform Resource Locator (URL) stored within a resource database ; causing an information interface to update a database ; causing a browser to display said InfoBite and perform updates of a display from said database (second user, user device, user device access, user access) ; and if further information is requested , causing said browser to notify said server of said request . |
| US8869249B2 CLAIM 12 . The non-transitory computer-readable storage medium of claim 11 , further configured for : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user authentication information and the second user (said database, said server) authentication information are authenticated . |
US6047327A CLAIM 1 . A server comprising : an information interface for creating an InfoBite from received information including summary information and a resource identifier wherein said resource identifier is a bit pattern associated with a Uniform Resource Locator (URL) stored within a resource database ; a message interface for coupling said server (second user, user device, user device access, user access) to a set of clients through a network ; and a first receiver which receives and stores real-time location information of said set of clients , said receiver coupled to said information interface ; wherein said server supports mobility of said set of clients through said receiver . US6047327A CLAIM 26 . A method comprising the steps of : transmitting a real-time location of a client ; receiving an InfoBite through a messaging interface , wherein said InfoBite includes summary information and a resource identifier wherein said resource identifier is a bit pattern associated with a Uniform Resource Locator (URL) stored within a resource database ; causing an information interface to update a database ; causing a browser to display said InfoBite and perform updates of a display from said database (second user, user device, user device access, user access) ; and if further information is requested , causing said browser to notify said server of said request . |
| US8869249B2 CLAIM 13 . The non-transitory computer-readable storage medium of claim 11 , wherein the second user (said database, said server) authentication information comprises an access code (source data) . |
US6047327A CLAIM 1 . A server comprising : an information interface for creating an InfoBite from received information including summary information and a resource identifier wherein said resource identifier is a bit pattern associated with a Uniform Resource Locator (URL) stored within a resource data (access code) base ; a message interface for coupling said server (second user, user device, user device access, user access) to a set of clients through a network ; and a first receiver which receives and stores real-time location information of said set of clients , said receiver coupled to said information interface ; wherein said server supports mobility of said set of clients through said receiver . US6047327A CLAIM 26 . A method comprising the steps of : transmitting a real-time location of a client ; receiving an InfoBite through a messaging interface , wherein said InfoBite includes summary information and a resource identifier wherein said resource identifier is a bit pattern associated with a Uniform Resource Locator (URL) stored within a resource database ; causing an information interface to update a database ; causing a browser to display said InfoBite and perform updates of a display from said database (second user, user device, user device access, user access) ; and if further information is requested , causing said browser to notify said server of said request . |
| US8869249B2 CLAIM 14 . The non-transitory computer-readable storage medium of claim 13 , wherein the access code (source data) is sent to the user via a different communication channel from which the first user authentication information is received . |
US6047327A CLAIM 1 . A server comprising : an information interface for creating an InfoBite from received information including summary information and a resource identifier wherein said resource identifier is a bit pattern associated with a Uniform Resource Locator (URL) stored within a resource data (access code) base ; a message interface for coupling said server to a set of clients through a network ; and a first receiver which receives and stores real-time location information of said set of clients , said receiver coupled to said information interface ; wherein said server supports mobility of said set of clients through said receiver . |
| US8869249B2 CLAIM 15 . A method comprising : receiving , for a user , first user authentication information for a first authentication method ; upon authenticating the first user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device after receiving , for the user , a second user (said database, said server) authentication information , wherein the front-end storage device is accessible to a user device (said database, said server) for the user via a network and the back-end storage device is not directly connected to the network ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the second user authentication information , enabling , by a computing device , user access (said database, said server) to the subset of data that has been moved to the front-end storage device via the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US6047327A CLAIM 1 . A server comprising : an information interface for creating an InfoBite from received information including summary information and a resource identifier wherein said resource identifier is a bit pattern associated with a Uniform Resource Locator (URL) stored within a resource database ; a message interface for coupling said server (second user, user device, user device access, user access) to a set of clients through a network ; and a first receiver which receives and stores real-time location information of said set of clients , said receiver coupled to said information interface ; wherein said server supports mobility of said set of clients through said receiver . US6047327A CLAIM 26 . A method comprising the steps of : transmitting a real-time location of a client ; receiving an InfoBite through a messaging interface , wherein said InfoBite includes summary information and a resource identifier wherein said resource identifier is a bit pattern associated with a Uniform Resource Locator (URL) stored within a resource database ; causing an information interface to update a database ; causing a browser to display said InfoBite and perform updates of a display from said database (second user, user device, user device access, user access) ; and if further information is requested , causing said browser to notify said server of said request . |
| US8869249B2 CLAIM 16 . The method of claim 15 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user authentication information and the second user (said database, said server) authentication information are authenticated . |
US6047327A CLAIM 1 . A server comprising : an information interface for creating an InfoBite from received information including summary information and a resource identifier wherein said resource identifier is a bit pattern associated with a Uniform Resource Locator (URL) stored within a resource database ; a message interface for coupling said server (second user, user device, user device access, user access) to a set of clients through a network ; and a first receiver which receives and stores real-time location information of said set of clients , said receiver coupled to said information interface ; wherein said server supports mobility of said set of clients through said receiver . US6047327A CLAIM 26 . A method comprising the steps of : transmitting a real-time location of a client ; receiving an InfoBite through a messaging interface , wherein said InfoBite includes summary information and a resource identifier wherein said resource identifier is a bit pattern associated with a Uniform Resource Locator (URL) stored within a resource database ; causing an information interface to update a database ; causing a browser to display said InfoBite and perform updates of a display from said database (second user, user device, user device access, user access) ; and if further information is requested , causing said browser to notify said server of said request . |
| US8869249B2 CLAIM 18 . The method of claim 15 , wherein the second user (said database, said server) authentication information comprises an access code (source data) . |
US6047327A CLAIM 1 . A server comprising : an information interface for creating an InfoBite from received information including summary information and a resource identifier wherein said resource identifier is a bit pattern associated with a Uniform Resource Locator (URL) stored within a resource data (access code) base ; a message interface for coupling said server (second user, user device, user device access, user access) to a set of clients through a network ; and a first receiver which receives and stores real-time location information of said set of clients , said receiver coupled to said information interface ; wherein said server supports mobility of said set of clients through said receiver . US6047327A CLAIM 26 . A method comprising the steps of : transmitting a real-time location of a client ; receiving an InfoBite through a messaging interface , wherein said InfoBite includes summary information and a resource identifier wherein said resource identifier is a bit pattern associated with a Uniform Resource Locator (URL) stored within a resource database ; causing an information interface to update a database ; causing a browser to display said InfoBite and perform updates of a display from said database (second user, user device, user device access, user access) ; and if further information is requested , causing said browser to notify said server of said request . |
| US8869249B2 CLAIM 19 . The method of claim 18 , further comprising sending the access code (source data) to the user upon receiving the first user authentication information . |
US6047327A CLAIM 1 . A server comprising : an information interface for creating an InfoBite from received information including summary information and a resource identifier wherein said resource identifier is a bit pattern associated with a Uniform Resource Locator (URL) stored within a resource data (access code) base ; a message interface for coupling said server to a set of clients through a network ; and a first receiver which receives and stores real-time location information of said set of clients , said receiver coupled to said information interface ; wherein said server supports mobility of said set of clients through said receiver . |
| US8869249B2 CLAIM 20 . The method of claim 19 , wherein the access code (source data) is sent to the user via a different communication channel from which the first user authentication information is received . |
US6047327A CLAIM 1 . A server comprising : an information interface for creating an InfoBite from received information including summary information and a resource identifier wherein said resource identifier is a bit pattern associated with a Uniform Resource Locator (URL) stored within a resource data (access code) base ; a message interface for coupling said server to a set of clients through a network ; and a first receiver which receives and stores real-time location information of said set of clients , said receiver coupled to said information interface ; wherein said server supports mobility of said set of clients through said receiver . |
| US8869249B2 Filed: 2002-01-18 Issued: 2014-10-21 Protecting information on a computer system using multiple authentication methods (Original Assignee) PeopleChart Corp (Current Assignee) PeopleChart Corp R. David Holvey, Arthur Douglas Jopling | US5848426A Filed: 1996-02-05 Issued: 1998-12-08 Automatic data translation between different business systems (Original Assignee) Metanetics Corp (Current Assignee) Symbol Technologies LLC Ynjiun P. Wang, John B. Chu |
|---|---|
| US8869249B2 CLAIM 1 . A method comprising : receiving , for a user , first user (different program) authentication information for a first authentication method ; receiving , for the user , second user authentication information for a second authentication method (following steps) , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving , by a computing device , a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US5848426A CLAIM 2 . A method as in claim 1 , additionally comprising the following steps (second authentication method, end storage device) : (e) decoding said 2-D image code to recover said data file ; and (f) utilizing said field identifiers to identify information categories of data elements to link data elements to data fields of said second business system for processing of data elements of said business document by said second business system without manual re-entry of data elements . US5848426A CLAIM 8 . A method as in claim 4 , wherein said first business system is a first application program and said second business system is a different app (first user authentication information) lication program . US5848426A CLAIM 15 . A method as in claim 10 , wherein said first business system is a purchase order generating program and step (e) comprises outputting a purchase order in human readable form with said 2-D image code printed on said purchase order , and said second business system is a different program (first user) including at least one of an order processing program and an invoice generating program . |
| US8869249B2 CLAIM 4 . The method of claim 1 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user (different program) authentication information and the second user authentication information are authenticated . |
US5848426A CLAIM 8 . A method as in claim 4 , wherein said first business system is a first application program and said second business system is a different app (first user authentication information) lication program . US5848426A CLAIM 15 . A method as in claim 10 , wherein said first business system is a purchase order generating program and step (e) comprises outputting a purchase order in human readable form with said 2-D image code printed on said purchase order , and said second business system is a different program (first user) including at least one of an order processing program and an invoice generating program . |
| US8869249B2 CLAIM 8 . The method of claim 7 , further comprising sending the access code to the user upon receiving the first user (different program) authentication information . |
US5848426A CLAIM 8 . A method as in claim 4 , wherein said first business system is a first application program and said second business system is a different app (first user authentication information) lication program . US5848426A CLAIM 15 . A method as in claim 10 , wherein said first business system is a purchase order generating program and step (e) comprises outputting a purchase order in human readable form with said 2-D image code printed on said purchase order , and said second business system is a different program (first user) including at least one of an order processing program and an invoice generating program . |
| US8869249B2 CLAIM 10 . The method of claim 8 , wherein the access code is sent to the user via a different communication channel from which the first user (different program) authentication information is received . |
US5848426A CLAIM 8 . A method as in claim 4 , wherein said first business system is a first application program and said second business system is a different app (first user authentication information) lication program . US5848426A CLAIM 15 . A method as in claim 10 , wherein said first business system is a purchase order generating program and step (e) comprises outputting a purchase order in human readable form with said 2-D image code printed on said purchase order , and said second business system is a different program (first user) including at least one of an order processing program and an invoice generating program . |
| US8869249B2 CLAIM 11 . A non-transitory computer-readable storage medium containing instructions for controlling a computer system to be configured for : receiving , for a user , first user (different program) authentication information for a first authentication method ; receiving , for the user , second user authentication information for a second authentication method (following steps) , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing system , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US5848426A CLAIM 2 . A method as in claim 1 , additionally comprising the following steps (second authentication method, end storage device) : (e) decoding said 2-D image code to recover said data file ; and (f) utilizing said field identifiers to identify information categories of data elements to link data elements to data fields of said second business system for processing of data elements of said business document by said second business system without manual re-entry of data elements . US5848426A CLAIM 8 . A method as in claim 4 , wherein said first business system is a first application program and said second business system is a different app (first user authentication information) lication program . US5848426A CLAIM 15 . A method as in claim 10 , wherein said first business system is a purchase order generating program and step (e) comprises outputting a purchase order in human readable form with said 2-D image code printed on said purchase order , and said second business system is a different program (first user) including at least one of an order processing program and an invoice generating program . |
| US8869249B2 CLAIM 12 . The non-transitory computer-readable storage medium of claim 11 , further configured for : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user (different program) authentication information and the second user authentication information are authenticated . |
US5848426A CLAIM 8 . A method as in claim 4 , wherein said first business system is a first application program and said second business system is a different app (first user authentication information) lication program . US5848426A CLAIM 15 . A method as in claim 10 , wherein said first business system is a purchase order generating program and step (e) comprises outputting a purchase order in human readable form with said 2-D image code printed on said purchase order , and said second business system is a different program (first user) including at least one of an order processing program and an invoice generating program . |
| US8869249B2 CLAIM 14 . The non-transitory computer-readable storage medium of claim 13 , wherein the access code is sent to the user via a different communication channel from which the first user (different program) authentication information is received . |
US5848426A CLAIM 8 . A method as in claim 4 , wherein said first business system is a first application program and said second business system is a different app (first user authentication information) lication program . US5848426A CLAIM 15 . A method as in claim 10 , wherein said first business system is a purchase order generating program and step (e) comprises outputting a purchase order in human readable form with said 2-D image code printed on said purchase order , and said second business system is a different program (first user) including at least one of an order processing program and an invoice generating program . |
| US8869249B2 CLAIM 15 . A method comprising : receiving , for a user , first user (different program) authentication information for a first authentication method ; upon authenticating the first user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device after receiving , for the user , a second user authentication information , wherein the front-end storage device is accessible to a user device for the user via a network and the back-end storage device is not directly connected to the network ; receiving , for the user , second user authentication information for a second authentication method (following steps) , the second authentication method being different from the first authentication method ; upon authenticating the second user authentication information , enabling , by a computing device , user access to the subset of data that has been moved to the front-end storage device via the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US5848426A CLAIM 2 . A method as in claim 1 , additionally comprising the following steps (second authentication method, end storage device) : (e) decoding said 2-D image code to recover said data file ; and (f) utilizing said field identifiers to identify information categories of data elements to link data elements to data fields of said second business system for processing of data elements of said business document by said second business system without manual re-entry of data elements . US5848426A CLAIM 8 . A method as in claim 4 , wherein said first business system is a first application program and said second business system is a different app (first user authentication information) lication program . US5848426A CLAIM 15 . A method as in claim 10 , wherein said first business system is a purchase order generating program and step (e) comprises outputting a purchase order in human readable form with said 2-D image code printed on said purchase order , and said second business system is a different program (first user) including at least one of an order processing program and an invoice generating program . |
| US8869249B2 CLAIM 16 . The method of claim 15 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user (different program) authentication information and the second user authentication information are authenticated . |
US5848426A CLAIM 8 . A method as in claim 4 , wherein said first business system is a first application program and said second business system is a different app (first user authentication information) lication program . US5848426A CLAIM 15 . A method as in claim 10 , wherein said first business system is a purchase order generating program and step (e) comprises outputting a purchase order in human readable form with said 2-D image code printed on said purchase order , and said second business system is a different program (first user) including at least one of an order processing program and an invoice generating program . |
| US8869249B2 CLAIM 19 . The method of claim 18 , further comprising sending the access code to the user upon receiving the first user (different program) authentication information . |
US5848426A CLAIM 8 . A method as in claim 4 , wherein said first business system is a first application program and said second business system is a different app (first user authentication information) lication program . US5848426A CLAIM 15 . A method as in claim 10 , wherein said first business system is a purchase order generating program and step (e) comprises outputting a purchase order in human readable form with said 2-D image code printed on said purchase order , and said second business system is a different program (first user) including at least one of an order processing program and an invoice generating program . |
| US8869249B2 CLAIM 20 . The method of claim 19 , wherein the access code is sent to the user via a different communication channel from which the first user (different program) authentication information is received . |
US5848426A CLAIM 8 . A method as in claim 4 , wherein said first business system is a first application program and said second business system is a different app (first user authentication information) lication program . US5848426A CLAIM 15 . A method as in claim 10 , wherein said first business system is a purchase order generating program and step (e) comprises outputting a purchase order in human readable form with said 2-D image code printed on said purchase order , and said second business system is a different program (first user) including at least one of an order processing program and an invoice generating program . |
| US8869249B2 Filed: 2002-01-18 Issued: 2014-10-21 Protecting information on a computer system using multiple authentication methods (Original Assignee) PeopleChart Corp (Current Assignee) PeopleChart Corp R. David Holvey, Arthur Douglas Jopling | US6041362A Filed: 1995-10-20 Issued: 2000-03-21 Method and system for integrating disparate information technology applications and platforms across an enterprise (Original Assignee) Electronic Data Systems LLC (Current Assignee) Hewlett Packard Enterprise Development LP Randall F. Mears, Brad L. Rucker |
|---|---|
| US8869249B2 CLAIM 1 . A method comprising : receiving , for a user , first user authentication information for a first authentication method ; receiving , for the user , second user authentication information for a second authentication method (following steps) , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving , by a computing device , a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US6041362A CLAIM 14 . A method for connecting a web client to an enterprise network having a plurality of disparate applications and platforms , comprising the following steps (second authentication method, end storage device) performed at an application server : receiving a request generated by the web client for information from the disparate applications and platforms ; and initiating the updating of information stored in a first disparate application in response to information received from a second disparate application . |
| US8869249B2 CLAIM 11 . A non-transitory computer-readable storage medium containing instructions for controlling a computer system to be configured for : receiving , for a user , first user authentication information for a first authentication method ; receiving , for the user , second user authentication information for a second authentication method (following steps) , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing system , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US6041362A CLAIM 14 . A method for connecting a web client to an enterprise network having a plurality of disparate applications and platforms , comprising the following steps (second authentication method, end storage device) performed at an application server : receiving a request generated by the web client for information from the disparate applications and platforms ; and initiating the updating of information stored in a first disparate application in response to information received from a second disparate application . |
| US8869249B2 CLAIM 15 . A method comprising : receiving , for a user , first user authentication information for a first authentication method ; upon authenticating the first user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device after receiving , for the user , a second user authentication information , wherein the front-end storage device is accessible to a user device for the user via a network and the back-end storage device is not directly connected to the network ; receiving , for the user , second user authentication information for a second authentication method (following steps) , the second authentication method being different from the first authentication method ; upon authenticating the second user authentication information , enabling , by a computing device , user access to the subset of data that has been moved to the front-end storage device via the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US6041362A CLAIM 14 . A method for connecting a web client to an enterprise network having a plurality of disparate applications and platforms , comprising the following steps (second authentication method, end storage device) performed at an application server : receiving a request generated by the web client for information from the disparate applications and platforms ; and initiating the updating of information stored in a first disparate application in response to information received from a second disparate application . |
| US8869249B2 Filed: 2002-01-18 Issued: 2014-10-21 Protecting information on a computer system using multiple authentication methods (Original Assignee) PeopleChart Corp (Current Assignee) PeopleChart Corp R. David Holvey, Arthur Douglas Jopling | US5765152A Filed: 1995-10-13 Issued: 1998-06-09 System and method for managing copyrighted electronic media (Original Assignee) Dartmouth College (Current Assignee) Dartmouth College ; Digimarc Corp John S. Erickson |
|---|---|
| US8869249B2 CLAIM 1 . A method comprising : receiving , for a user , first user authentication information for a first authentication method ; receiving , for the user , second user (data head) authentication information (authorization server) for a second authentication (authorization server) method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving , by a computing device , a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US5765152A CLAIM 2 . A system for authorizing access to copyrighted electronic media , comprising an authorization server (second authentication, second user authentication information, second authentication method) connected for data transfer between an internal memory and at least one external data processor , the server having (A) means for determining selected information about the electronic media , the selected information including one or more terms that enable auxiliary uses of the media ; (B) relay means , responsive to a request signal by the data processor , for communicating the selected information to the data processor ; and (C) data comparison means for receiving response signals from the data processor and comparing the selected information with the response signals , the data comparison means generating an acceptance signal when the response signals correspond to at least a part of the selected information , indicating acceptance of one or more terms , and communicating the acceptance signal to the data processor to authorize access to the media in accord with the uses corresponding to the accepted terms . US5765152A CLAIM 7 . A system according to claim 2 , further comprising data head (second user, user access) er means for storing selected header information about the media , the header information being a digital representation of at least one of (i) a unique file format , (ii) a document format revision code , (iii) a creator application type , (iv) a media data type , and (v) a comment field . |
| US8869249B2 CLAIM 3 . The method of claim 1 , wherein the period of time starts upon authenticating the second user (data head) authentication information (authorization server) as long as the second user authentication information is authenticated within a prescheduled period of time . |
US5765152A CLAIM 2 . A system for authorizing access to copyrighted electronic media , comprising an authorization server (second authentication, second user authentication information, second authentication method) connected for data transfer between an internal memory and at least one external data processor , the server having (A) means for determining selected information about the electronic media , the selected information including one or more terms that enable auxiliary uses of the media ; (B) relay means , responsive to a request signal by the data processor , for communicating the selected information to the data processor ; and (C) data comparison means for receiving response signals from the data processor and comparing the selected information with the response signals , the data comparison means generating an acceptance signal when the response signals correspond to at least a part of the selected information , indicating acceptance of one or more terms , and communicating the acceptance signal to the data processor to authorize access to the media in accord with the uses corresponding to the accepted terms . US5765152A CLAIM 7 . A system according to claim 2 , further comprising data head (second user, user access) er means for storing selected header information about the media , the header information being a digital representation of at least one of (i) a unique file format , (ii) a document format revision code , (iii) a creator application type , (iv) a media data type , and (v) a comment field . |
| US8869249B2 CLAIM 4 . The method of claim 1 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user authentication information and the second user (data head) authentication information (authorization server) are authenticated . |
US5765152A CLAIM 2 . A system for authorizing access to copyrighted electronic media , comprising an authorization server (second authentication, second user authentication information, second authentication method) connected for data transfer between an internal memory and at least one external data processor , the server having (A) means for determining selected information about the electronic media , the selected information including one or more terms that enable auxiliary uses of the media ; (B) relay means , responsive to a request signal by the data processor , for communicating the selected information to the data processor ; and (C) data comparison means for receiving response signals from the data processor and comparing the selected information with the response signals , the data comparison means generating an acceptance signal when the response signals correspond to at least a part of the selected information , indicating acceptance of one or more terms , and communicating the acceptance signal to the data processor to authorize access to the media in accord with the uses corresponding to the accepted terms . US5765152A CLAIM 7 . A system according to claim 2 , further comprising data head (second user, user access) er means for storing selected header information about the media , the header information being a digital representation of at least one of (i) a unique file format , (ii) a document format revision code , (iii) a creator application type , (iv) a media data type , and (v) a comment field . |
| US8869249B2 CLAIM 7 . The method of claim 1 , wherein the second user (data head) authentication information (authorization server) comprises an access code . |
US5765152A CLAIM 2 . A system for authorizing access to copyrighted electronic media , comprising an authorization server (second authentication, second user authentication information, second authentication method) connected for data transfer between an internal memory and at least one external data processor , the server having (A) means for determining selected information about the electronic media , the selected information including one or more terms that enable auxiliary uses of the media ; (B) relay means , responsive to a request signal by the data processor , for communicating the selected information to the data processor ; and (C) data comparison means for receiving response signals from the data processor and comparing the selected information with the response signals , the data comparison means generating an acceptance signal when the response signals correspond to at least a part of the selected information , indicating acceptance of one or more terms , and communicating the acceptance signal to the data processor to authorize access to the media in accord with the uses corresponding to the accepted terms . US5765152A CLAIM 7 . A system according to claim 2 , further comprising data head (second user, user access) er means for storing selected header information about the media , the header information being a digital representation of at least one of (i) a unique file format , (ii) a document format revision code , (iii) a creator application type , (iv) a media data type , and (v) a comment field . |
| US8869249B2 CLAIM 11 . A non-transitory computer-readable storage medium containing instructions for controlling a computer system to be configured for : receiving , for a user , first user authentication information for a first authentication method ; receiving , for the user , second user (data head) authentication information (authorization server) for a second authentication (authorization server) method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing system , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US5765152A CLAIM 2 . A system for authorizing access to copyrighted electronic media , comprising an authorization server (second authentication, second user authentication information, second authentication method) connected for data transfer between an internal memory and at least one external data processor , the server having (A) means for determining selected information about the electronic media , the selected information including one or more terms that enable auxiliary uses of the media ; (B) relay means , responsive to a request signal by the data processor , for communicating the selected information to the data processor ; and (C) data comparison means for receiving response signals from the data processor and comparing the selected information with the response signals , the data comparison means generating an acceptance signal when the response signals correspond to at least a part of the selected information , indicating acceptance of one or more terms , and communicating the acceptance signal to the data processor to authorize access to the media in accord with the uses corresponding to the accepted terms . US5765152A CLAIM 7 . A system according to claim 2 , further comprising data head (second user, user access) er means for storing selected header information about the media , the header information being a digital representation of at least one of (i) a unique file format , (ii) a document format revision code , (iii) a creator application type , (iv) a media data type , and (v) a comment field . |
| US8869249B2 CLAIM 12 . The non-transitory computer-readable storage medium of claim 11 , further configured for : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user authentication information and the second user (data head) authentication information (authorization server) are authenticated . |
US5765152A CLAIM 2 . A system for authorizing access to copyrighted electronic media , comprising an authorization server (second authentication, second user authentication information, second authentication method) connected for data transfer between an internal memory and at least one external data processor , the server having (A) means for determining selected information about the electronic media , the selected information including one or more terms that enable auxiliary uses of the media ; (B) relay means , responsive to a request signal by the data processor , for communicating the selected information to the data processor ; and (C) data comparison means for receiving response signals from the data processor and comparing the selected information with the response signals , the data comparison means generating an acceptance signal when the response signals correspond to at least a part of the selected information , indicating acceptance of one or more terms , and communicating the acceptance signal to the data processor to authorize access to the media in accord with the uses corresponding to the accepted terms . US5765152A CLAIM 7 . A system according to claim 2 , further comprising data head (second user, user access) er means for storing selected header information about the media , the header information being a digital representation of at least one of (i) a unique file format , (ii) a document format revision code , (iii) a creator application type , (iv) a media data type , and (v) a comment field . |
| US8869249B2 CLAIM 13 . The non-transitory computer-readable storage medium of claim 11 , wherein the second user (data head) authentication information (authorization server) comprises an access code . |
US5765152A CLAIM 2 . A system for authorizing access to copyrighted electronic media , comprising an authorization server (second authentication, second user authentication information, second authentication method) connected for data transfer between an internal memory and at least one external data processor , the server having (A) means for determining selected information about the electronic media , the selected information including one or more terms that enable auxiliary uses of the media ; (B) relay means , responsive to a request signal by the data processor , for communicating the selected information to the data processor ; and (C) data comparison means for receiving response signals from the data processor and comparing the selected information with the response signals , the data comparison means generating an acceptance signal when the response signals correspond to at least a part of the selected information , indicating acceptance of one or more terms , and communicating the acceptance signal to the data processor to authorize access to the media in accord with the uses corresponding to the accepted terms . US5765152A CLAIM 7 . A system according to claim 2 , further comprising data head (second user, user access) er means for storing selected header information about the media , the header information being a digital representation of at least one of (i) a unique file format , (ii) a document format revision code , (iii) a creator application type , (iv) a media data type , and (v) a comment field . |
| US8869249B2 CLAIM 15 . A method comprising : receiving , for a user , first user authentication information for a first authentication method ; upon authenticating the first user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device after receiving , for the user , a second user (data head) authentication information (authorization server) , wherein the front-end storage device is accessible to a user device for the user via a network and the back-end storage device is not directly connected to the network ; receiving , for the user , second user authentication information for a second authentication (authorization server) method , the second authentication method being different from the first authentication method ; upon authenticating the second user authentication information , enabling , by a computing device , user access (data head) to the subset of data that has been moved to the front-end storage device via the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US5765152A CLAIM 2 . A system for authorizing access to copyrighted electronic media , comprising an authorization server (second authentication, second user authentication information, second authentication method) connected for data transfer between an internal memory and at least one external data processor , the server having (A) means for determining selected information about the electronic media , the selected information including one or more terms that enable auxiliary uses of the media ; (B) relay means , responsive to a request signal by the data processor , for communicating the selected information to the data processor ; and (C) data comparison means for receiving response signals from the data processor and comparing the selected information with the response signals , the data comparison means generating an acceptance signal when the response signals correspond to at least a part of the selected information , indicating acceptance of one or more terms , and communicating the acceptance signal to the data processor to authorize access to the media in accord with the uses corresponding to the accepted terms . US5765152A CLAIM 7 . A system according to claim 2 , further comprising data head (second user, user access) er means for storing selected header information about the media , the header information being a digital representation of at least one of (i) a unique file format , (ii) a document format revision code , (iii) a creator application type , (iv) a media data type , and (v) a comment field . |
| US8869249B2 CLAIM 16 . The method of claim 15 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user authentication information and the second user (data head) authentication information (authorization server) are authenticated . |
US5765152A CLAIM 2 . A system for authorizing access to copyrighted electronic media , comprising an authorization server (second authentication, second user authentication information, second authentication method) connected for data transfer between an internal memory and at least one external data processor , the server having (A) means for determining selected information about the electronic media , the selected information including one or more terms that enable auxiliary uses of the media ; (B) relay means , responsive to a request signal by the data processor , for communicating the selected information to the data processor ; and (C) data comparison means for receiving response signals from the data processor and comparing the selected information with the response signals , the data comparison means generating an acceptance signal when the response signals correspond to at least a part of the selected information , indicating acceptance of one or more terms , and communicating the acceptance signal to the data processor to authorize access to the media in accord with the uses corresponding to the accepted terms . US5765152A CLAIM 7 . A system according to claim 2 , further comprising data head (second user, user access) er means for storing selected header information about the media , the header information being a digital representation of at least one of (i) a unique file format , (ii) a document format revision code , (iii) a creator application type , (iv) a media data type , and (v) a comment field . |
| US8869249B2 CLAIM 18 . The method of claim 15 , wherein the second user (data head) authentication information (authorization server) comprises an access code . |
US5765152A CLAIM 2 . A system for authorizing access to copyrighted electronic media , comprising an authorization server (second authentication, second user authentication information, second authentication method) connected for data transfer between an internal memory and at least one external data processor , the server having (A) means for determining selected information about the electronic media , the selected information including one or more terms that enable auxiliary uses of the media ; (B) relay means , responsive to a request signal by the data processor , for communicating the selected information to the data processor ; and (C) data comparison means for receiving response signals from the data processor and comparing the selected information with the response signals , the data comparison means generating an acceptance signal when the response signals correspond to at least a part of the selected information , indicating acceptance of one or more terms , and communicating the acceptance signal to the data processor to authorize access to the media in accord with the uses corresponding to the accepted terms . US5765152A CLAIM 7 . A system according to claim 2 , further comprising data head (second user, user access) er means for storing selected header information about the media , the header information being a digital representation of at least one of (i) a unique file format , (ii) a document format revision code , (iii) a creator application type , (iv) a media data type , and (v) a comment field . |
| US8869249B2 Filed: 2002-01-18 Issued: 2014-10-21 Protecting information on a computer system using multiple authentication methods (Original Assignee) PeopleChart Corp (Current Assignee) PeopleChart Corp R. David Holvey, Arthur Douglas Jopling | US5767853A Filed: 1995-09-21 Issued: 1998-06-16 Computer operating method and computer operated thereby (Original Assignee) Hitachi Ltd (Current Assignee) Hitachi Ltd Kenichi Yoshida, Hiroshi Motoda |
|---|---|
| US8869249B2 CLAIM 7 . The method of claim 1 , wherein the second user authentication information comprises an access code (control program) . |
US5767853A CLAIM 39 . A computer according to claim 35 , further comprising : a control program (access code) for automatically identifying , based on said history information and in response to a data file selected by said input device , at least a subset of said plurality of application programs for processing said data file , said display automatically activating icons on said display screen corresponding to the application programs in said subset . |
| US8869249B2 CLAIM 8 . The method of claim 7 , further comprising sending the access code (control program) to the user upon receiving the first user authentication information . |
US5767853A CLAIM 39 . A computer according to claim 35 , further comprising : a control program (access code) for automatically identifying , based on said history information and in response to a data file selected by said input device , at least a subset of said plurality of application programs for processing said data file , said display automatically activating icons on said display screen corresponding to the application programs in said subset . |
| US8869249B2 CLAIM 9 . The method of claim 8 , wherein the access code (control program) is sent to the user via a communication path (data paths) that has been previously established . |
US5767853A CLAIM 13 . A method according to claim 4 , wherein the relationships defined by said history information include information defining data paths (communication path) connecting inputs and outputs of said plurality of application programs . US5767853A CLAIM 39 . A computer according to claim 35 , further comprising : a control program (access code) for automatically identifying , based on said history information and in response to a data file selected by said input device , at least a subset of said plurality of application programs for processing said data file , said display automatically activating icons on said display screen corresponding to the application programs in said subset . |
| US8869249B2 CLAIM 10 . The method of claim 8 , wherein the access code (control program) is sent to the user via a different communication channel from which the first user authentication information is received . |
US5767853A CLAIM 39 . A computer according to claim 35 , further comprising : a control program (access code) for automatically identifying , based on said history information and in response to a data file selected by said input device , at least a subset of said plurality of application programs for processing said data file , said display automatically activating icons on said display screen corresponding to the application programs in said subset . |
| US8869249B2 CLAIM 13 . The non-transitory computer-readable storage medium of claim 11 , wherein the second user authentication information comprises an access code (control program) . |
US5767853A CLAIM 39 . A computer according to claim 35 , further comprising : a control program (access code) for automatically identifying , based on said history information and in response to a data file selected by said input device , at least a subset of said plurality of application programs for processing said data file , said display automatically activating icons on said display screen corresponding to the application programs in said subset . |
| US8869249B2 CLAIM 14 . The non-transitory computer-readable storage medium of claim 13 , wherein the access code (control program) is sent to the user via a different communication channel from which the first user authentication information is received . |
US5767853A CLAIM 39 . A computer according to claim 35 , further comprising : a control program (access code) for automatically identifying , based on said history information and in response to a data file selected by said input device , at least a subset of said plurality of application programs for processing said data file , said display automatically activating icons on said display screen corresponding to the application programs in said subset . |
| US8869249B2 CLAIM 18 . The method of claim 15 , wherein the second user authentication information comprises an access code (control program) . |
US5767853A CLAIM 39 . A computer according to claim 35 , further comprising : a control program (access code) for automatically identifying , based on said history information and in response to a data file selected by said input device , at least a subset of said plurality of application programs for processing said data file , said display automatically activating icons on said display screen corresponding to the application programs in said subset . |
| US8869249B2 CLAIM 19 . The method of claim 18 , further comprising sending the access code (control program) to the user upon receiving the first user authentication information . |
US5767853A CLAIM 39 . A computer according to claim 35 , further comprising : a control program (access code) for automatically identifying , based on said history information and in response to a data file selected by said input device , at least a subset of said plurality of application programs for processing said data file , said display automatically activating icons on said display screen corresponding to the application programs in said subset . |
| US8869249B2 CLAIM 20 . The method of claim 19 , wherein the access code (control program) is sent to the user via a different communication channel from which the first user authentication information is received . |
US5767853A CLAIM 39 . A computer according to claim 35 , further comprising : a control program (access code) for automatically identifying , based on said history information and in response to a data file selected by said input device , at least a subset of said plurality of application programs for processing said data file , said display automatically activating icons on said display screen corresponding to the application programs in said subset . |
| US8869249B2 Filed: 2002-01-18 Issued: 2014-10-21 Protecting information on a computer system using multiple authentication methods (Original Assignee) PeopleChart Corp (Current Assignee) PeopleChart Corp R. David Holvey, Arthur Douglas Jopling | US5899998A Filed: 1995-08-31 Issued: 1999-05-04 Method and system for maintaining and updating computerized medical records (Original Assignee) Medcard Systems Inc (Current Assignee) Medcard Systems Inc James L. McGauley, Christopher Krumme |
|---|---|
| US8869249B2 CLAIM 11 . A non-transitory computer-readable storage medium containing instructions for controlling a computer system (computer system) to be configured for : receiving , for a user , first user authentication information for a first authentication method ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing system , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US5899998A CLAIM 1 . A computer system (computer system) for maintaining the currency of data in distributed databases , comprising : a data communication network ; a plurality of physically separate databases , each of said databases including means for communicating with said data communication network , said databases collectively defining said distributed databases ; a processor having interface for supplying an input instruction to modify the contents of the distributed databases ; said processor being coupled to said data communication network ; said processor being operable to generate an update object in response to said instruction and to place said update object in said data communication network ; said update object having a self-contained processing tag for causing said update object to be intelligently routed along said data communication network to at least one of said plurality of databases and for causing said one of said plurality of databases to automatically modify its contents in accordance with said input instruction ; said update object further having an object-oriented data structure that defines independently created field objects and record objects , said field objects and said field objects each having stored attributes that record information about processes performed on those objects ; said data structure encapsulating data for storing information independent of said distributed databases , said data structure defining a nested , hierarchial relationship such that said field objects are encapsulated within said record objects and wherein said record objects encapsulated within said update object ; said update object thereby being configured to automatically store data and to automatically store in said attributes an historic record of processes performed on said data as said update object is routed anywhere throughout said communication network . |
| US8869249B2 Filed: 2002-01-18 Issued: 2014-10-21 Protecting information on a computer system using multiple authentication methods (Original Assignee) PeopleChart Corp (Current Assignee) PeopleChart Corp R. David Holvey, Arthur Douglas Jopling | US5634053A Filed: 1995-08-29 Issued: 1997-05-27 Federated information management (FIM) system and method for providing data site filtering and translation for heterogeneous databases (Original Assignee) Hughes Aircraft Co (Current Assignee) Raytheon Co William B. Noble, Bhadra K. Patel, Jenny K. Wang |
|---|---|
| US8869249B2 CLAIM 1 . A method comprising : receiving , for a user , first user authentication information for a first authentication method ; receiving , for the user , second user (central location, said database) authentication information for a second authentication method (requesting user) , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving , by a computing device , a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device (central location, said database) for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US5634053A CLAIM 1 . A database controller for integrating data from a plurality of interconnected local databases to provide users with access to a virtual database , comprising : a user interface for generating a global query to search said virtual data base , which has an associated global format , said global query including at least one data field from a set of commonly used data fields whose values are represented in an input format ; a smart data dictionary (SDD) that contains configuration data for each of said local databases including respective local formats for each of said commonly used data fields ; a selector for selecting the input format for generating the global query from one of said global and local formats ; an input translator that converts the value of said data field in said global query into local values in the respective local formats ; a data information manager (DIM) that generates local queries including said local values for said data field in response to said global query and in accordance with the respective configuration data ; a plurality of local information managers (LIMs) that execute the local queries to search for and retrieve from the respective local databases data that is associated with the local values of said data field , said LIMs passing the data back to the DIM where it is combined to present the requesting user (second authentication method) with an integrated response ; and an output translator that converts the data passed back from said LIMs from their respective local formats into said input format so that the data can be combined to present the user with the integrated response . US5634053A CLAIM 8 . In a computer data network having a plurality of interconnected local databases with a plurality of users each capable of generating a global query for accessing and retrieving data from said database (user device, user device access, second user, user access) s in accord with a single query protocol , said global query including at least one data field from a set of commonly used data fields , a database controller for directing the transmission of the user generated global query to individual ones of the local databases and for receiving and integrating the requested data received from the databases into a single response and for transmitting the integrated single response to the requesting user , said database controller comprising : a central database comprising : a smart data dictionary (SDD) containing a database of data representing schema , data distribution , local site configuration and inter-site relationships of data among the local databases in the network for each database in the network that together define a single global schema for accessing a virtual database ; a filter that enumerates the local databases having data responsive to the global query in accord with said data field and the data contained in the SDD ; an input translator that converts the data field in the global query into local data fields compatible with the enumerated local databases in accord with the local site configuration in the SDD ; and a data information manager (DIM) communicating both with said SDD to retrieve data therefrom , and with said user to receive said global query therefrom and to transmit responsive data thereto , for decomposing the global data query into a local-site execution plan that includes said local data fields for retrieval of data from the enumerated local databases , and for transmitting that portion of said local-site execution plan to be executed to the appropriate database for execution , and receiving data therefrom responsive to said local-site execution plan and said local data field ; a plurality of local information managers (LIMs) , each communicating with said DIM and said SDD , for controlling data flow to and from a specified database in the network in response to that portion of said local-site execution plan received from said DIM and for transmitting retrieved data responsive to that portion of said local-site execution plan to said DIM , each of said LIMs further adapted for generating , in accord with the data contained in said SDD , a data retrieval request for execution by another LIM and for receiving data therefrom in response thereto , in order to complete that portion of said local-site execution plan received by it for execution ; and an output translator in said central database that converts the data received from each of the LIMs in accord with its local site configuration to a single site configuration , said DIM combining said data into an integrated single response and transmitting it back to the requesting user . US5634053A CLAIM 14 . A method for integrating data for a plurality of interconnected local databases to provide users with access to a virtual database , comprising : a) providing meta-data information for each of a plurality of local databases and a virtual database in a central location (user device, user device access, second user, user access) , said meta-data information including respective local and global formats for each data field in a set of commonly used data fields ; b) generating a global query to search said virtual database , said global query including at least one data field from said set of commonly used data fields whose values are represented in an i/o format ; c) filtering said global query to enumerate those local databases that contain data related to said date field in accord with the meta-data information ; d) translating the value of said date field in said global query into local values in the respective local formats in accord with the meta-data information for the enumerated local databases ; e) generating local queries for the enumerated local databases that include the respective local values in accordance with the meta-data information ; f) passing the local queries to the respective local databases ; g) executing the local queries to search for and retrieve from the local databases data that is associated with the local values of said data field ; h) translating the data retrieved from the local databases from their respective local formats into said i/o format ; and i) integrating said data to present the requesting user with an integrated response . |
| US8869249B2 CLAIM 3 . The method of claim 1 , wherein the period of time starts upon authenticating the second user (central location, said database) authentication information as long as the second user authentication information is authenticated within a prescheduled period of time . |
US5634053A CLAIM 8 . In a computer data network having a plurality of interconnected local databases with a plurality of users each capable of generating a global query for accessing and retrieving data from said database (user device, user device access, second user, user access) s in accord with a single query protocol , said global query including at least one data field from a set of commonly used data fields , a database controller for directing the transmission of the user generated global query to individual ones of the local databases and for receiving and integrating the requested data received from the databases into a single response and for transmitting the integrated single response to the requesting user , said database controller comprising : a central database comprising : a smart data dictionary (SDD) containing a database of data representing schema , data distribution , local site configuration and inter-site relationships of data among the local databases in the network for each database in the network that together define a single global schema for accessing a virtual database ; a filter that enumerates the local databases having data responsive to the global query in accord with said data field and the data contained in the SDD ; an input translator that converts the data field in the global query into local data fields compatible with the enumerated local databases in accord with the local site configuration in the SDD ; and a data information manager (DIM) communicating both with said SDD to retrieve data therefrom , and with said user to receive said global query therefrom and to transmit responsive data thereto , for decomposing the global data query into a local-site execution plan that includes said local data fields for retrieval of data from the enumerated local databases , and for transmitting that portion of said local-site execution plan to be executed to the appropriate database for execution , and receiving data therefrom responsive to said local-site execution plan and said local data field ; a plurality of local information managers (LIMs) , each communicating with said DIM and said SDD , for controlling data flow to and from a specified database in the network in response to that portion of said local-site execution plan received from said DIM and for transmitting retrieved data responsive to that portion of said local-site execution plan to said DIM , each of said LIMs further adapted for generating , in accord with the data contained in said SDD , a data retrieval request for execution by another LIM and for receiving data therefrom in response thereto , in order to complete that portion of said local-site execution plan received by it for execution ; and an output translator in said central database that converts the data received from each of the LIMs in accord with its local site configuration to a single site configuration , said DIM combining said data into an integrated single response and transmitting it back to the requesting user . US5634053A CLAIM 14 . A method for integrating data for a plurality of interconnected local databases to provide users with access to a virtual database , comprising : a) providing meta-data information for each of a plurality of local databases and a virtual database in a central location (user device, user device access, second user, user access) , said meta-data information including respective local and global formats for each data field in a set of commonly used data fields ; b) generating a global query to search said virtual database , said global query including at least one data field from said set of commonly used data fields whose values are represented in an i/o format ; c) filtering said global query to enumerate those local databases that contain data related to said date field in accord with the meta-data information ; d) translating the value of said date field in said global query into local values in the respective local formats in accord with the meta-data information for the enumerated local databases ; e) generating local queries for the enumerated local databases that include the respective local values in accordance with the meta-data information ; f) passing the local queries to the respective local databases ; g) executing the local queries to search for and retrieve from the local databases data that is associated with the local values of said data field ; h) translating the data retrieved from the local databases from their respective local formats into said i/o format ; and i) integrating said data to present the requesting user with an integrated response . |
| US8869249B2 CLAIM 4 . The method of claim 1 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user authentication information and the second user (central location, said database) authentication information are authenticated . |
US5634053A CLAIM 8 . In a computer data network having a plurality of interconnected local databases with a plurality of users each capable of generating a global query for accessing and retrieving data from said database (user device, user device access, second user, user access) s in accord with a single query protocol , said global query including at least one data field from a set of commonly used data fields , a database controller for directing the transmission of the user generated global query to individual ones of the local databases and for receiving and integrating the requested data received from the databases into a single response and for transmitting the integrated single response to the requesting user , said database controller comprising : a central database comprising : a smart data dictionary (SDD) containing a database of data representing schema , data distribution , local site configuration and inter-site relationships of data among the local databases in the network for each database in the network that together define a single global schema for accessing a virtual database ; a filter that enumerates the local databases having data responsive to the global query in accord with said data field and the data contained in the SDD ; an input translator that converts the data field in the global query into local data fields compatible with the enumerated local databases in accord with the local site configuration in the SDD ; and a data information manager (DIM) communicating both with said SDD to retrieve data therefrom , and with said user to receive said global query therefrom and to transmit responsive data thereto , for decomposing the global data query into a local-site execution plan that includes said local data fields for retrieval of data from the enumerated local databases , and for transmitting that portion of said local-site execution plan to be executed to the appropriate database for execution , and receiving data therefrom responsive to said local-site execution plan and said local data field ; a plurality of local information managers (LIMs) , each communicating with said DIM and said SDD , for controlling data flow to and from a specified database in the network in response to that portion of said local-site execution plan received from said DIM and for transmitting retrieved data responsive to that portion of said local-site execution plan to said DIM , each of said LIMs further adapted for generating , in accord with the data contained in said SDD , a data retrieval request for execution by another LIM and for receiving data therefrom in response thereto , in order to complete that portion of said local-site execution plan received by it for execution ; and an output translator in said central database that converts the data received from each of the LIMs in accord with its local site configuration to a single site configuration , said DIM combining said data into an integrated single response and transmitting it back to the requesting user . US5634053A CLAIM 14 . A method for integrating data for a plurality of interconnected local databases to provide users with access to a virtual database , comprising : a) providing meta-data information for each of a plurality of local databases and a virtual database in a central location (user device, user device access, second user, user access) , said meta-data information including respective local and global formats for each data field in a set of commonly used data fields ; b) generating a global query to search said virtual database , said global query including at least one data field from said set of commonly used data fields whose values are represented in an i/o format ; c) filtering said global query to enumerate those local databases that contain data related to said date field in accord with the meta-data information ; d) translating the value of said date field in said global query into local values in the respective local formats in accord with the meta-data information for the enumerated local databases ; e) generating local queries for the enumerated local databases that include the respective local values in accordance with the meta-data information ; f) passing the local queries to the respective local databases ; g) executing the local queries to search for and retrieve from the local databases data that is associated with the local values of said data field ; h) translating the data retrieved from the local databases from their respective local formats into said i/o format ; and i) integrating said data to present the requesting user with an integrated response . |
| US8869249B2 CLAIM 7 . The method of claim 1 , wherein the second user (central location, said database) authentication information comprises an access code . |
US5634053A CLAIM 8 . In a computer data network having a plurality of interconnected local databases with a plurality of users each capable of generating a global query for accessing and retrieving data from said database (user device, user device access, second user, user access) s in accord with a single query protocol , said global query including at least one data field from a set of commonly used data fields , a database controller for directing the transmission of the user generated global query to individual ones of the local databases and for receiving and integrating the requested data received from the databases into a single response and for transmitting the integrated single response to the requesting user , said database controller comprising : a central database comprising : a smart data dictionary (SDD) containing a database of data representing schema , data distribution , local site configuration and inter-site relationships of data among the local databases in the network for each database in the network that together define a single global schema for accessing a virtual database ; a filter that enumerates the local databases having data responsive to the global query in accord with said data field and the data contained in the SDD ; an input translator that converts the data field in the global query into local data fields compatible with the enumerated local databases in accord with the local site configuration in the SDD ; and a data information manager (DIM) communicating both with said SDD to retrieve data therefrom , and with said user to receive said global query therefrom and to transmit responsive data thereto , for decomposing the global data query into a local-site execution plan that includes said local data fields for retrieval of data from the enumerated local databases , and for transmitting that portion of said local-site execution plan to be executed to the appropriate database for execution , and receiving data therefrom responsive to said local-site execution plan and said local data field ; a plurality of local information managers (LIMs) , each communicating with said DIM and said SDD , for controlling data flow to and from a specified database in the network in response to that portion of said local-site execution plan received from said DIM and for transmitting retrieved data responsive to that portion of said local-site execution plan to said DIM , each of said LIMs further adapted for generating , in accord with the data contained in said SDD , a data retrieval request for execution by another LIM and for receiving data therefrom in response thereto , in order to complete that portion of said local-site execution plan received by it for execution ; and an output translator in said central database that converts the data received from each of the LIMs in accord with its local site configuration to a single site configuration , said DIM combining said data into an integrated single response and transmitting it back to the requesting user . US5634053A CLAIM 14 . A method for integrating data for a plurality of interconnected local databases to provide users with access to a virtual database , comprising : a) providing meta-data information for each of a plurality of local databases and a virtual database in a central location (user device, user device access, second user, user access) , said meta-data information including respective local and global formats for each data field in a set of commonly used data fields ; b) generating a global query to search said virtual database , said global query including at least one data field from said set of commonly used data fields whose values are represented in an i/o format ; c) filtering said global query to enumerate those local databases that contain data related to said date field in accord with the meta-data information ; d) translating the value of said date field in said global query into local values in the respective local formats in accord with the meta-data information for the enumerated local databases ; e) generating local queries for the enumerated local databases that include the respective local values in accordance with the meta-data information ; f) passing the local queries to the respective local databases ; g) executing the local queries to search for and retrieve from the local databases data that is associated with the local values of said data field ; h) translating the data retrieved from the local databases from their respective local formats into said i/o format ; and i) integrating said data to present the requesting user with an integrated response . |
| US8869249B2 CLAIM 11 . A non-transitory computer-readable storage medium containing instructions for controlling a computer system to be configured for : receiving , for a user , first user authentication information for a first authentication method ; receiving , for the user , second user (central location, said database) authentication information for a second authentication method (requesting user) , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device (central location, said database) for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing system , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US5634053A CLAIM 1 . A database controller for integrating data from a plurality of interconnected local databases to provide users with access to a virtual database , comprising : a user interface for generating a global query to search said virtual data base , which has an associated global format , said global query including at least one data field from a set of commonly used data fields whose values are represented in an input format ; a smart data dictionary (SDD) that contains configuration data for each of said local databases including respective local formats for each of said commonly used data fields ; a selector for selecting the input format for generating the global query from one of said global and local formats ; an input translator that converts the value of said data field in said global query into local values in the respective local formats ; a data information manager (DIM) that generates local queries including said local values for said data field in response to said global query and in accordance with the respective configuration data ; a plurality of local information managers (LIMs) that execute the local queries to search for and retrieve from the respective local databases data that is associated with the local values of said data field , said LIMs passing the data back to the DIM where it is combined to present the requesting user (second authentication method) with an integrated response ; and an output translator that converts the data passed back from said LIMs from their respective local formats into said input format so that the data can be combined to present the user with the integrated response . US5634053A CLAIM 8 . In a computer data network having a plurality of interconnected local databases with a plurality of users each capable of generating a global query for accessing and retrieving data from said database (user device, user device access, second user, user access) s in accord with a single query protocol , said global query including at least one data field from a set of commonly used data fields , a database controller for directing the transmission of the user generated global query to individual ones of the local databases and for receiving and integrating the requested data received from the databases into a single response and for transmitting the integrated single response to the requesting user , said database controller comprising : a central database comprising : a smart data dictionary (SDD) containing a database of data representing schema , data distribution , local site configuration and inter-site relationships of data among the local databases in the network for each database in the network that together define a single global schema for accessing a virtual database ; a filter that enumerates the local databases having data responsive to the global query in accord with said data field and the data contained in the SDD ; an input translator that converts the data field in the global query into local data fields compatible with the enumerated local databases in accord with the local site configuration in the SDD ; and a data information manager (DIM) communicating both with said SDD to retrieve data therefrom , and with said user to receive said global query therefrom and to transmit responsive data thereto , for decomposing the global data query into a local-site execution plan that includes said local data fields for retrieval of data from the enumerated local databases , and for transmitting that portion of said local-site execution plan to be executed to the appropriate database for execution , and receiving data therefrom responsive to said local-site execution plan and said local data field ; a plurality of local information managers (LIMs) , each communicating with said DIM and said SDD , for controlling data flow to and from a specified database in the network in response to that portion of said local-site execution plan received from said DIM and for transmitting retrieved data responsive to that portion of said local-site execution plan to said DIM , each of said LIMs further adapted for generating , in accord with the data contained in said SDD , a data retrieval request for execution by another LIM and for receiving data therefrom in response thereto , in order to complete that portion of said local-site execution plan received by it for execution ; and an output translator in said central database that converts the data received from each of the LIMs in accord with its local site configuration to a single site configuration , said DIM combining said data into an integrated single response and transmitting it back to the requesting user . US5634053A CLAIM 14 . A method for integrating data for a plurality of interconnected local databases to provide users with access to a virtual database , comprising : a) providing meta-data information for each of a plurality of local databases and a virtual database in a central location (user device, user device access, second user, user access) , said meta-data information including respective local and global formats for each data field in a set of commonly used data fields ; b) generating a global query to search said virtual database , said global query including at least one data field from said set of commonly used data fields whose values are represented in an i/o format ; c) filtering said global query to enumerate those local databases that contain data related to said date field in accord with the meta-data information ; d) translating the value of said date field in said global query into local values in the respective local formats in accord with the meta-data information for the enumerated local databases ; e) generating local queries for the enumerated local databases that include the respective local values in accordance with the meta-data information ; f) passing the local queries to the respective local databases ; g) executing the local queries to search for and retrieve from the local databases data that is associated with the local values of said data field ; h) translating the data retrieved from the local databases from their respective local formats into said i/o format ; and i) integrating said data to present the requesting user with an integrated response . |
| US8869249B2 CLAIM 12 . The non-transitory computer-readable storage medium of claim 11 , further configured for : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user authentication information and the second user (central location, said database) authentication information are authenticated . |
US5634053A CLAIM 14 . A method for integrating data for a plurality of interconnected local databases to provide users with access to a virtual database , comprising : a) providing meta-data information for each of a plurality of local databases and a virtual database in a central location (user device, user device access, second user, user access) , said meta-data information including respective local and global formats for each data field in a set of commonly used data fields ; b) generating a global query to search said virtual database , said global query including at least one data field from said set of commonly used data fields whose values are represented in an i/o format ; c) filtering said global query to enumerate those local databases that contain data related to said date field in accord with the meta-data information ; d) translating the value of said date field in said global query into local values in the respective local formats in accord with the meta-data information for the enumerated local databases ; e) generating local queries for the enumerated local databases that include the respective local values in accordance with the meta-data information ; f) passing the local queries to the respective local databases ; g) executing the local queries to search for and retrieve from the local databases data that is associated with the local values of said data field ; h) translating the data retrieved from the local databases from their respective local formats into said i/o format ; and i) integrating said data to present the requesting user with an integrated response . |
| US8869249B2 CLAIM 13 . The non-transitory computer-readable storage medium of claim 11 , wherein the second user (central location, said database) authentication information comprises an access code . |
US5634053A CLAIM 14 . A method for integrating data for a plurality of interconnected local databases to provide users with access to a virtual database , comprising : a) providing meta-data information for each of a plurality of local databases and a virtual database in a central location (user device, user device access, second user, user access) , said meta-data information including respective local and global formats for each data field in a set of commonly used data fields ; b) generating a global query to search said virtual database , said global query including at least one data field from said set of commonly used data fields whose values are represented in an i/o format ; c) filtering said global query to enumerate those local databases that contain data related to said date field in accord with the meta-data information ; d) translating the value of said date field in said global query into local values in the respective local formats in accord with the meta-data information for the enumerated local databases ; e) generating local queries for the enumerated local databases that include the respective local values in accordance with the meta-data information ; f) passing the local queries to the respective local databases ; g) executing the local queries to search for and retrieve from the local databases data that is associated with the local values of said data field ; h) translating the data retrieved from the local databases from their respective local formats into said i/o format ; and i) integrating said data to present the requesting user with an integrated response . |
| US8869249B2 CLAIM 15 . A method comprising : receiving , for a user , first user authentication information for a first authentication method ; upon authenticating the first user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device after receiving , for the user , a second user (central location, said database) authentication information , wherein the front-end storage device is accessible to a user device (central location, said database) for the user via a network and the back-end storage device is not directly connected to the network ; receiving , for the user , second user authentication information for a second authentication method (requesting user) , the second authentication method being different from the first authentication method ; upon authenticating the second user authentication information , enabling , by a computing device , user access (central location, said database) to the subset of data that has been moved to the front-end storage device via the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US5634053A CLAIM 1 . A database controller for integrating data from a plurality of interconnected local databases to provide users with access to a virtual database , comprising : a user interface for generating a global query to search said virtual data base , which has an associated global format , said global query including at least one data field from a set of commonly used data fields whose values are represented in an input format ; a smart data dictionary (SDD) that contains configuration data for each of said local databases including respective local formats for each of said commonly used data fields ; a selector for selecting the input format for generating the global query from one of said global and local formats ; an input translator that converts the value of said data field in said global query into local values in the respective local formats ; a data information manager (DIM) that generates local queries including said local values for said data field in response to said global query and in accordance with the respective configuration data ; a plurality of local information managers (LIMs) that execute the local queries to search for and retrieve from the respective local databases data that is associated with the local values of said data field , said LIMs passing the data back to the DIM where it is combined to present the requesting user (second authentication method) with an integrated response ; and an output translator that converts the data passed back from said LIMs from their respective local formats into said input format so that the data can be combined to present the user with the integrated response . US5634053A CLAIM 14 . A method for integrating data for a plurality of interconnected local databases to provide users with access to a virtual database , comprising : a) providing meta-data information for each of a plurality of local databases and a virtual database in a central location (user device, user device access, second user, user access) , said meta-data information including respective local and global formats for each data field in a set of commonly used data fields ; b) generating a global query to search said virtual database , said global query including at least one data field from said set of commonly used data fields whose values are represented in an i/o format ; c) filtering said global query to enumerate those local databases that contain data related to said date field in accord with the meta-data information ; d) translating the value of said date field in said global query into local values in the respective local formats in accord with the meta-data information for the enumerated local databases ; e) generating local queries for the enumerated local databases that include the respective local values in accordance with the meta-data information ; f) passing the local queries to the respective local databases ; g) executing the local queries to search for and retrieve from the local databases data that is associated with the local values of said data field ; h) translating the data retrieved from the local databases from their respective local formats into said i/o format ; and i) integrating said data to present the requesting user with an integrated response . |
| US8869249B2 CLAIM 16 . The method of claim 15 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user authentication information and the second user (central location, said database) authentication information are authenticated . |
US5634053A CLAIM 14 . A method for integrating data for a plurality of interconnected local databases to provide users with access to a virtual database , comprising : a) providing meta-data information for each of a plurality of local databases and a virtual database in a central location (user device, user device access, second user, user access) , said meta-data information including respective local and global formats for each data field in a set of commonly used data fields ; b) generating a global query to search said virtual database , said global query including at least one data field from said set of commonly used data fields whose values are represented in an i/o format ; c) filtering said global query to enumerate those local databases that contain data related to said date field in accord with the meta-data information ; d) translating the value of said date field in said global query into local values in the respective local formats in accord with the meta-data information for the enumerated local databases ; e) generating local queries for the enumerated local databases that include the respective local values in accordance with the meta-data information ; f) passing the local queries to the respective local databases ; g) executing the local queries to search for and retrieve from the local databases data that is associated with the local values of said data field ; h) translating the data retrieved from the local databases from their respective local formats into said i/o format ; and i) integrating said data to present the requesting user with an integrated response . |
| US8869249B2 CLAIM 18 . The method of claim 15 , wherein the second user (central location, said database) authentication information comprises an access code . |
US5634053A CLAIM 14 . A method for integrating data for a plurality of interconnected local databases to provide users with access to a virtual database , comprising : a) providing meta-data information for each of a plurality of local databases and a virtual database in a central location (user device, user device access, second user, user access) , said meta-data information including respective local and global formats for each data field in a set of commonly used data fields ; b) generating a global query to search said virtual database , said global query including at least one data field from said set of commonly used data fields whose values are represented in an i/o format ; c) filtering said global query to enumerate those local databases that contain data related to said date field in accord with the meta-data information ; d) translating the value of said date field in said global query into local values in the respective local formats in accord with the meta-data information for the enumerated local databases ; e) generating local queries for the enumerated local databases that include the respective local values in accordance with the meta-data information ; f) passing the local queries to the respective local databases ; g) executing the local queries to search for and retrieve from the local databases data that is associated with the local values of said data field ; h) translating the data retrieved from the local databases from their respective local formats into said i/o format ; and i) integrating said data to present the requesting user with an integrated response . |
| US8869249B2 Filed: 2002-01-18 Issued: 2014-10-21 Protecting information on a computer system using multiple authentication methods (Original Assignee) PeopleChart Corp (Current Assignee) PeopleChart Corp R. David Holvey, Arthur Douglas Jopling | US5706507A Filed: 1995-07-05 Issued: 1998-01-06 System and method for controlling access to data located on a content server (Original Assignee) International Business Machines Corp (Current Assignee) Activision Publishing Inc Robert Jeffrey Schloss |
|---|---|
| US8869249B2 CLAIM 1 . A method comprising : receiving , for a user , first user (said portion) authentication information for a first authentication method ; receiving , for the user , second user (said database) authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving , by a computing device , a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device (said database) for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US5706507A CLAIM 1 . In a distributed data communication system wherein communication between a content requestor and a first content server occurs over a first communication link , wherein said content requestor under control of user input communicates a data request signal to said first content server over said first communication link , and wherein said first content server , upon receiving said data request signal , communicates content data to said content requestor according to said data request signal , a method of filtering said content data comprising the steps of : setting said content requestor in an advisory mode wherein said content requestor communicates portions of said data request signal to a first advisory server over a seond communication link , and wherein said first advisory server is remote from said first content server ; controlling said first advisory server upon receipt of said portion (first user) s of said request signal to retrieve characterization data from a data base coupled to said first advisory server and to communicate said characterization data to said content requestor over said second communication link ; and inhibiting loading of at least a portion of said content data according to said characterization data . US5706507A CLAIM 30 . A system for censoring downloaded data from a content server to a client , comprising : a remote advisory server connected to a content server and to a client through a distributed network ; and a database associated with said advisory server for storing a plurality of characterization data , wherein said remote advisory server , upon receipt of a request signal from the client , rates a downloaded data from the content server with an appropriate characterization data from said database (second user, user device, user device access, user access) and forwards said characterization data to said client , said client censoring said downloaded data based on said characterization data . |
| US8869249B2 CLAIM 3 . The method of claim 1 , wherein the period of time starts upon authenticating the second user (said database) authentication information as long as the second user authentication information is authenticated within a prescheduled period of time . |
US5706507A CLAIM 30 . A system for censoring downloaded data from a content server to a client , comprising : a remote advisory server connected to a content server and to a client through a distributed network ; and a database associated with said advisory server for storing a plurality of characterization data , wherein said remote advisory server , upon receipt of a request signal from the client , rates a downloaded data from the content server with an appropriate characterization data from said database (second user, user device, user device access, user access) and forwards said characterization data to said client , said client censoring said downloaded data based on said characterization data . |
| US8869249B2 CLAIM 4 . The method of claim 1 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user (said portion) authentication information and the second user (said database) authentication information are authenticated . |
US5706507A CLAIM 1 . In a distributed data communication system wherein communication between a content requestor and a first content server occurs over a first communication link , wherein said content requestor under control of user input communicates a data request signal to said first content server over said first communication link , and wherein said first content server , upon receiving said data request signal , communicates content data to said content requestor according to said data request signal , a method of filtering said content data comprising the steps of : setting said content requestor in an advisory mode wherein said content requestor communicates portions of said data request signal to a first advisory server over a seond communication link , and wherein said first advisory server is remote from said first content server ; controlling said first advisory server upon receipt of said portion (first user) s of said request signal to retrieve characterization data from a data base coupled to said first advisory server and to communicate said characterization data to said content requestor over said second communication link ; and inhibiting loading of at least a portion of said content data according to said characterization data . US5706507A CLAIM 30 . A system for censoring downloaded data from a content server to a client , comprising : a remote advisory server connected to a content server and to a client through a distributed network ; and a database associated with said advisory server for storing a plurality of characterization data , wherein said remote advisory server , upon receipt of a request signal from the client , rates a downloaded data from the content server with an appropriate characterization data from said database (second user, user device, user device access, user access) and forwards said characterization data to said client , said client censoring said downloaded data based on said characterization data . |
| US8869249B2 CLAIM 7 . The method of claim 1 , wherein the second user (said database) authentication information comprises an access code . |
US5706507A CLAIM 30 . A system for censoring downloaded data from a content server to a client , comprising : a remote advisory server connected to a content server and to a client through a distributed network ; and a database associated with said advisory server for storing a plurality of characterization data , wherein said remote advisory server , upon receipt of a request signal from the client , rates a downloaded data from the content server with an appropriate characterization data from said database (second user, user device, user device access, user access) and forwards said characterization data to said client , said client censoring said downloaded data based on said characterization data . |
| US8869249B2 CLAIM 8 . The method of claim 7 , further comprising sending the access code to the user upon receiving the first user (said portion) authentication information . |
US5706507A CLAIM 1 . In a distributed data communication system wherein communication between a content requestor and a first content server occurs over a first communication link , wherein said content requestor under control of user input communicates a data request signal to said first content server over said first communication link , and wherein said first content server , upon receiving said data request signal , communicates content data to said content requestor according to said data request signal , a method of filtering said content data comprising the steps of : setting said content requestor in an advisory mode wherein said content requestor communicates portions of said data request signal to a first advisory server over a seond communication link , and wherein said first advisory server is remote from said first content server ; controlling said first advisory server upon receipt of said portion (first user) s of said request signal to retrieve characterization data from a data base coupled to said first advisory server and to communicate said characterization data to said content requestor over said second communication link ; and inhibiting loading of at least a portion of said content data according to said characterization data . |
| US8869249B2 CLAIM 10 . The method of claim 8 , wherein the access code is sent to the user via a different communication channel from which the first user (said portion) authentication information is received . |
US5706507A CLAIM 1 . In a distributed data communication system wherein communication between a content requestor and a first content server occurs over a first communication link , wherein said content requestor under control of user input communicates a data request signal to said first content server over said first communication link , and wherein said first content server , upon receiving said data request signal , communicates content data to said content requestor according to said data request signal , a method of filtering said content data comprising the steps of : setting said content requestor in an advisory mode wherein said content requestor communicates portions of said data request signal to a first advisory server over a seond communication link , and wherein said first advisory server is remote from said first content server ; controlling said first advisory server upon receipt of said portion (first user) s of said request signal to retrieve characterization data from a data base coupled to said first advisory server and to communicate said characterization data to said content requestor over said second communication link ; and inhibiting loading of at least a portion of said content data according to said characterization data . |
| US8869249B2 CLAIM 11 . A non-transitory computer-readable storage medium containing instructions for controlling a computer system to be configured for : receiving , for a user , first user (said portion) authentication information for a first authentication method ; receiving , for the user , second user (said database) authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device (said database) for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing system , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US5706507A CLAIM 1 . In a distributed data communication system wherein communication between a content requestor and a first content server occurs over a first communication link , wherein said content requestor under control of user input communicates a data request signal to said first content server over said first communication link , and wherein said first content server , upon receiving said data request signal , communicates content data to said content requestor according to said data request signal , a method of filtering said content data comprising the steps of : setting said content requestor in an advisory mode wherein said content requestor communicates portions of said data request signal to a first advisory server over a seond communication link , and wherein said first advisory server is remote from said first content server ; controlling said first advisory server upon receipt of said portion (first user) s of said request signal to retrieve characterization data from a data base coupled to said first advisory server and to communicate said characterization data to said content requestor over said second communication link ; and inhibiting loading of at least a portion of said content data according to said characterization data . US5706507A CLAIM 30 . A system for censoring downloaded data from a content server to a client , comprising : a remote advisory server connected to a content server and to a client through a distributed network ; and a database associated with said advisory server for storing a plurality of characterization data , wherein said remote advisory server , upon receipt of a request signal from the client , rates a downloaded data from the content server with an appropriate characterization data from said database (second user, user device, user device access, user access) and forwards said characterization data to said client , said client censoring said downloaded data based on said characterization data . |
| US8869249B2 CLAIM 12 . The non-transitory computer-readable storage medium of claim 11 , further configured for : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user (said portion) authentication information and the second user (said database) authentication information are authenticated . |
US5706507A CLAIM 1 . In a distributed data communication system wherein communication between a content requestor and a first content server occurs over a first communication link , wherein said content requestor under control of user input communicates a data request signal to said first content server over said first communication link , and wherein said first content server , upon receiving said data request signal , communicates content data to said content requestor according to said data request signal , a method of filtering said content data comprising the steps of : setting said content requestor in an advisory mode wherein said content requestor communicates portions of said data request signal to a first advisory server over a seond communication link , and wherein said first advisory server is remote from said first content server ; controlling said first advisory server upon receipt of said portion (first user) s of said request signal to retrieve characterization data from a data base coupled to said first advisory server and to communicate said characterization data to said content requestor over said second communication link ; and inhibiting loading of at least a portion of said content data according to said characterization data . US5706507A CLAIM 30 . A system for censoring downloaded data from a content server to a client , comprising : a remote advisory server connected to a content server and to a client through a distributed network ; and a database associated with said advisory server for storing a plurality of characterization data , wherein said remote advisory server , upon receipt of a request signal from the client , rates a downloaded data from the content server with an appropriate characterization data from said database (second user, user device, user device access, user access) and forwards said characterization data to said client , said client censoring said downloaded data based on said characterization data . |
| US8869249B2 CLAIM 13 . The non-transitory computer-readable storage medium of claim 11 , wherein the second user (said database) authentication information comprises an access code . |
US5706507A CLAIM 30 . A system for censoring downloaded data from a content server to a client , comprising : a remote advisory server connected to a content server and to a client through a distributed network ; and a database associated with said advisory server for storing a plurality of characterization data , wherein said remote advisory server , upon receipt of a request signal from the client , rates a downloaded data from the content server with an appropriate characterization data from said database (second user, user device, user device access, user access) and forwards said characterization data to said client , said client censoring said downloaded data based on said characterization data . |
| US8869249B2 CLAIM 14 . The non-transitory computer-readable storage medium of claim 13 , wherein the access code is sent to the user via a different communication channel from which the first user (said portion) authentication information is received . |
US5706507A CLAIM 1 . In a distributed data communication system wherein communication between a content requestor and a first content server occurs over a first communication link , wherein said content requestor under control of user input communicates a data request signal to said first content server over said first communication link , and wherein said first content server , upon receiving said data request signal , communicates content data to said content requestor according to said data request signal , a method of filtering said content data comprising the steps of : setting said content requestor in an advisory mode wherein said content requestor communicates portions of said data request signal to a first advisory server over a seond communication link , and wherein said first advisory server is remote from said first content server ; controlling said first advisory server upon receipt of said portion (first user) s of said request signal to retrieve characterization data from a data base coupled to said first advisory server and to communicate said characterization data to said content requestor over said second communication link ; and inhibiting loading of at least a portion of said content data according to said characterization data . |
| US8869249B2 CLAIM 15 . A method comprising : receiving , for a user , first user (said portion) authentication information for a first authentication method ; upon authenticating the first user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device after receiving , for the user , a second user (said database) authentication information , wherein the front-end storage device is accessible to a user device (said database) for the user via a network and the back-end storage device is not directly connected to the network ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the second user authentication information , enabling , by a computing device , user access (said database) to the subset of data that has been moved to the front-end storage device via the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US5706507A CLAIM 1 . In a distributed data communication system wherein communication between a content requestor and a first content server occurs over a first communication link , wherein said content requestor under control of user input communicates a data request signal to said first content server over said first communication link , and wherein said first content server , upon receiving said data request signal , communicates content data to said content requestor according to said data request signal , a method of filtering said content data comprising the steps of : setting said content requestor in an advisory mode wherein said content requestor communicates portions of said data request signal to a first advisory server over a seond communication link , and wherein said first advisory server is remote from said first content server ; controlling said first advisory server upon receipt of said portion (first user) s of said request signal to retrieve characterization data from a data base coupled to said first advisory server and to communicate said characterization data to said content requestor over said second communication link ; and inhibiting loading of at least a portion of said content data according to said characterization data . US5706507A CLAIM 30 . A system for censoring downloaded data from a content server to a client , comprising : a remote advisory server connected to a content server and to a client through a distributed network ; and a database associated with said advisory server for storing a plurality of characterization data , wherein said remote advisory server , upon receipt of a request signal from the client , rates a downloaded data from the content server with an appropriate characterization data from said database (second user, user device, user device access, user access) and forwards said characterization data to said client , said client censoring said downloaded data based on said characterization data . |
| US8869249B2 CLAIM 16 . The method of claim 15 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user (said portion) authentication information and the second user (said database) authentication information are authenticated . |
US5706507A CLAIM 1 . In a distributed data communication system wherein communication between a content requestor and a first content server occurs over a first communication link , wherein said content requestor under control of user input communicates a data request signal to said first content server over said first communication link , and wherein said first content server , upon receiving said data request signal , communicates content data to said content requestor according to said data request signal , a method of filtering said content data comprising the steps of : setting said content requestor in an advisory mode wherein said content requestor communicates portions of said data request signal to a first advisory server over a seond communication link , and wherein said first advisory server is remote from said first content server ; controlling said first advisory server upon receipt of said portion (first user) s of said request signal to retrieve characterization data from a data base coupled to said first advisory server and to communicate said characterization data to said content requestor over said second communication link ; and inhibiting loading of at least a portion of said content data according to said characterization data . US5706507A CLAIM 30 . A system for censoring downloaded data from a content server to a client , comprising : a remote advisory server connected to a content server and to a client through a distributed network ; and a database associated with said advisory server for storing a plurality of characterization data , wherein said remote advisory server , upon receipt of a request signal from the client , rates a downloaded data from the content server with an appropriate characterization data from said database (second user, user device, user device access, user access) and forwards said characterization data to said client , said client censoring said downloaded data based on said characterization data . |
| US8869249B2 CLAIM 18 . The method of claim 15 , wherein the second user (said database) authentication information comprises an access code . |
US5706507A CLAIM 30 . A system for censoring downloaded data from a content server to a client , comprising : a remote advisory server connected to a content server and to a client through a distributed network ; and a database associated with said advisory server for storing a plurality of characterization data , wherein said remote advisory server , upon receipt of a request signal from the client , rates a downloaded data from the content server with an appropriate characterization data from said database (second user, user device, user device access, user access) and forwards said characterization data to said client , said client censoring said downloaded data based on said characterization data . |
| US8869249B2 CLAIM 19 . The method of claim 18 , further comprising sending the access code to the user upon receiving the first user (said portion) authentication information . |
US5706507A CLAIM 1 . In a distributed data communication system wherein communication between a content requestor and a first content server occurs over a first communication link , wherein said content requestor under control of user input communicates a data request signal to said first content server over said first communication link , and wherein said first content server , upon receiving said data request signal , communicates content data to said content requestor according to said data request signal , a method of filtering said content data comprising the steps of : setting said content requestor in an advisory mode wherein said content requestor communicates portions of said data request signal to a first advisory server over a seond communication link , and wherein said first advisory server is remote from said first content server ; controlling said first advisory server upon receipt of said portion (first user) s of said request signal to retrieve characterization data from a data base coupled to said first advisory server and to communicate said characterization data to said content requestor over said second communication link ; and inhibiting loading of at least a portion of said content data according to said characterization data . |
| US8869249B2 CLAIM 20 . The method of claim 19 , wherein the access code is sent to the user via a different communication channel from which the first user (said portion) authentication information is received . |
US5706507A CLAIM 1 . In a distributed data communication system wherein communication between a content requestor and a first content server occurs over a first communication link , wherein said content requestor under control of user input communicates a data request signal to said first content server over said first communication link , and wherein said first content server , upon receiving said data request signal , communicates content data to said content requestor according to said data request signal , a method of filtering said content data comprising the steps of : setting said content requestor in an advisory mode wherein said content requestor communicates portions of said data request signal to a first advisory server over a seond communication link , and wherein said first advisory server is remote from said first content server ; controlling said first advisory server upon receipt of said portion (first user) s of said request signal to retrieve characterization data from a data base coupled to said first advisory server and to communicate said characterization data to said content requestor over said second communication link ; and inhibiting loading of at least a portion of said content data according to said characterization data . |
| US8869249B2 Filed: 2002-01-18 Issued: 2014-10-21 Protecting information on a computer system using multiple authentication methods (Original Assignee) PeopleChart Corp (Current Assignee) PeopleChart Corp R. David Holvey, Arthur Douglas Jopling | US5644711A Filed: 1995-05-26 Issued: 1997-07-01 Multi-privileged level directory access on the AT&T worldworxsm personal conferencing service (Original Assignee) Intel Corp (Current Assignee) Intel Corp Sean T. Murphy |
|---|---|
| US8869249B2 CLAIM 1 . A method comprising : receiving , for a user , first user authentication information for a first authentication method ; receiving , for the user , second user (said database, access rights) authentication information for a second authentication method (said database, access rights) , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving , by a computing device , a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device (said database, access rights) for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US5644711A CLAIM 1 . A method for accessing a directory in a wide area network from a computer , said method comprising the steps of : transmitting a user identification number , a matching password and a directory query request from said computer to said wide area network , said directory query request for requesting an item to be searched in a plurality of directories in said wide area network ; verifying said user identification number and said matching password to determine initial access rights (second user, user device, user device access, user access, second user authentication information, second authentication method, end storage device) to said plurality of directories ; locating said item to be searched by performing a search in said plurality of directories in said wide area network for said item once said user identification number and said matching password are verified for initial access to said plurality of directories ; verifying said user identification number and said matching password to determine final access rights to a specific directory among said plurality of directories which contains said located item ; and returning said located item to said computer if said user identification number and said matching password allow said final access rights to said specific directory in said wide area network which contains said located item . US5644711A CLAIM 8 . The system of claim 7 wherein said network directory security mechanism further comprises a search module for searching through said database (second user, user device, user device access, user access, second user authentication information, second authentication method, end storage device) s for said electronic directories being accessed . |
| US8869249B2 CLAIM 3 . The method of claim 1 , wherein the period of time starts upon authenticating the second user (said database, access rights) authentication information as long as the second user authentication information is authenticated within a prescheduled period of time . |
US5644711A CLAIM 1 . A method for accessing a directory in a wide area network from a computer , said method comprising the steps of : transmitting a user identification number , a matching password and a directory query request from said computer to said wide area network , said directory query request for requesting an item to be searched in a plurality of directories in said wide area network ; verifying said user identification number and said matching password to determine initial access rights (second user, user device, user device access, user access, second user authentication information, second authentication method, end storage device) to said plurality of directories ; locating said item to be searched by performing a search in said plurality of directories in said wide area network for said item once said user identification number and said matching password are verified for initial access to said plurality of directories ; verifying said user identification number and said matching password to determine final access rights to a specific directory among said plurality of directories which contains said located item ; and returning said located item to said computer if said user identification number and said matching password allow said final access rights to said specific directory in said wide area network which contains said located item . US5644711A CLAIM 8 . The system of claim 7 wherein said network directory security mechanism further comprises a search module for searching through said database (second user, user device, user device access, user access, second user authentication information, second authentication method, end storage device) s for said electronic directories being accessed . |
| US8869249B2 CLAIM 4 . The method of claim 1 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user authentication information and the second user (said database, access rights) authentication information are authenticated . |
US5644711A CLAIM 1 . A method for accessing a directory in a wide area network from a computer , said method comprising the steps of : transmitting a user identification number , a matching password and a directory query request from said computer to said wide area network , said directory query request for requesting an item to be searched in a plurality of directories in said wide area network ; verifying said user identification number and said matching password to determine initial access rights (second user, user device, user device access, user access, second user authentication information, second authentication method, end storage device) to said plurality of directories ; locating said item to be searched by performing a search in said plurality of directories in said wide area network for said item once said user identification number and said matching password are verified for initial access to said plurality of directories ; verifying said user identification number and said matching password to determine final access rights to a specific directory among said plurality of directories which contains said located item ; and returning said located item to said computer if said user identification number and said matching password allow said final access rights to said specific directory in said wide area network which contains said located item . US5644711A CLAIM 8 . The system of claim 7 wherein said network directory security mechanism further comprises a search module for searching through said database (second user, user device, user device access, user access, second user authentication information, second authentication method, end storage device) s for said electronic directories being accessed . |
| US8869249B2 CLAIM 7 . The method of claim 1 , wherein the second user (said database, access rights) authentication information comprises an access code . |
US5644711A CLAIM 1 . A method for accessing a directory in a wide area network from a computer , said method comprising the steps of : transmitting a user identification number , a matching password and a directory query request from said computer to said wide area network , said directory query request for requesting an item to be searched in a plurality of directories in said wide area network ; verifying said user identification number and said matching password to determine initial access rights (second user, user device, user device access, user access, second user authentication information, second authentication method, end storage device) to said plurality of directories ; locating said item to be searched by performing a search in said plurality of directories in said wide area network for said item once said user identification number and said matching password are verified for initial access to said plurality of directories ; verifying said user identification number and said matching password to determine final access rights to a specific directory among said plurality of directories which contains said located item ; and returning said located item to said computer if said user identification number and said matching password allow said final access rights to said specific directory in said wide area network which contains said located item . US5644711A CLAIM 8 . The system of claim 7 wherein said network directory security mechanism further comprises a search module for searching through said database (second user, user device, user device access, user access, second user authentication information, second authentication method, end storage device) s for said electronic directories being accessed . |
| US8869249B2 CLAIM 11 . A non-transitory computer-readable storage medium containing instructions for controlling a computer system to be configured for : receiving , for a user , first user authentication information for a first authentication method ; receiving , for the user , second user (said database, access rights) authentication information for a second authentication method (said database, access rights) , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device (said database, access rights) for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing system , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US5644711A CLAIM 1 . A method for accessing a directory in a wide area network from a computer , said method comprising the steps of : transmitting a user identification number , a matching password and a directory query request from said computer to said wide area network , said directory query request for requesting an item to be searched in a plurality of directories in said wide area network ; verifying said user identification number and said matching password to determine initial access rights (second user, user device, user device access, user access, second user authentication information, second authentication method, end storage device) to said plurality of directories ; locating said item to be searched by performing a search in said plurality of directories in said wide area network for said item once said user identification number and said matching password are verified for initial access to said plurality of directories ; verifying said user identification number and said matching password to determine final access rights to a specific directory among said plurality of directories which contains said located item ; and returning said located item to said computer if said user identification number and said matching password allow said final access rights to said specific directory in said wide area network which contains said located item . US5644711A CLAIM 8 . The system of claim 7 wherein said network directory security mechanism further comprises a search module for searching through said database (second user, user device, user device access, user access, second user authentication information, second authentication method, end storage device) s for said electronic directories being accessed . |
| US8869249B2 CLAIM 12 . The non-transitory computer-readable storage medium of claim 11 , further configured for : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user authentication information and the second user (said database, access rights) authentication information are authenticated . |
US5644711A CLAIM 1 . A method for accessing a directory in a wide area network from a computer , said method comprising the steps of : transmitting a user identification number , a matching password and a directory query request from said computer to said wide area network , said directory query request for requesting an item to be searched in a plurality of directories in said wide area network ; verifying said user identification number and said matching password to determine initial access rights (second user, user device, user device access, user access, second user authentication information, second authentication method, end storage device) to said plurality of directories ; locating said item to be searched by performing a search in said plurality of directories in said wide area network for said item once said user identification number and said matching password are verified for initial access to said plurality of directories ; verifying said user identification number and said matching password to determine final access rights to a specific directory among said plurality of directories which contains said located item ; and returning said located item to said computer if said user identification number and said matching password allow said final access rights to said specific directory in said wide area network which contains said located item . US5644711A CLAIM 8 . The system of claim 7 wherein said network directory security mechanism further comprises a search module for searching through said database (second user, user device, user device access, user access, second user authentication information, second authentication method, end storage device) s for said electronic directories being accessed . |
| US8869249B2 CLAIM 13 . The non-transitory computer-readable storage medium of claim 11 , wherein the second user (said database, access rights) authentication information comprises an access code . |
US5644711A CLAIM 1 . A method for accessing a directory in a wide area network from a computer , said method comprising the steps of : transmitting a user identification number , a matching password and a directory query request from said computer to said wide area network , said directory query request for requesting an item to be searched in a plurality of directories in said wide area network ; verifying said user identification number and said matching password to determine initial access rights (second user, user device, user device access, user access, second user authentication information, second authentication method, end storage device) to said plurality of directories ; locating said item to be searched by performing a search in said plurality of directories in said wide area network for said item once said user identification number and said matching password are verified for initial access to said plurality of directories ; verifying said user identification number and said matching password to determine final access rights to a specific directory among said plurality of directories which contains said located item ; and returning said located item to said computer if said user identification number and said matching password allow said final access rights to said specific directory in said wide area network which contains said located item . US5644711A CLAIM 8 . The system of claim 7 wherein said network directory security mechanism further comprises a search module for searching through said database (second user, user device, user device access, user access, second user authentication information, second authentication method, end storage device) s for said electronic directories being accessed . |
| US8869249B2 CLAIM 15 . A method comprising : receiving , for a user , first user authentication information for a first authentication method ; upon authenticating the first user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device after receiving , for the user , a second user (said database, access rights) authentication information , wherein the front-end storage device is accessible to a user device (said database, access rights) for the user via a network and the back-end storage device is not directly connected to the network ; receiving , for the user , second user authentication information for a second authentication method (said database, access rights) , the second authentication method being different from the first authentication method ; upon authenticating the second user authentication information , enabling , by a computing device , user access (said database, access rights) to the subset of data that has been moved to the front-end storage device via the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US5644711A CLAIM 1 . A method for accessing a directory in a wide area network from a computer , said method comprising the steps of : transmitting a user identification number , a matching password and a directory query request from said computer to said wide area network , said directory query request for requesting an item to be searched in a plurality of directories in said wide area network ; verifying said user identification number and said matching password to determine initial access rights (second user, user device, user device access, user access, second user authentication information, second authentication method, end storage device) to said plurality of directories ; locating said item to be searched by performing a search in said plurality of directories in said wide area network for said item once said user identification number and said matching password are verified for initial access to said plurality of directories ; verifying said user identification number and said matching password to determine final access rights to a specific directory among said plurality of directories which contains said located item ; and returning said located item to said computer if said user identification number and said matching password allow said final access rights to said specific directory in said wide area network which contains said located item . US5644711A CLAIM 8 . The system of claim 7 wherein said network directory security mechanism further comprises a search module for searching through said database (second user, user device, user device access, user access, second user authentication information, second authentication method, end storage device) s for said electronic directories being accessed . |
| US8869249B2 CLAIM 16 . The method of claim 15 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user authentication information and the second user (said database, access rights) authentication information are authenticated . |
US5644711A CLAIM 1 . A method for accessing a directory in a wide area network from a computer , said method comprising the steps of : transmitting a user identification number , a matching password and a directory query request from said computer to said wide area network , said directory query request for requesting an item to be searched in a plurality of directories in said wide area network ; verifying said user identification number and said matching password to determine initial access rights (second user, user device, user device access, user access, second user authentication information, second authentication method, end storage device) to said plurality of directories ; locating said item to be searched by performing a search in said plurality of directories in said wide area network for said item once said user identification number and said matching password are verified for initial access to said plurality of directories ; verifying said user identification number and said matching password to determine final access rights to a specific directory among said plurality of directories which contains said located item ; and returning said located item to said computer if said user identification number and said matching password allow said final access rights to said specific directory in said wide area network which contains said located item . US5644711A CLAIM 8 . The system of claim 7 wherein said network directory security mechanism further comprises a search module for searching through said database (second user, user device, user device access, user access, second user authentication information, second authentication method, end storage device) s for said electronic directories being accessed . |
| US8869249B2 CLAIM 18 . The method of claim 15 , wherein the second user (said database, access rights) authentication information comprises an access code . |
US5644711A CLAIM 1 . A method for accessing a directory in a wide area network from a computer , said method comprising the steps of : transmitting a user identification number , a matching password and a directory query request from said computer to said wide area network , said directory query request for requesting an item to be searched in a plurality of directories in said wide area network ; verifying said user identification number and said matching password to determine initial access rights (second user, user device, user device access, user access, second user authentication information, second authentication method, end storage device) to said plurality of directories ; locating said item to be searched by performing a search in said plurality of directories in said wide area network for said item once said user identification number and said matching password are verified for initial access to said plurality of directories ; verifying said user identification number and said matching password to determine final access rights to a specific directory among said plurality of directories which contains said located item ; and returning said located item to said computer if said user identification number and said matching password allow said final access rights to said specific directory in said wide area network which contains said located item . US5644711A CLAIM 8 . The system of claim 7 wherein said network directory security mechanism further comprises a search module for searching through said database (second user, user device, user device access, user access, second user authentication information, second authentication method, end storage device) s for said electronic directories being accessed . |
| US8869249B2 Filed: 2002-01-18 Issued: 2014-10-21 Protecting information on a computer system using multiple authentication methods (Original Assignee) PeopleChart Corp (Current Assignee) PeopleChart Corp R. David Holvey, Arthur Douglas Jopling | US5555303A Filed: 1995-05-22 Issued: 1996-09-10 Secure transaction system and method utilized therein (Original Assignee) Stambler; Leon Leon Stambler |
|---|---|
| US8869249B2 CLAIM 1 . A method comprising : receiving , for a user , first user (said portion) authentication information for a first authentication method ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving , by a computing device , a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US5555303A CLAIM 1 . In a transaction system comprising a first storage means in possession of a first party , containing party information , the party information comprising a predetermined first non-secret code (ROC1) , a predetermined arbitrary first transaction number (TN1) , and predetermined party information used to form a predetermined address (PA) , a second storage means , and party information stored in the second storage means , the second storage means party information comprising a predetermined arbitrary first secret number (RN1) , and a predetermined second transaction number (TN2) corresponding to the TN1 , a method for authenticating the first party , the first storage means , and transaction information comprising the steps of : receiving a personal identification number (PIN) from the first party , at a first site , and generating first coded authentication information using the received PIN ; retrieving the party information from the first storage means , at the first site ; coding the transaction information and the TN1 with the first coded authentication information to generate a first anti-duplication variable authentication number (ADVAN1) , at the first site ; transmitting the ADVAN1 , and a portion of the retrieved first storage means party information , said portion (first user) comprising the ROC1 and the predetermined party information used to form the PA , from the first site to a second site ; deriving the PA at the second site from the received predetermined party information ; accessing the second storage means using the derived PA to locate and retrieve RN1 and TN2 ; generating second coded authentication information using the received ROC1 and the retrieved RN1 ; uncoding the ADVAN1 using the second coded authentication information to derive the TN1 and the transaction information ; comparing the derived TN1 to the retrieved TN2 ; authenticating the first party , the first storage means , and the transaction information if the derived TN1 corresponds to the retrieved TN2 ; forming a revised third transaction number (TN3) and a revised second secret number (RN2) ; storing the TN3 and the RN2 in the second storage means at the predetermined address (PA) ; generating a revised second non-secret code (ROC2) using the second coded authentication information and the RN2 ; coding the TN3 with the second coded authentication information to generate a second anti-duplication variable authentication number ADVAN2) ; transmitting the ADVAN2 and the ROC2 from the second site to the first site ; uncoding the received ADVAN2 at the first site using the first coded authentication information to derive the TN3 ; and storing the derived TN3 and the received ROC2 in the first storage means for use in a subsequent transaction . |
| US8869249B2 CLAIM 4 . The method of claim 1 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user (said portion) authentication information and the second user authentication information are authenticated . |
US5555303A CLAIM 1 . In a transaction system comprising a first storage means in possession of a first party , containing party information , the party information comprising a predetermined first non-secret code (ROC1) , a predetermined arbitrary first transaction number (TN1) , and predetermined party information used to form a predetermined address (PA) , a second storage means , and party information stored in the second storage means , the second storage means party information comprising a predetermined arbitrary first secret number (RN1) , and a predetermined second transaction number (TN2) corresponding to the TN1 , a method for authenticating the first party , the first storage means , and transaction information comprising the steps of : receiving a personal identification number (PIN) from the first party , at a first site , and generating first coded authentication information using the received PIN ; retrieving the party information from the first storage means , at the first site ; coding the transaction information and the TN1 with the first coded authentication information to generate a first anti-duplication variable authentication number (ADVAN1) , at the first site ; transmitting the ADVAN1 , and a portion of the retrieved first storage means party information , said portion (first user) comprising the ROC1 and the predetermined party information used to form the PA , from the first site to a second site ; deriving the PA at the second site from the received predetermined party information ; accessing the second storage means using the derived PA to locate and retrieve RN1 and TN2 ; generating second coded authentication information using the received ROC1 and the retrieved RN1 ; uncoding the ADVAN1 using the second coded authentication information to derive the TN1 and the transaction information ; comparing the derived TN1 to the retrieved TN2 ; authenticating the first party , the first storage means , and the transaction information if the derived TN1 corresponds to the retrieved TN2 ; forming a revised third transaction number (TN3) and a revised second secret number (RN2) ; storing the TN3 and the RN2 in the second storage means at the predetermined address (PA) ; generating a revised second non-secret code (ROC2) using the second coded authentication information and the RN2 ; coding the TN3 with the second coded authentication information to generate a second anti-duplication variable authentication number ADVAN2) ; transmitting the ADVAN2 and the ROC2 from the second site to the first site ; uncoding the received ADVAN2 at the first site using the first coded authentication information to derive the TN3 ; and storing the derived TN3 and the received ROC2 in the first storage means for use in a subsequent transaction . |
| US8869249B2 CLAIM 7 . The method of claim 1 , wherein the second user authentication information comprises an access code (control program) . |
US5555303A CLAIM 9 . In a computer system comprising a memory containing computer information stored in a controlled memory area to which access is granted only upon proper authentication of an authorized user of the computer system , the memory further including a stored control program (access code) for interacting with a user and for making a determination as to whether the user is an authorized user , the memory further including a first area , not readily accessible to a user , the first memory area containing a first revisable code (RN) and a second revisable code (TSN1) and a second area containing a third revisable code (ROC) and a fourth revisable code (TSN2) , the fourth revisable code (TSN2) being identical to the second revisable code (TSN1) , a method of authentication of a user comprising the steps of : receiving in the computer system a personal identification number IPIN) from a user ; generating first encoded authentication information (CPN1) using the received personal identification number (PIN) ; retrieving the fourth revisable code (TSN2) and encoding the fourth revisable code (TSN2) with the first encoded authentication information (CPN1) to obtain a first anti-duplication variable number (ADVAN1) ; retrieving the first revisable code (RN) from the first memory area and the third revisable code (ROC) from the second memory area and deriving therefrom second encoded authentication information (CPN2) ; retrieving the second revisable code (TSN1) from the first memory area and encoding the second revisable code (TSN1) with the second encoded authentication information (CPN2) to obtain a second anti-duplication variable number (ADVAN2) ; comparing the first anti-duplication variable number (ADVAN1) with the second anti-duplication variable number (ADVAN2) ; granting access to the computer information stored in the controlled memory area to the user only if the first and second anti-duplication variable numbers (ADVAN1 and ADVAN2) are identical ; and revising and storing the first , second , third and fourth revisable codes (RN , TSN1 , ROC and TSN2) in the original respective memory areas only if the first and second anti-duplication variable numbers (ADVAN1 and ADVAN2) are identical . |
| US8869249B2 CLAIM 8 . The method of claim 7 , further comprising sending the access code (control program) to the user upon receiving the first user (said portion) authentication information . |
US5555303A CLAIM 1 . In a transaction system comprising a first storage means in possession of a first party , containing party information , the party information comprising a predetermined first non-secret code (ROC1) , a predetermined arbitrary first transaction number (TN1) , and predetermined party information used to form a predetermined address (PA) , a second storage means , and party information stored in the second storage means , the second storage means party information comprising a predetermined arbitrary first secret number (RN1) , and a predetermined second transaction number (TN2) corresponding to the TN1 , a method for authenticating the first party , the first storage means , and transaction information comprising the steps of : receiving a personal identification number (PIN) from the first party , at a first site , and generating first coded authentication information using the received PIN ; retrieving the party information from the first storage means , at the first site ; coding the transaction information and the TN1 with the first coded authentication information to generate a first anti-duplication variable authentication number (ADVAN1) , at the first site ; transmitting the ADVAN1 , and a portion of the retrieved first storage means party information , said portion (first user) comprising the ROC1 and the predetermined party information used to form the PA , from the first site to a second site ; deriving the PA at the second site from the received predetermined party information ; accessing the second storage means using the derived PA to locate and retrieve RN1 and TN2 ; generating second coded authentication information using the received ROC1 and the retrieved RN1 ; uncoding the ADVAN1 using the second coded authentication information to derive the TN1 and the transaction information ; comparing the derived TN1 to the retrieved TN2 ; authenticating the first party , the first storage means , and the transaction information if the derived TN1 corresponds to the retrieved TN2 ; forming a revised third transaction number (TN3) and a revised second secret number (RN2) ; storing the TN3 and the RN2 in the second storage means at the predetermined address (PA) ; generating a revised second non-secret code (ROC2) using the second coded authentication information and the RN2 ; coding the TN3 with the second coded authentication information to generate a second anti-duplication variable authentication number ADVAN2) ; transmitting the ADVAN2 and the ROC2 from the second site to the first site ; uncoding the received ADVAN2 at the first site using the first coded authentication information to derive the TN3 ; and storing the derived TN3 and the received ROC2 in the first storage means for use in a subsequent transaction . US5555303A CLAIM 9 . In a computer system comprising a memory containing computer information stored in a controlled memory area to which access is granted only upon proper authentication of an authorized user of the computer system , the memory further including a stored control program (access code) for interacting with a user and for making a determination as to whether the user is an authorized user , the memory further including a first area , not readily accessible to a user , the first memory area containing a first revisable code (RN) and a second revisable code (TSN1) and a second area containing a third revisable code (ROC) and a fourth revisable code (TSN2) , the fourth revisable code (TSN2) being identical to the second revisable code (TSN1) , a method of authentication of a user comprising the steps of : receiving in the computer system a personal identification number IPIN) from a user ; generating first encoded authentication information (CPN1) using the received personal identification number (PIN) ; retrieving the fourth revisable code (TSN2) and encoding the fourth revisable code (TSN2) with the first encoded authentication information (CPN1) to obtain a first anti-duplication variable number (ADVAN1) ; retrieving the first revisable code (RN) from the first memory area and the third revisable code (ROC) from the second memory area and deriving therefrom second encoded authentication information (CPN2) ; retrieving the second revisable code (TSN1) from the first memory area and encoding the second revisable code (TSN1) with the second encoded authentication information (CPN2) to obtain a second anti-duplication variable number (ADVAN2) ; comparing the first anti-duplication variable number (ADVAN1) with the second anti-duplication variable number (ADVAN2) ; granting access to the computer information stored in the controlled memory area to the user only if the first and second anti-duplication variable numbers (ADVAN1 and ADVAN2) are identical ; and revising and storing the first , second , third and fourth revisable codes (RN , TSN1 , ROC and TSN2) in the original respective memory areas only if the first and second anti-duplication variable numbers (ADVAN1 and ADVAN2) are identical . |
| US8869249B2 CLAIM 9 . The method of claim 8 , wherein the access code (control program) is sent to the user via a communication path that has been previously established . |
US5555303A CLAIM 9 . In a computer system comprising a memory containing computer information stored in a controlled memory area to which access is granted only upon proper authentication of an authorized user of the computer system , the memory further including a stored control program (access code) for interacting with a user and for making a determination as to whether the user is an authorized user , the memory further including a first area , not readily accessible to a user , the first memory area containing a first revisable code (RN) and a second revisable code (TSN1) and a second area containing a third revisable code (ROC) and a fourth revisable code (TSN2) , the fourth revisable code (TSN2) being identical to the second revisable code (TSN1) , a method of authentication of a user comprising the steps of : receiving in the computer system a personal identification number IPIN) from a user ; generating first encoded authentication information (CPN1) using the received personal identification number (PIN) ; retrieving the fourth revisable code (TSN2) and encoding the fourth revisable code (TSN2) with the first encoded authentication information (CPN1) to obtain a first anti-duplication variable number (ADVAN1) ; retrieving the first revisable code (RN) from the first memory area and the third revisable code (ROC) from the second memory area and deriving therefrom second encoded authentication information (CPN2) ; retrieving the second revisable code (TSN1) from the first memory area and encoding the second revisable code (TSN1) with the second encoded authentication information (CPN2) to obtain a second anti-duplication variable number (ADVAN2) ; comparing the first anti-duplication variable number (ADVAN1) with the second anti-duplication variable number (ADVAN2) ; granting access to the computer information stored in the controlled memory area to the user only if the first and second anti-duplication variable numbers (ADVAN1 and ADVAN2) are identical ; and revising and storing the first , second , third and fourth revisable codes (RN , TSN1 , ROC and TSN2) in the original respective memory areas only if the first and second anti-duplication variable numbers (ADVAN1 and ADVAN2) are identical . |
| US8869249B2 CLAIM 10 . The method of claim 8 , wherein the access code (control program) is sent to the user via a different communication channel from which the first user (said portion) authentication information is received . |
US5555303A CLAIM 8 . The method of claim 1 wherein the step of transmitting the ADVAN1 , and a portion of the retrieved first storage means party information , said portion (first user) comprising the ROC1 and the predetermined party information used to form the PA , from the first site to the second site , further comprises transmitting at least a portion of the transaction information ; the step of comparing the derived TN1 to the retrieved TN2 , further comprises the step of comparing the transaction information uncoded from the ADVAN1 using the second coded authentication information with the at least a portion of the transaction information transmitted ; and the step of authenticating additionally requires that the uncoded transaction information corresponds to the transmitted transaction information . US5555303A CLAIM 9 . In a computer system comprising a memory containing computer information stored in a controlled memory area to which access is granted only upon proper authentication of an authorized user of the computer system , the memory further including a stored control program (access code) for interacting with a user and for making a determination as to whether the user is an authorized user , the memory further including a first area , not readily accessible to a user , the first memory area containing a first revisable code (RN) and a second revisable code (TSN1) and a second area containing a third revisable code (ROC) and a fourth revisable code (TSN2) , the fourth revisable code (TSN2) being identical to the second revisable code (TSN1) , a method of authentication of a user comprising the steps of : receiving in the computer system a personal identification number IPIN) from a user ; generating first encoded authentication information (CPN1) using the received personal identification number (PIN) ; retrieving the fourth revisable code (TSN2) and encoding the fourth revisable code (TSN2) with the first encoded authentication information (CPN1) to obtain a first anti-duplication variable number (ADVAN1) ; retrieving the first revisable code (RN) from the first memory area and the third revisable code (ROC) from the second memory area and deriving therefrom second encoded authentication information (CPN2) ; retrieving the second revisable code (TSN1) from the first memory area and encoding the second revisable code (TSN1) with the second encoded authentication information (CPN2) to obtain a second anti-duplication variable number (ADVAN2) ; comparing the first anti-duplication variable number (ADVAN1) with the second anti-duplication variable number (ADVAN2) ; granting access to the computer information stored in the controlled memory area to the user only if the first and second anti-duplication variable numbers (ADVAN1 and ADVAN2) are identical ; and revising and storing the first , second , third and fourth revisable codes (RN , TSN1 , ROC and TSN2) in the original respective memory areas only if the first and second anti-duplication variable numbers (ADVAN1 and ADVAN2) are identical . |
| US8869249B2 CLAIM 11 . A non-transitory computer-readable storage medium containing instructions for controlling a computer system (computer system) to be configured for : receiving , for a user , first user (said portion) authentication information for a first authentication method ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing system , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US5555303A CLAIM 8 . The method of claim 1 wherein the step of transmitting the ADVAN1 , and a portion of the retrieved first storage means party information , said portion (first user) comprising the ROC1 and the predetermined party information used to form the PA , from the first site to the second site , further comprises transmitting at least a portion of the transaction information ; the step of comparing the derived TN1 to the retrieved TN2 , further comprises the step of comparing the transaction information uncoded from the ADVAN1 using the second coded authentication information with the at least a portion of the transaction information transmitted ; and the step of authenticating additionally requires that the uncoded transaction information corresponds to the transmitted transaction information . US5555303A CLAIM 9 . In a computer system (computer system) comprising a memory containing computer information stored in a controlled memory area to which access is granted only upon proper authentication of an authorized user of the computer system , the memory further including a stored control program for interacting with a user and for making a determination as to whether the user is an authorized user , the memory further including a first area , not readily accessible to a user , the first memory area containing a first revisable code (RN) and a second revisable code (TSN1) and a second area containing a third revisable code (ROC) and a fourth revisable code (TSN2) , the fourth revisable code (TSN2) being identical to the second revisable code (TSN1) , a method of authentication of a user comprising the steps of : receiving in the computer system a personal identification number IPIN) from a user ; generating first encoded authentication information (CPN1) using the received personal identification number (PIN) ; retrieving the fourth revisable code (TSN2) and encoding the fourth revisable code (TSN2) with the first encoded authentication information (CPN1) to obtain a first anti-duplication variable number (ADVAN1) ; retrieving the first revisable code (RN) from the first memory area and the third revisable code (ROC) from the second memory area and deriving therefrom second encoded authentication information (CPN2) ; retrieving the second revisable code (TSN1) from the first memory area and encoding the second revisable code (TSN1) with the second encoded authentication information (CPN2) to obtain a second anti-duplication variable number (ADVAN2) ; comparing the first anti-duplication variable number (ADVAN1) with the second anti-duplication variable number (ADVAN2) ; granting access to the computer information stored in the controlled memory area to the user only if the first and second anti-duplication variable numbers (ADVAN1 and ADVAN2) are identical ; and revising and storing the first , second , third and fourth revisable codes (RN , TSN1 , ROC and TSN2) in the original respective memory areas only if the first and second anti-duplication variable numbers (ADVAN1 and ADVAN2) are identical . |
| US8869249B2 CLAIM 12 . The non-transitory computer-readable storage medium of claim 11 , further configured for : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user (said portion) authentication information and the second user authentication information are authenticated . |
US5555303A CLAIM 8 . The method of claim 1 wherein the step of transmitting the ADVAN1 , and a portion of the retrieved first storage means party information , said portion (first user) comprising the ROC1 and the predetermined party information used to form the PA , from the first site to the second site , further comprises transmitting at least a portion of the transaction information ; the step of comparing the derived TN1 to the retrieved TN2 , further comprises the step of comparing the transaction information uncoded from the ADVAN1 using the second coded authentication information with the at least a portion of the transaction information transmitted ; and the step of authenticating additionally requires that the uncoded transaction information corresponds to the transmitted transaction information . |
| US8869249B2 CLAIM 13 . The non-transitory computer-readable storage medium of claim 11 , wherein the second user authentication information comprises an access code (control program) . |
US5555303A CLAIM 9 . In a computer system comprising a memory containing computer information stored in a controlled memory area to which access is granted only upon proper authentication of an authorized user of the computer system , the memory further including a stored control program (access code) for interacting with a user and for making a determination as to whether the user is an authorized user , the memory further including a first area , not readily accessible to a user , the first memory area containing a first revisable code (RN) and a second revisable code (TSN1) and a second area containing a third revisable code (ROC) and a fourth revisable code (TSN2) , the fourth revisable code (TSN2) being identical to the second revisable code (TSN1) , a method of authentication of a user comprising the steps of : receiving in the computer system a personal identification number IPIN) from a user ; generating first encoded authentication information (CPN1) using the received personal identification number (PIN) ; retrieving the fourth revisable code (TSN2) and encoding the fourth revisable code (TSN2) with the first encoded authentication information (CPN1) to obtain a first anti-duplication variable number (ADVAN1) ; retrieving the first revisable code (RN) from the first memory area and the third revisable code (ROC) from the second memory area and deriving therefrom second encoded authentication information (CPN2) ; retrieving the second revisable code (TSN1) from the first memory area and encoding the second revisable code (TSN1) with the second encoded authentication information (CPN2) to obtain a second anti-duplication variable number (ADVAN2) ; comparing the first anti-duplication variable number (ADVAN1) with the second anti-duplication variable number (ADVAN2) ; granting access to the computer information stored in the controlled memory area to the user only if the first and second anti-duplication variable numbers (ADVAN1 and ADVAN2) are identical ; and revising and storing the first , second , third and fourth revisable codes (RN , TSN1 , ROC and TSN2) in the original respective memory areas only if the first and second anti-duplication variable numbers (ADVAN1 and ADVAN2) are identical . |
| US8869249B2 CLAIM 14 . The non-transitory computer-readable storage medium of claim 13 , wherein the access code (control program) is sent to the user via a different communication channel from which the first user (said portion) authentication information is received . |
US5555303A CLAIM 8 . The method of claim 1 wherein the step of transmitting the ADVAN1 , and a portion of the retrieved first storage means party information , said portion (first user) comprising the ROC1 and the predetermined party information used to form the PA , from the first site to the second site , further comprises transmitting at least a portion of the transaction information ; the step of comparing the derived TN1 to the retrieved TN2 , further comprises the step of comparing the transaction information uncoded from the ADVAN1 using the second coded authentication information with the at least a portion of the transaction information transmitted ; and the step of authenticating additionally requires that the uncoded transaction information corresponds to the transmitted transaction information . US5555303A CLAIM 9 . In a computer system comprising a memory containing computer information stored in a controlled memory area to which access is granted only upon proper authentication of an authorized user of the computer system , the memory further including a stored control program (access code) for interacting with a user and for making a determination as to whether the user is an authorized user , the memory further including a first area , not readily accessible to a user , the first memory area containing a first revisable code (RN) and a second revisable code (TSN1) and a second area containing a third revisable code (ROC) and a fourth revisable code (TSN2) , the fourth revisable code (TSN2) being identical to the second revisable code (TSN1) , a method of authentication of a user comprising the steps of : receiving in the computer system a personal identification number IPIN) from a user ; generating first encoded authentication information (CPN1) using the received personal identification number (PIN) ; retrieving the fourth revisable code (TSN2) and encoding the fourth revisable code (TSN2) with the first encoded authentication information (CPN1) to obtain a first anti-duplication variable number (ADVAN1) ; retrieving the first revisable code (RN) from the first memory area and the third revisable code (ROC) from the second memory area and deriving therefrom second encoded authentication information (CPN2) ; retrieving the second revisable code (TSN1) from the first memory area and encoding the second revisable code (TSN1) with the second encoded authentication information (CPN2) to obtain a second anti-duplication variable number (ADVAN2) ; comparing the first anti-duplication variable number (ADVAN1) with the second anti-duplication variable number (ADVAN2) ; granting access to the computer information stored in the controlled memory area to the user only if the first and second anti-duplication variable numbers (ADVAN1 and ADVAN2) are identical ; and revising and storing the first , second , third and fourth revisable codes (RN , TSN1 , ROC and TSN2) in the original respective memory areas only if the first and second anti-duplication variable numbers (ADVAN1 and ADVAN2) are identical . |
| US8869249B2 CLAIM 15 . A method comprising : receiving , for a user , first user (said portion) authentication information for a first authentication method ; upon authenticating the first user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device after receiving , for the user , a second user authentication information , wherein the front-end storage device is accessible to a user device for the user via a network and the back-end storage device is not directly connected to the network ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the second user authentication information , enabling , by a computing device , user access to the subset of data that has been moved to the front-end storage device via the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US5555303A CLAIM 8 . The method of claim 1 wherein the step of transmitting the ADVAN1 , and a portion of the retrieved first storage means party information , said portion (first user) comprising the ROC1 and the predetermined party information used to form the PA , from the first site to the second site , further comprises transmitting at least a portion of the transaction information ; the step of comparing the derived TN1 to the retrieved TN2 , further comprises the step of comparing the transaction information uncoded from the ADVAN1 using the second coded authentication information with the at least a portion of the transaction information transmitted ; and the step of authenticating additionally requires that the uncoded transaction information corresponds to the transmitted transaction information . |
| US8869249B2 CLAIM 16 . The method of claim 15 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user (said portion) authentication information and the second user authentication information are authenticated . |
US5555303A CLAIM 8 . The method of claim 1 wherein the step of transmitting the ADVAN1 , and a portion of the retrieved first storage means party information , said portion (first user) comprising the ROC1 and the predetermined party information used to form the PA , from the first site to the second site , further comprises transmitting at least a portion of the transaction information ; the step of comparing the derived TN1 to the retrieved TN2 , further comprises the step of comparing the transaction information uncoded from the ADVAN1 using the second coded authentication information with the at least a portion of the transaction information transmitted ; and the step of authenticating additionally requires that the uncoded transaction information corresponds to the transmitted transaction information . |
| US8869249B2 CLAIM 18 . The method of claim 15 , wherein the second user authentication information comprises an access code (control program) . |
US5555303A CLAIM 9 . In a computer system comprising a memory containing computer information stored in a controlled memory area to which access is granted only upon proper authentication of an authorized user of the computer system , the memory further including a stored control program (access code) for interacting with a user and for making a determination as to whether the user is an authorized user , the memory further including a first area , not readily accessible to a user , the first memory area containing a first revisable code (RN) and a second revisable code (TSN1) and a second area containing a third revisable code (ROC) and a fourth revisable code (TSN2) , the fourth revisable code (TSN2) being identical to the second revisable code (TSN1) , a method of authentication of a user comprising the steps of : receiving in the computer system a personal identification number IPIN) from a user ; generating first encoded authentication information (CPN1) using the received personal identification number (PIN) ; retrieving the fourth revisable code (TSN2) and encoding the fourth revisable code (TSN2) with the first encoded authentication information (CPN1) to obtain a first anti-duplication variable number (ADVAN1) ; retrieving the first revisable code (RN) from the first memory area and the third revisable code (ROC) from the second memory area and deriving therefrom second encoded authentication information (CPN2) ; retrieving the second revisable code (TSN1) from the first memory area and encoding the second revisable code (TSN1) with the second encoded authentication information (CPN2) to obtain a second anti-duplication variable number (ADVAN2) ; comparing the first anti-duplication variable number (ADVAN1) with the second anti-duplication variable number (ADVAN2) ; granting access to the computer information stored in the controlled memory area to the user only if the first and second anti-duplication variable numbers (ADVAN1 and ADVAN2) are identical ; and revising and storing the first , second , third and fourth revisable codes (RN , TSN1 , ROC and TSN2) in the original respective memory areas only if the first and second anti-duplication variable numbers (ADVAN1 and ADVAN2) are identical . |
| US8869249B2 CLAIM 19 . The method of claim 18 , further comprising sending the access code (control program) to the user upon receiving the first user (said portion) authentication information . |
US5555303A CLAIM 8 . The method of claim 1 wherein the step of transmitting the ADVAN1 , and a portion of the retrieved first storage means party information , said portion (first user) comprising the ROC1 and the predetermined party information used to form the PA , from the first site to the second site , further comprises transmitting at least a portion of the transaction information ; the step of comparing the derived TN1 to the retrieved TN2 , further comprises the step of comparing the transaction information uncoded from the ADVAN1 using the second coded authentication information with the at least a portion of the transaction information transmitted ; and the step of authenticating additionally requires that the uncoded transaction information corresponds to the transmitted transaction information . US5555303A CLAIM 9 . In a computer system comprising a memory containing computer information stored in a controlled memory area to which access is granted only upon proper authentication of an authorized user of the computer system , the memory further including a stored control program (access code) for interacting with a user and for making a determination as to whether the user is an authorized user , the memory further including a first area , not readily accessible to a user , the first memory area containing a first revisable code (RN) and a second revisable code (TSN1) and a second area containing a third revisable code (ROC) and a fourth revisable code (TSN2) , the fourth revisable code (TSN2) being identical to the second revisable code (TSN1) , a method of authentication of a user comprising the steps of : receiving in the computer system a personal identification number IPIN) from a user ; generating first encoded authentication information (CPN1) using the received personal identification number (PIN) ; retrieving the fourth revisable code (TSN2) and encoding the fourth revisable code (TSN2) with the first encoded authentication information (CPN1) to obtain a first anti-duplication variable number (ADVAN1) ; retrieving the first revisable code (RN) from the first memory area and the third revisable code (ROC) from the second memory area and deriving therefrom second encoded authentication information (CPN2) ; retrieving the second revisable code (TSN1) from the first memory area and encoding the second revisable code (TSN1) with the second encoded authentication information (CPN2) to obtain a second anti-duplication variable number (ADVAN2) ; comparing the first anti-duplication variable number (ADVAN1) with the second anti-duplication variable number (ADVAN2) ; granting access to the computer information stored in the controlled memory area to the user only if the first and second anti-duplication variable numbers (ADVAN1 and ADVAN2) are identical ; and revising and storing the first , second , third and fourth revisable codes (RN , TSN1 , ROC and TSN2) in the original respective memory areas only if the first and second anti-duplication variable numbers (ADVAN1 and ADVAN2) are identical . |
| US8869249B2 CLAIM 20 . The method of claim 19 , wherein the access code (control program) is sent to the user via a different communication channel from which the first user (said portion) authentication information is received . |
US5555303A CLAIM 8 . The method of claim 1 wherein the step of transmitting the ADVAN1 , and a portion of the retrieved first storage means party information , said portion (first user) comprising the ROC1 and the predetermined party information used to form the PA , from the first site to the second site , further comprises transmitting at least a portion of the transaction information ; the step of comparing the derived TN1 to the retrieved TN2 , further comprises the step of comparing the transaction information uncoded from the ADVAN1 using the second coded authentication information with the at least a portion of the transaction information transmitted ; and the step of authenticating additionally requires that the uncoded transaction information corresponds to the transmitted transaction information . US5555303A CLAIM 9 . In a computer system comprising a memory containing computer information stored in a controlled memory area to which access is granted only upon proper authentication of an authorized user of the computer system , the memory further including a stored control program (access code) for interacting with a user and for making a determination as to whether the user is an authorized user , the memory further including a first area , not readily accessible to a user , the first memory area containing a first revisable code (RN) and a second revisable code (TSN1) and a second area containing a third revisable code (ROC) and a fourth revisable code (TSN2) , the fourth revisable code (TSN2) being identical to the second revisable code (TSN1) , a method of authentication of a user comprising the steps of : receiving in the computer system a personal identification number IPIN) from a user ; generating first encoded authentication information (CPN1) using the received personal identification number (PIN) ; retrieving the fourth revisable code (TSN2) and encoding the fourth revisable code (TSN2) with the first encoded authentication information (CPN1) to obtain a first anti-duplication variable number (ADVAN1) ; retrieving the first revisable code (RN) from the first memory area and the third revisable code (ROC) from the second memory area and deriving therefrom second encoded authentication information (CPN2) ; retrieving the second revisable code (TSN1) from the first memory area and encoding the second revisable code (TSN1) with the second encoded authentication information (CPN2) to obtain a second anti-duplication variable number (ADVAN2) ; comparing the first anti-duplication variable number (ADVAN1) with the second anti-duplication variable number (ADVAN2) ; granting access to the computer information stored in the controlled memory area to the user only if the first and second anti-duplication variable numbers (ADVAN1 and ADVAN2) are identical ; and revising and storing the first , second , third and fourth revisable codes (RN , TSN1 , ROC and TSN2) in the original respective memory areas only if the first and second anti-duplication variable numbers (ADVAN1 and ADVAN2) are identical . |
| US8869249B2 Filed: 2002-01-18 Issued: 2014-10-21 Protecting information on a computer system using multiple authentication methods (Original Assignee) PeopleChart Corp (Current Assignee) PeopleChart Corp R. David Holvey, Arthur Douglas Jopling | US5646998A Filed: 1995-05-22 Issued: 1997-07-08 Secure transaction system and method utilized therein (Original Assignee) Stambler; Leon Leon Stambler |
|---|---|
| US8869249B2 CLAIM 1 . A method comprising : receiving , for a user , first user (second information) authentication information for a first authentication method ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving , by a computing device , a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US5646998A CLAIM 13 . A method for authenticating a credential and a first party who was issued the credential , and a second party associated with issuing the credential , the method comprising the steps of : retrieving first information previously stored in the credential , wherein the first information previously stored in the credential includes a first variable authentication number (VAN1) ; retrieving second information (first user) previously stored in a storage means associated with at least one of the parties , wherein the second information includes a joint code ; receiving third information from at least one of the parties ; coding the third information from at least one of the parties , and the joint code retrieved from the storage means to generate a second variable authentication number (VAN2) ; and authenticating the credential , and the first party who was issued the credential , and the second party associated with issuing the credential , if the first variable authentication number (VAN1) retrieved from the credential corresponds to the generated second variable authentication number (VAN2) . |
| US8869249B2 CLAIM 4 . The method of claim 1 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user (second information) authentication information and the second user authentication information are authenticated . |
US5646998A CLAIM 13 . A method for authenticating a credential and a first party who was issued the credential , and a second party associated with issuing the credential , the method comprising the steps of : retrieving first information previously stored in the credential , wherein the first information previously stored in the credential includes a first variable authentication number (VAN1) ; retrieving second information (first user) previously stored in a storage means associated with at least one of the parties , wherein the second information includes a joint code ; receiving third information from at least one of the parties ; coding the third information from at least one of the parties , and the joint code retrieved from the storage means to generate a second variable authentication number (VAN2) ; and authenticating the credential , and the first party who was issued the credential , and the second party associated with issuing the credential , if the first variable authentication number (VAN1) retrieved from the credential corresponds to the generated second variable authentication number (VAN2) . |
| US8869249B2 CLAIM 8 . The method of claim 7 , further comprising sending the access code to the user upon receiving the first user (second information) authentication information . |
US5646998A CLAIM 13 . A method for authenticating a credential and a first party who was issued the credential , and a second party associated with issuing the credential , the method comprising the steps of : retrieving first information previously stored in the credential , wherein the first information previously stored in the credential includes a first variable authentication number (VAN1) ; retrieving second information (first user) previously stored in a storage means associated with at least one of the parties , wherein the second information includes a joint code ; receiving third information from at least one of the parties ; coding the third information from at least one of the parties , and the joint code retrieved from the storage means to generate a second variable authentication number (VAN2) ; and authenticating the credential , and the first party who was issued the credential , and the second party associated with issuing the credential , if the first variable authentication number (VAN1) retrieved from the credential corresponds to the generated second variable authentication number (VAN2) . |
| US8869249B2 CLAIM 10 . The method of claim 8 , wherein the access code is sent to the user via a different communication channel from which the first user (second information) authentication information is received . |
US5646998A CLAIM 13 . A method for authenticating a credential and a first party who was issued the credential , and a second party associated with issuing the credential , the method comprising the steps of : retrieving first information previously stored in the credential , wherein the first information previously stored in the credential includes a first variable authentication number (VAN1) ; retrieving second information (first user) previously stored in a storage means associated with at least one of the parties , wherein the second information includes a joint code ; receiving third information from at least one of the parties ; coding the third information from at least one of the parties , and the joint code retrieved from the storage means to generate a second variable authentication number (VAN2) ; and authenticating the credential , and the first party who was issued the credential , and the second party associated with issuing the credential , if the first variable authentication number (VAN1) retrieved from the credential corresponds to the generated second variable authentication number (VAN2) . |
| US8869249B2 CLAIM 11 . A non-transitory computer-readable storage medium containing instructions for controlling a computer system to be configured for : receiving , for a user , first user (second information) authentication information for a first authentication method ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing system , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US5646998A CLAIM 13 . A method for authenticating a credential and a first party who was issued the credential , and a second party associated with issuing the credential , the method comprising the steps of : retrieving first information previously stored in the credential , wherein the first information previously stored in the credential includes a first variable authentication number (VAN1) ; retrieving second information (first user) previously stored in a storage means associated with at least one of the parties , wherein the second information includes a joint code ; receiving third information from at least one of the parties ; coding the third information from at least one of the parties , and the joint code retrieved from the storage means to generate a second variable authentication number (VAN2) ; and authenticating the credential , and the first party who was issued the credential , and the second party associated with issuing the credential , if the first variable authentication number (VAN1) retrieved from the credential corresponds to the generated second variable authentication number (VAN2) . |
| US8869249B2 CLAIM 12 . The non-transitory computer-readable storage medium of claim 11 , further configured for : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user (second information) authentication information and the second user authentication information are authenticated . |
US5646998A CLAIM 13 . A method for authenticating a credential and a first party who was issued the credential , and a second party associated with issuing the credential , the method comprising the steps of : retrieving first information previously stored in the credential , wherein the first information previously stored in the credential includes a first variable authentication number (VAN1) ; retrieving second information (first user) previously stored in a storage means associated with at least one of the parties , wherein the second information includes a joint code ; receiving third information from at least one of the parties ; coding the third information from at least one of the parties , and the joint code retrieved from the storage means to generate a second variable authentication number (VAN2) ; and authenticating the credential , and the first party who was issued the credential , and the second party associated with issuing the credential , if the first variable authentication number (VAN1) retrieved from the credential corresponds to the generated second variable authentication number (VAN2) . |
| US8869249B2 CLAIM 14 . The non-transitory computer-readable storage medium of claim 13 , wherein the access code is sent to the user via a different communication channel from which the first user (second information) authentication information is received . |
US5646998A CLAIM 13 . A method for authenticating a credential and a first party who was issued the credential , and a second party associated with issuing the credential , the method comprising the steps of : retrieving first information previously stored in the credential , wherein the first information previously stored in the credential includes a first variable authentication number (VAN1) ; retrieving second information (first user) previously stored in a storage means associated with at least one of the parties , wherein the second information includes a joint code ; receiving third information from at least one of the parties ; coding the third information from at least one of the parties , and the joint code retrieved from the storage means to generate a second variable authentication number (VAN2) ; and authenticating the credential , and the first party who was issued the credential , and the second party associated with issuing the credential , if the first variable authentication number (VAN1) retrieved from the credential corresponds to the generated second variable authentication number (VAN2) . |
| US8869249B2 CLAIM 15 . A method comprising : receiving , for a user , first user (second information) authentication information for a first authentication method ; upon authenticating the first user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device after receiving , for the user , a second user authentication information , wherein the front-end storage device is accessible to a user device for the user via a network and the back-end storage device is not directly connected to the network ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the second user authentication information , enabling , by a computing device , user access to the subset of data that has been moved to the front-end storage device via the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US5646998A CLAIM 13 . A method for authenticating a credential and a first party who was issued the credential , and a second party associated with issuing the credential , the method comprising the steps of : retrieving first information previously stored in the credential , wherein the first information previously stored in the credential includes a first variable authentication number (VAN1) ; retrieving second information (first user) previously stored in a storage means associated with at least one of the parties , wherein the second information includes a joint code ; receiving third information from at least one of the parties ; coding the third information from at least one of the parties , and the joint code retrieved from the storage means to generate a second variable authentication number (VAN2) ; and authenticating the credential , and the first party who was issued the credential , and the second party associated with issuing the credential , if the first variable authentication number (VAN1) retrieved from the credential corresponds to the generated second variable authentication number (VAN2) . |
| US8869249B2 CLAIM 16 . The method of claim 15 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user (second information) authentication information and the second user authentication information are authenticated . |
US5646998A CLAIM 13 . A method for authenticating a credential and a first party who was issued the credential , and a second party associated with issuing the credential , the method comprising the steps of : retrieving first information previously stored in the credential , wherein the first information previously stored in the credential includes a first variable authentication number (VAN1) ; retrieving second information (first user) previously stored in a storage means associated with at least one of the parties , wherein the second information includes a joint code ; receiving third information from at least one of the parties ; coding the third information from at least one of the parties , and the joint code retrieved from the storage means to generate a second variable authentication number (VAN2) ; and authenticating the credential , and the first party who was issued the credential , and the second party associated with issuing the credential , if the first variable authentication number (VAN1) retrieved from the credential corresponds to the generated second variable authentication number (VAN2) . |
| US8869249B2 CLAIM 19 . The method of claim 18 , further comprising sending the access code to the user upon receiving the first user (second information) authentication information . |
US5646998A CLAIM 13 . A method for authenticating a credential and a first party who was issued the credential , and a second party associated with issuing the credential , the method comprising the steps of : retrieving first information previously stored in the credential , wherein the first information previously stored in the credential includes a first variable authentication number (VAN1) ; retrieving second information (first user) previously stored in a storage means associated with at least one of the parties , wherein the second information includes a joint code ; receiving third information from at least one of the parties ; coding the third information from at least one of the parties , and the joint code retrieved from the storage means to generate a second variable authentication number (VAN2) ; and authenticating the credential , and the first party who was issued the credential , and the second party associated with issuing the credential , if the first variable authentication number (VAN1) retrieved from the credential corresponds to the generated second variable authentication number (VAN2) . |
| US8869249B2 CLAIM 20 . The method of claim 19 , wherein the access code is sent to the user via a different communication channel from which the first user (second information) authentication information is received . |
US5646998A CLAIM 13 . A method for authenticating a credential and a first party who was issued the credential , and a second party associated with issuing the credential , the method comprising the steps of : retrieving first information previously stored in the credential , wherein the first information previously stored in the credential includes a first variable authentication number (VAN1) ; retrieving second information (first user) previously stored in a storage means associated with at least one of the parties , wherein the second information includes a joint code ; receiving third information from at least one of the parties ; coding the third information from at least one of the parties , and the joint code retrieved from the storage means to generate a second variable authentication number (VAN2) ; and authenticating the credential , and the first party who was issued the credential , and the second party associated with issuing the credential , if the first variable authentication number (VAN1) retrieved from the credential corresponds to the generated second variable authentication number (VAN2) . |
| US8869249B2 Filed: 2002-01-18 Issued: 2014-10-21 Protecting information on a computer system using multiple authentication methods (Original Assignee) PeopleChart Corp (Current Assignee) PeopleChart Corp R. David Holvey, Arthur Douglas Jopling | US5608874A Filed: 1995-04-08 Issued: 1997-03-04 System and method for automatic data file format translation and transmission having advanced features (Original Assignee) AutoEntry OnLine Inc (Current Assignee) AutoEntry OnLine Inc Stuart S. Ogawa, Kevin R. Pierce |
|---|---|
| US8869249B2 CLAIM 1 . A method comprising : receiving , for a user , first user authentication information (transmission signal) for a first authentication method ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving , by a computing device , a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US5608874A CLAIM 3 . The method in claim 2 , wherein said step (A) of transmitting , further includes , after said step of determining whether said provider data file has been transmitted successfully and signaling successful data transmission to said main processing section , the steps of : in response to receipt of said successful data transmission signal (first user authentication information) , moving the original provider data file from said outgoing data box to a history data box within storage means of said provider section ; and in response to an indication that said data transmission to said main processing section was not successful , writing an error indication in a provider section error log . |
| US8869249B2 CLAIM 4 . The method of claim 1 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user authentication information (transmission signal) and the second user authentication information are authenticated . |
US5608874A CLAIM 3 . The method in claim 2 , wherein said step (A) of transmitting , further includes , after said step of determining whether said provider data file has been transmitted successfully and signaling successful data transmission to said main processing section , the steps of : in response to receipt of said successful data transmission signal (first user authentication information) , moving the original provider data file from said outgoing data box to a history data box within storage means of said provider section ; and in response to an indication that said data transmission to said main processing section was not successful , writing an error indication in a provider section error log . |
| US8869249B2 CLAIM 8 . The method of claim 7 , further comprising sending the access code to the user upon receiving the first user authentication information (transmission signal) . |
US5608874A CLAIM 3 . The method in claim 2 , wherein said step (A) of transmitting , further includes , after said step of determining whether said provider data file has been transmitted successfully and signaling successful data transmission to said main processing section , the steps of : in response to receipt of said successful data transmission signal (first user authentication information) , moving the original provider data file from said outgoing data box to a history data box within storage means of said provider section ; and in response to an indication that said data transmission to said main processing section was not successful , writing an error indication in a provider section error log . |
| US8869249B2 CLAIM 10 . The method of claim 8 , wherein the access code is sent to the user via a different communication channel (error condition) from which the first user authentication information (transmission signal) is received . |
US5608874A CLAIM 3 . The method in claim 2 , wherein said step (A) of transmitting , further includes , after said step of determining whether said provider data file has been transmitted successfully and signaling successful data transmission to said main processing section , the steps of : in response to receipt of said successful data transmission signal (first user authentication information) , moving the original provider data file from said outgoing data box to a history data box within storage means of said provider section ; and in response to an indication that said data transmission to said main processing section was not successful , writing an error indication in a provider section error log . US5608874A CLAIM 19 . The method in claim 18 , further comprising , after the step of reformatting said data from said midformat file , the steps of : testing said reformatted data in the translated destination format to validate the data ; and if said testing indicates that an error has occurred during said reformatting , then issuing an error condition (different communication channel) message to the user to indicate an error condition . |
| US8869249B2 CLAIM 11 . A non-transitory computer-readable storage medium containing instructions for controlling a computer system (distributed computer system) to be configured for : receiving , for a user , first user authentication information (transmission signal) for a first authentication method ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing system , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US5608874A CLAIM 3 . The method in claim 2 , wherein said step (A) of transmitting , further includes , after said step of determining whether said provider data file has been transmitted successfully and signaling successful data transmission to said main processing section , the steps of : in response to receipt of said successful data transmission signal (first user authentication information) , moving the original provider data file from said outgoing data box to a history data box within storage means of said provider section ; and in response to an indication that said data transmission to said main processing section was not successful , writing an error indication in a provider section error log . US5608874A CLAIM 13 . In a distributed computer system (computer system) including a data provider section , a main processing section . , and a data subscriber section , each said section selectably couplable to another section by a communications link including communications control means , a method for translating and transferring data from a provider source format to a subscriber destination format using a priori knowledge of said source and destination formats between said data provider section and a said data subscriber section , said method comprising the steps of : (A) transmitting , by said provider section , a particular provider data file from said provider section to said main processing section via said communications link ; (B) receiving , by said main processing section , said provider data file from said provider section and storing said received data files in said main processing section , said step of receiving including the steps of : monitoring a communication link port for messages from a calling party requesting a communication connection according to predetermined monitoring rules and determining whether a provider section is calling main processing section requesting a communication connection ; determining whether to allow said calling party to connect to said main processing section based upon predetermined security information stored in said computer system and security access rules ; disconnecting from an invalid calling party not satisfying said security access rules ; and maintaining said communication connection between a valid provider section and a valid main processing section satisfying said security access rules and granting access between said valid provider section and said valid main processing section ; and (C) translating , by said main processing section , said stored provider data file by : (i) copying said stored provider data file to a work area file within said main processor section , and (ii) converting said work area file from the native format of said provider data file to a midformat file format ; (D) forming a communications link , by said main processing section , with a particular one of said subscriber sections and transmitting said midformat file to said subscriber section ; (E) receiving , by subscriber section , said midformat file from said main processing section and storing said received file in storage within said subscriber section ; and (F) translating using said selected second-to-third file translation procedure , by said subscriber section , said midformat file into a subscriber destination format file compatible with said preselected subscriber application software routine . |
| US8869249B2 CLAIM 12 . The non-transitory computer-readable storage medium of claim 11 , further configured for : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user authentication information (transmission signal) and the second user authentication information are authenticated . |
US5608874A CLAIM 3 . The method in claim 2 , wherein said step (A) of transmitting , further includes , after said step of determining whether said provider data file has been transmitted successfully and signaling successful data transmission to said main processing section , the steps of : in response to receipt of said successful data transmission signal (first user authentication information) , moving the original provider data file from said outgoing data box to a history data box within storage means of said provider section ; and in response to an indication that said data transmission to said main processing section was not successful , writing an error indication in a provider section error log . |
| US8869249B2 CLAIM 14 . The non-transitory computer-readable storage medium of claim 13 , wherein the access code is sent to the user via a different communication channel (error condition) from which the first user authentication information (transmission signal) is received . |
US5608874A CLAIM 3 . The method in claim 2 , wherein said step (A) of transmitting , further includes , after said step of determining whether said provider data file has been transmitted successfully and signaling successful data transmission to said main processing section , the steps of : in response to receipt of said successful data transmission signal (first user authentication information) , moving the original provider data file from said outgoing data box to a history data box within storage means of said provider section ; and in response to an indication that said data transmission to said main processing section was not successful , writing an error indication in a provider section error log . US5608874A CLAIM 19 . The method in claim 18 , further comprising , after the step of reformatting said data from said midformat file , the steps of : testing said reformatted data in the translated destination format to validate the data ; and if said testing indicates that an error has occurred during said reformatting , then issuing an error condition (different communication channel) message to the user to indicate an error condition . |
| US8869249B2 CLAIM 15 . A method comprising : receiving , for a user , first user authentication information (transmission signal) for a first authentication method ; upon authenticating the first user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device after receiving , for the user , a second user authentication information , wherein the front-end storage device is accessible to a user device for the user via a network and the back-end storage device is not directly connected to the network ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the second user authentication information , enabling , by a computing device , user access to the subset of data that has been moved to the front-end storage device via the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US5608874A CLAIM 3 . The method in claim 2 , wherein said step (A) of transmitting , further includes , after said step of determining whether said provider data file has been transmitted successfully and signaling successful data transmission to said main processing section , the steps of : in response to receipt of said successful data transmission signal (first user authentication information) , moving the original provider data file from said outgoing data box to a history data box within storage means of said provider section ; and in response to an indication that said data transmission to said main processing section was not successful , writing an error indication in a provider section error log . |
| US8869249B2 CLAIM 16 . The method of claim 15 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user authentication information (transmission signal) and the second user authentication information are authenticated . |
US5608874A CLAIM 3 . The method in claim 2 , wherein said step (A) of transmitting , further includes , after said step of determining whether said provider data file has been transmitted successfully and signaling successful data transmission to said main processing section , the steps of : in response to receipt of said successful data transmission signal (first user authentication information) , moving the original provider data file from said outgoing data box to a history data box within storage means of said provider section ; and in response to an indication that said data transmission to said main processing section was not successful , writing an error indication in a provider section error log . |
| US8869249B2 CLAIM 19 . The method of claim 18 , further comprising sending the access code to the user upon receiving the first user authentication information (transmission signal) . |
US5608874A CLAIM 3 . The method in claim 2 , wherein said step (A) of transmitting , further includes , after said step of determining whether said provider data file has been transmitted successfully and signaling successful data transmission to said main processing section , the steps of : in response to receipt of said successful data transmission signal (first user authentication information) , moving the original provider data file from said outgoing data box to a history data box within storage means of said provider section ; and in response to an indication that said data transmission to said main processing section was not successful , writing an error indication in a provider section error log . |
| US8869249B2 CLAIM 20 . The method of claim 19 , wherein the access code is sent to the user via a different communication channel (error condition) from which the first user authentication information (transmission signal) is received . |
US5608874A CLAIM 3 . The method in claim 2 , wherein said step (A) of transmitting , further includes , after said step of determining whether said provider data file has been transmitted successfully and signaling successful data transmission to said main processing section , the steps of : in response to receipt of said successful data transmission signal (first user authentication information) , moving the original provider data file from said outgoing data box to a history data box within storage means of said provider section ; and in response to an indication that said data transmission to said main processing section was not successful , writing an error indication in a provider section error log . US5608874A CLAIM 19 . The method in claim 18 , further comprising , after the step of reformatting said data from said midformat file , the steps of : testing said reformatted data in the translated destination format to validate the data ; and if said testing indicates that an error has occurred during said reformatting , then issuing an error condition (different communication channel) message to the user to indicate an error condition . |
| US8869249B2 Filed: 2002-01-18 Issued: 2014-10-21 Protecting information on a computer system using multiple authentication methods (Original Assignee) PeopleChart Corp (Current Assignee) PeopleChart Corp R. David Holvey, Arthur Douglas Jopling | US5870552A Filed: 1995-03-28 Issued: 1999-02-09 Method and apparatus for publishing hypermedia documents over wide area networks (Original Assignee) America Online Inc (Current Assignee) Oath Inc Linda T. Dozier, V George W. Williams, Dave Long, Douglas M. McKee, James G. Davidson, Karen Brady |
|---|---|
| US8869249B2 CLAIM 1 . A method comprising : receiving , for a user , first user authentication information for a first authentication method ; receiving , for the user , second user authentication information for a second authentication method (following steps) , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving , by a computing device , a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US5870552A CLAIM 1 . A method for publishing electronic documents on a wide area network (" ; WAN" ; ) comprising a plurality of servers , said method for use by a user having a client computer operably coupled to a first server , said method comprising the following steps (second authentication method, end storage device) : accessing a source document located on a source server , the source document including at least one hypermedia link addressing a target document located on a target server ; accessing the target document by signaling the hypermedia link using a cursor control device ; editing the target document ; and saving the target document as modified on a destination server , wherein the foregoing steps are performed with the client computer using a seamless user interface , regardless of whether the first , source , target , and destination servers are the same or different servers . |
| US8869249B2 CLAIM 6 . The method of claim 5 , wherein : the external network includes the Internet , and the internal network is not directly accessible from any access point (control device) connected to the external network . |
US5870552A CLAIM 1 . A method for publishing electronic documents on a wide area network (" ; WAN" ; ) comprising a plurality of servers , said method for use by a user having a client computer operably coupled to a first server , said method comprising the following steps : accessing a source document located on a source server , the source document including at least one hypermedia link addressing a target document located on a target server ; accessing the target document by signaling the hypermedia link using a cursor control device (access point) ; editing the target document ; and saving the target document as modified on a destination server , wherein the foregoing steps are performed with the client computer using a seamless user interface , regardless of whether the first , source , target , and destination servers are the same or different servers . |
| US8869249B2 CLAIM 11 . A non-transitory computer-readable storage medium containing instructions for controlling a computer system to be configured for : receiving , for a user , first user authentication information for a first authentication method ; receiving , for the user , second user authentication information for a second authentication method (following steps) , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing system , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US5870552A CLAIM 1 . A method for publishing electronic documents on a wide area network (" ; WAN" ; ) comprising a plurality of servers , said method for use by a user having a client computer operably coupled to a first server , said method comprising the following steps (second authentication method, end storage device) : accessing a source document located on a source server , the source document including at least one hypermedia link addressing a target document located on a target server ; accessing the target document by signaling the hypermedia link using a cursor control device ; editing the target document ; and saving the target document as modified on a destination server , wherein the foregoing steps are performed with the client computer using a seamless user interface , regardless of whether the first , source , target , and destination servers are the same or different servers . |
| US8869249B2 CLAIM 15 . A method comprising : receiving , for a user , first user authentication information for a first authentication method ; upon authenticating the first user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device after receiving , for the user , a second user authentication information , wherein the front-end storage device is accessible to a user device for the user via a network and the back-end storage device is not directly connected to the network ; receiving , for the user , second user authentication information for a second authentication method (following steps) , the second authentication method being different from the first authentication method ; upon authenticating the second user authentication information , enabling , by a computing device , user access to the subset of data that has been moved to the front-end storage device via the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US5870552A CLAIM 1 . A method for publishing electronic documents on a wide area network (" ; WAN" ; ) comprising a plurality of servers , said method for use by a user having a client computer operably coupled to a first server , said method comprising the following steps (second authentication method, end storage device) : accessing a source document located on a source server , the source document including at least one hypermedia link addressing a target document located on a target server ; accessing the target document by signaling the hypermedia link using a cursor control device ; editing the target document ; and saving the target document as modified on a destination server , wherein the foregoing steps are performed with the client computer using a seamless user interface , regardless of whether the first , source , target , and destination servers are the same or different servers . |
| US8869249B2 Filed: 2002-01-18 Issued: 2014-10-21 Protecting information on a computer system using multiple authentication methods (Original Assignee) PeopleChart Corp (Current Assignee) PeopleChart Corp R. David Holvey, Arthur Douglas Jopling | WO9519593A1 Filed: 1995-01-12 Issued: 1995-07-20 A computer security system (Original Assignee) Michael Jeremy Kew; James Simon Love Michael Jeremy Kew, James Simon Love |
|---|---|
| US8869249B2 CLAIM 1 . A method comprising : receiving , for a user , first user authentication information for a first authentication method ; receiving , for the user , second user (second user) authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving , by a computing device , a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
WO9519593A1 CLAIM 3 . A method as claimed Claim 1 or Claim 2 , wherein the receiver (6) can only be enabled for a predetermined period to permit it to transform the received Code A to the transformed Code C by input of a second user (second user) identification code by the user . |
| US8869249B2 CLAIM 3 . The method of claim 1 , wherein the period of time starts upon authenticating the second user (second user) authentication information as long as the second user authentication information is authenticated within a prescheduled period of time . |
WO9519593A1 CLAIM 3 . A method as claimed Claim 1 or Claim 2 , wherein the receiver (6) can only be enabled for a predetermined period to permit it to transform the received Code A to the transformed Code C by input of a second user (second user) identification code by the user . |
| US8869249B2 CLAIM 4 . The method of claim 1 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user authentication information and the second user (second user) authentication information are authenticated . |
WO9519593A1 CLAIM 3 . A method as claimed Claim 1 or Claim 2 , wherein the receiver (6) can only be enabled for a predetermined period to permit it to transform the received Code A to the transformed Code C by input of a second user (second user) identification code by the user . |
| US8869249B2 CLAIM 7 . The method of claim 1 , wherein the second user (second user) authentication information comprises an access code (access code) . |
WO9519593A1 CLAIM 3 . A method as claimed Claim 1 or Claim 2 , wherein the receiver (6) can only be enabled for a predetermined period to permit it to transform the received Code A to the transformed Code C by input of a second user (second user) identification code by the user . WO9519593A1 CLAIM 6 . A method as claimed in any one of Claims 1 to 5 , wherein the remote terminal (2) comprises a central processing unit (CPU) and the method comprises the additional steps of generating an access code (access code) by the terminal (2) based on the user identification code and at least one of a terminal code for identifying the remote terminal , a network identification code for identifying which of a plurality of networks the remote terminal is connected to , and a software code identifying the presence or absence of particular software stored at the remote terminal site and accessible by its CPU ; transmitting the access code to the host computer system (1) ; deconstructing the access code to produce at least one computer identification code and the user identification code ; generating a second random code (Code D) ; subjecting Code D and the computer identification code to a transformation characteristic of a transformation algorithm so as to generate a transformed code (Code E) ; subjecting Code A to a transformation characteristic of both the transformation algorithm identified by the input user identification code and Code E so as to generate the transformed code (Code B) ; passing Code D to the remote terminal (2) which also subjects Code D and the computer identification code to a transformation characteristic of a transformation algorithm so as to generate a transformed code (Code F) ; passing Code F to the receiver (6) from the remote terminal which also subjects Code A to a transformation characteristic of both the transformation algorithm identified by the input user identification code and Code F so as to generate the transformed code (Code C) ; . |
| US8869249B2 CLAIM 8 . The method of claim 7 , further comprising sending the access code (access code) to the user upon receiving the first user authentication information . |
WO9519593A1 CLAIM 6 . A method as claimed in any one of Claims 1 to 5 , wherein the remote terminal (2) comprises a central processing unit (CPU) and the method comprises the additional steps of generating an access code (access code) by the terminal (2) based on the user identification code and at least one of a terminal code for identifying the remote terminal , a network identification code for identifying which of a plurality of networks the remote terminal is connected to , and a software code identifying the presence or absence of particular software stored at the remote terminal site and accessible by its CPU ; transmitting the access code to the host computer system (1) ; deconstructing the access code to produce at least one computer identification code and the user identification code ; generating a second random code (Code D) ; subjecting Code D and the computer identification code to a transformation characteristic of a transformation algorithm so as to generate a transformed code (Code E) ; subjecting Code A to a transformation characteristic of both the transformation algorithm identified by the input user identification code and Code E so as to generate the transformed code (Code B) ; passing Code D to the remote terminal (2) which also subjects Code D and the computer identification code to a transformation characteristic of a transformation algorithm so as to generate a transformed code (Code F) ; passing Code F to the receiver (6) from the remote terminal which also subjects Code A to a transformation characteristic of both the transformation algorithm identified by the input user identification code and Code F so as to generate the transformed code (Code C) ; . |
| US8869249B2 CLAIM 9 . The method of claim 8 , wherein the access code (access code) is sent to the user via a communication path that has been previously established . |
WO9519593A1 CLAIM 6 . A method as claimed in any one of Claims 1 to 5 , wherein the remote terminal (2) comprises a central processing unit (CPU) and the method comprises the additional steps of generating an access code (access code) by the terminal (2) based on the user identification code and at least one of a terminal code for identifying the remote terminal , a network identification code for identifying which of a plurality of networks the remote terminal is connected to , and a software code identifying the presence or absence of particular software stored at the remote terminal site and accessible by its CPU ; transmitting the access code to the host computer system (1) ; deconstructing the access code to produce at least one computer identification code and the user identification code ; generating a second random code (Code D) ; subjecting Code D and the computer identification code to a transformation characteristic of a transformation algorithm so as to generate a transformed code (Code E) ; subjecting Code A to a transformation characteristic of both the transformation algorithm identified by the input user identification code and Code E so as to generate the transformed code (Code B) ; passing Code D to the remote terminal (2) which also subjects Code D and the computer identification code to a transformation characteristic of a transformation algorithm so as to generate a transformed code (Code F) ; passing Code F to the receiver (6) from the remote terminal which also subjects Code A to a transformation characteristic of both the transformation algorithm identified by the input user identification code and Code F so as to generate the transformed code (Code C) ; . |
| US8869249B2 CLAIM 10 . The method of claim 8 , wherein the access code (access code) is sent to the user via a different communication channel from which the first user authentication information is received . |
WO9519593A1 CLAIM 6 . A method as claimed in any one of Claims 1 to 5 , wherein the remote terminal (2) comprises a central processing unit (CPU) and the method comprises the additional steps of generating an access code (access code) by the terminal (2) based on the user identification code and at least one of a terminal code for identifying the remote terminal , a network identification code for identifying which of a plurality of networks the remote terminal is connected to , and a software code identifying the presence or absence of particular software stored at the remote terminal site and accessible by its CPU ; transmitting the access code to the host computer system (1) ; deconstructing the access code to produce at least one computer identification code and the user identification code ; generating a second random code (Code D) ; subjecting Code D and the computer identification code to a transformation characteristic of a transformation algorithm so as to generate a transformed code (Code E) ; subjecting Code A to a transformation characteristic of both the transformation algorithm identified by the input user identification code and Code E so as to generate the transformed code (Code B) ; passing Code D to the remote terminal (2) which also subjects Code D and the computer identification code to a transformation characteristic of a transformation algorithm so as to generate a transformed code (Code F) ; passing Code F to the receiver (6) from the remote terminal which also subjects Code A to a transformation characteristic of both the transformation algorithm identified by the input user identification code and Code F so as to generate the transformed code (Code C) ; . |
| US8869249B2 CLAIM 11 . A non-transitory computer-readable storage medium containing instructions for controlling a computer system (computer system) to be configured for : receiving , for a user , first user authentication information for a first authentication method ; receiving , for the user , second user (second user) authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing system , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
WO9519593A1 CLAIM 1 . A method of preventing unauthorised access to a host computer system (computer system) (1) by a user at a remote terminal (2) comprising the steps of accepting a user identification code input to the terminal by the user ; generating a random code (Code A) ; subjecting Code A to a transformation characteristic of a transformation algorithm identified by the input user identification code so as to generate a transformed code (Code B) ; transmitting Code A via a paging system (7) , to a receiver (6) held by the user , the receiver (6) comprising transformation means adapted to transform the received Code A to a second transformed code (Code C) , and means (9) for displaying Code C to the user ; accepting input of Code C to the terminal (2) by the user ; comparing Code C with Code B ; and permitting access to the host system (1) only if Code C matches Code B . WO9519593A1 CLAIM 3 . A method as claimed Claim 1 or Claim 2 , wherein the receiver (6) can only be enabled for a predetermined period to permit it to transform the received Code A to the transformed Code C by input of a second user (second user) identification code by the user . |
| US8869249B2 CLAIM 12 . The non-transitory computer-readable storage medium of claim 11 , further configured for : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user authentication information and the second user (second user) authentication information are authenticated . |
WO9519593A1 CLAIM 3 . A method as claimed Claim 1 or Claim 2 , wherein the receiver (6) can only be enabled for a predetermined period to permit it to transform the received Code A to the transformed Code C by input of a second user (second user) identification code by the user . |
| US8869249B2 CLAIM 13 . The non-transitory computer-readable storage medium of claim 11 , wherein the second user (second user) authentication information comprises an access code (access code) . |
WO9519593A1 CLAIM 3 . A method as claimed Claim 1 or Claim 2 , wherein the receiver (6) can only be enabled for a predetermined period to permit it to transform the received Code A to the transformed Code C by input of a second user (second user) identification code by the user . WO9519593A1 CLAIM 6 . A method as claimed in any one of Claims 1 to 5 , wherein the remote terminal (2) comprises a central processing unit (CPU) and the method comprises the additional steps of generating an access code (access code) by the terminal (2) based on the user identification code and at least one of a terminal code for identifying the remote terminal , a network identification code for identifying which of a plurality of networks the remote terminal is connected to , and a software code identifying the presence or absence of particular software stored at the remote terminal site and accessible by its CPU ; transmitting the access code to the host computer system (1) ; deconstructing the access code to produce at least one computer identification code and the user identification code ; generating a second random code (Code D) ; subjecting Code D and the computer identification code to a transformation characteristic of a transformation algorithm so as to generate a transformed code (Code E) ; subjecting Code A to a transformation characteristic of both the transformation algorithm identified by the input user identification code and Code E so as to generate the transformed code (Code B) ; passing Code D to the remote terminal (2) which also subjects Code D and the computer identification code to a transformation characteristic of a transformation algorithm so as to generate a transformed code (Code F) ; passing Code F to the receiver (6) from the remote terminal which also subjects Code A to a transformation characteristic of both the transformation algorithm identified by the input user identification code and Code F so as to generate the transformed code (Code C) ; . |
| US8869249B2 CLAIM 14 . The non-transitory computer-readable storage medium of claim 13 , wherein the access code (access code) is sent to the user via a different communication channel from which the first user authentication information is received . |
WO9519593A1 CLAIM 6 . A method as claimed in any one of Claims 1 to 5 , wherein the remote terminal (2) comprises a central processing unit (CPU) and the method comprises the additional steps of generating an access code (access code) by the terminal (2) based on the user identification code and at least one of a terminal code for identifying the remote terminal , a network identification code for identifying which of a plurality of networks the remote terminal is connected to , and a software code identifying the presence or absence of particular software stored at the remote terminal site and accessible by its CPU ; transmitting the access code to the host computer system (1) ; deconstructing the access code to produce at least one computer identification code and the user identification code ; generating a second random code (Code D) ; subjecting Code D and the computer identification code to a transformation characteristic of a transformation algorithm so as to generate a transformed code (Code E) ; subjecting Code A to a transformation characteristic of both the transformation algorithm identified by the input user identification code and Code E so as to generate the transformed code (Code B) ; passing Code D to the remote terminal (2) which also subjects Code D and the computer identification code to a transformation characteristic of a transformation algorithm so as to generate a transformed code (Code F) ; passing Code F to the receiver (6) from the remote terminal which also subjects Code A to a transformation characteristic of both the transformation algorithm identified by the input user identification code and Code F so as to generate the transformed code (Code C) ; . |
| US8869249B2 CLAIM 15 . A method comprising : receiving , for a user , first user authentication information for a first authentication method ; upon authenticating the first user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device after receiving , for the user , a second user (second user) authentication information , wherein the front-end storage device is accessible to a user device for the user via a network and the back-end storage device is not directly connected to the network ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the second user authentication information , enabling , by a computing device , user access to the subset of data that has been moved to the front-end storage device via the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
WO9519593A1 CLAIM 3 . A method as claimed Claim 1 or Claim 2 , wherein the receiver (6) can only be enabled for a predetermined period to permit it to transform the received Code A to the transformed Code C by input of a second user (second user) identification code by the user . |
| US8869249B2 CLAIM 16 . The method of claim 15 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user authentication information and the second user (second user) authentication information are authenticated . |
WO9519593A1 CLAIM 3 . A method as claimed Claim 1 or Claim 2 , wherein the receiver (6) can only be enabled for a predetermined period to permit it to transform the received Code A to the transformed Code C by input of a second user (second user) identification code by the user . |
| US8869249B2 CLAIM 18 . The method of claim 15 , wherein the second user (second user) authentication information comprises an access code (access code) . |
WO9519593A1 CLAIM 3 . A method as claimed Claim 1 or Claim 2 , wherein the receiver (6) can only be enabled for a predetermined period to permit it to transform the received Code A to the transformed Code C by input of a second user (second user) identification code by the user . WO9519593A1 CLAIM 6 . A method as claimed in any one of Claims 1 to 5 , wherein the remote terminal (2) comprises a central processing unit (CPU) and the method comprises the additional steps of generating an access code (access code) by the terminal (2) based on the user identification code and at least one of a terminal code for identifying the remote terminal , a network identification code for identifying which of a plurality of networks the remote terminal is connected to , and a software code identifying the presence or absence of particular software stored at the remote terminal site and accessible by its CPU ; transmitting the access code to the host computer system (1) ; deconstructing the access code to produce at least one computer identification code and the user identification code ; generating a second random code (Code D) ; subjecting Code D and the computer identification code to a transformation characteristic of a transformation algorithm so as to generate a transformed code (Code E) ; subjecting Code A to a transformation characteristic of both the transformation algorithm identified by the input user identification code and Code E so as to generate the transformed code (Code B) ; passing Code D to the remote terminal (2) which also subjects Code D and the computer identification code to a transformation characteristic of a transformation algorithm so as to generate a transformed code (Code F) ; passing Code F to the receiver (6) from the remote terminal which also subjects Code A to a transformation characteristic of both the transformation algorithm identified by the input user identification code and Code F so as to generate the transformed code (Code C) ; . |
| US8869249B2 CLAIM 19 . The method of claim 18 , further comprising sending the access code (access code) to the user upon receiving the first user authentication information . |
WO9519593A1 CLAIM 6 . A method as claimed in any one of Claims 1 to 5 , wherein the remote terminal (2) comprises a central processing unit (CPU) and the method comprises the additional steps of generating an access code (access code) by the terminal (2) based on the user identification code and at least one of a terminal code for identifying the remote terminal , a network identification code for identifying which of a plurality of networks the remote terminal is connected to , and a software code identifying the presence or absence of particular software stored at the remote terminal site and accessible by its CPU ; transmitting the access code to the host computer system (1) ; deconstructing the access code to produce at least one computer identification code and the user identification code ; generating a second random code (Code D) ; subjecting Code D and the computer identification code to a transformation characteristic of a transformation algorithm so as to generate a transformed code (Code E) ; subjecting Code A to a transformation characteristic of both the transformation algorithm identified by the input user identification code and Code E so as to generate the transformed code (Code B) ; passing Code D to the remote terminal (2) which also subjects Code D and the computer identification code to a transformation characteristic of a transformation algorithm so as to generate a transformed code (Code F) ; passing Code F to the receiver (6) from the remote terminal which also subjects Code A to a transformation characteristic of both the transformation algorithm identified by the input user identification code and Code F so as to generate the transformed code (Code C) ; . |
| US8869249B2 CLAIM 20 . The method of claim 19 , wherein the access code (access code) is sent to the user via a different communication channel from which the first user authentication information is received . |
WO9519593A1 CLAIM 6 . A method as claimed in any one of Claims 1 to 5 , wherein the remote terminal (2) comprises a central processing unit (CPU) and the method comprises the additional steps of generating an access code (access code) by the terminal (2) based on the user identification code and at least one of a terminal code for identifying the remote terminal , a network identification code for identifying which of a plurality of networks the remote terminal is connected to , and a software code identifying the presence or absence of particular software stored at the remote terminal site and accessible by its CPU ; transmitting the access code to the host computer system (1) ; deconstructing the access code to produce at least one computer identification code and the user identification code ; generating a second random code (Code D) ; subjecting Code D and the computer identification code to a transformation characteristic of a transformation algorithm so as to generate a transformed code (Code E) ; subjecting Code A to a transformation characteristic of both the transformation algorithm identified by the input user identification code and Code E so as to generate the transformed code (Code B) ; passing Code D to the remote terminal (2) which also subjects Code D and the computer identification code to a transformation characteristic of a transformation algorithm so as to generate a transformed code (Code F) ; passing Code F to the receiver (6) from the remote terminal which also subjects Code A to a transformation characteristic of both the transformation algorithm identified by the input user identification code and Code F so as to generate the transformed code (Code C) ; . |
| US8869249B2 Filed: 2002-01-18 Issued: 2014-10-21 Protecting information on a computer system using multiple authentication methods (Original Assignee) PeopleChart Corp (Current Assignee) PeopleChart Corp R. David Holvey, Arthur Douglas Jopling | US5742905A Filed: 1994-09-19 Issued: 1998-04-21 Personal communications internetworking (Original Assignee) Telcordia Technologies Inc (Current Assignee) Access Co Ltd David Matthew Pepe, Lisa B. Blitzer, James Joseph Brockman, William Cruz, Dwight Omar Hakim, Michael Kramer, Dawn Diane Petr, Josefa Ramaroson, Gerardo Ramirez, Yang-Wei Wang, Robert G. White |
|---|---|
| US8869249B2 CLAIM 1 . A method comprising : receiving , for a user , first user (service provider) authentication information for a first authentication method ; receiving , for the user , second user (said server) authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving , by a computing device , a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US5742905A CLAIM 5 . A method for providing personal communication services to a called subscriber who can receive any of an electronic mail , facsimile , and a voice mail message under a single address regardless of the format of the message from a calling subscriber who can send messages in more than one format and on either a wireless or a wireline network , said method comprising the steps of : storing in a service provider (first user) database common to a plurality of subscribers and connected to both the wireless and wireline networks and responsive to inputs from the subscribers a called subscriber profile for each of said subscribers , said profile containing message routing commands for each called subscriber depending on the format of the message ; receiving any of an electronic mail , a facsimile , and a voice mail message addressed to a particular called subscriber at said particular called subscriber' ; s single address from a calling subscriber on either of the wireless and wireline networks ; determining from the stored called subscriber profile the message routing commands for routing the received message to the particular called subscriber dependent on the format of the message ; responsive to a message routing command , converting the received message from the received format to a different format ; and routing the received message in said different format to any of a wireless or a wireless network according to the message routing commands in the called subscriber profile . US5742905A CLAIM 7 . The personal communications internetwork of claim 6 further including a server connected to said means for storing a profile for each subscriber , said server (second user) including a processor and said processor including an interface with at least a plurality of said means for storing a profile , a wireless data network , an alphanumeric paging network , a telephone network switch , and a text-to-speech voice peripheral . |
| US8869249B2 CLAIM 3 . The method of claim 1 , wherein the period of time starts upon authenticating the second user (said server) authentication information as long as the second user authentication information is authenticated within a prescheduled period of time . |
US5742905A CLAIM 7 . The personal communications internetwork of claim 6 further including a server connected to said means for storing a profile for each subscriber , said server (second user) including a processor and said processor including an interface with at least a plurality of said means for storing a profile , a wireless data network , an alphanumeric paging network , a telephone network switch , and a text-to-speech voice peripheral . |
| US8869249B2 CLAIM 4 . The method of claim 1 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user (service provider) authentication information and the second user (said server) authentication information are authenticated . |
US5742905A CLAIM 5 . A method for providing personal communication services to a called subscriber who can receive any of an electronic mail , facsimile , and a voice mail message under a single address regardless of the format of the message from a calling subscriber who can send messages in more than one format and on either a wireless or a wireline network , said method comprising the steps of : storing in a service provider (first user) database common to a plurality of subscribers and connected to both the wireless and wireline networks and responsive to inputs from the subscribers a called subscriber profile for each of said subscribers , said profile containing message routing commands for each called subscriber depending on the format of the message ; receiving any of an electronic mail , a facsimile , and a voice mail message addressed to a particular called subscriber at said particular called subscriber' ; s single address from a calling subscriber on either of the wireless and wireline networks ; determining from the stored called subscriber profile the message routing commands for routing the received message to the particular called subscriber dependent on the format of the message ; responsive to a message routing command , converting the received message from the received format to a different format ; and routing the received message in said different format to any of a wireless or a wireless network according to the message routing commands in the called subscriber profile . US5742905A CLAIM 7 . The personal communications internetwork of claim 6 further including a server connected to said means for storing a profile for each subscriber , said server (second user) including a processor and said processor including an interface with at least a plurality of said means for storing a profile , a wireless data network , an alphanumeric paging network , a telephone network switch , and a text-to-speech voice peripheral . |
| US8869249B2 CLAIM 7 . The method of claim 1 , wherein the second user (said server) authentication information comprises an access code . |
US5742905A CLAIM 7 . The personal communications internetwork of claim 6 further including a server connected to said means for storing a profile for each subscriber , said server (second user) including a processor and said processor including an interface with at least a plurality of said means for storing a profile , a wireless data network , an alphanumeric paging network , a telephone network switch , and a text-to-speech voice peripheral . |
| US8869249B2 CLAIM 8 . The method of claim 7 , further comprising sending the access code to the user upon receiving the first user (service provider) authentication information . |
US5742905A CLAIM 5 . A method for providing personal communication services to a called subscriber who can receive any of an electronic mail , facsimile , and a voice mail message under a single address regardless of the format of the message from a calling subscriber who can send messages in more than one format and on either a wireless or a wireline network , said method comprising the steps of : storing in a service provider (first user) database common to a plurality of subscribers and connected to both the wireless and wireline networks and responsive to inputs from the subscribers a called subscriber profile for each of said subscribers , said profile containing message routing commands for each called subscriber depending on the format of the message ; receiving any of an electronic mail , a facsimile , and a voice mail message addressed to a particular called subscriber at said particular called subscriber' ; s single address from a calling subscriber on either of the wireless and wireline networks ; determining from the stored called subscriber profile the message routing commands for routing the received message to the particular called subscriber dependent on the format of the message ; responsive to a message routing command , converting the received message from the received format to a different format ; and routing the received message in said different format to any of a wireless or a wireless network according to the message routing commands in the called subscriber profile . |
| US8869249B2 CLAIM 10 . The method of claim 8 , wherein the access code is sent to the user via a different communication (different communication) channel from which the first user (service provider) authentication information is received . |
US5742905A CLAIM 5 . A method for providing personal communication services to a called subscriber who can receive any of an electronic mail , facsimile , and a voice mail message under a single address regardless of the format of the message from a calling subscriber who can send messages in more than one format and on either a wireless or a wireline network , said method comprising the steps of : storing in a service provider (first user) database common to a plurality of subscribers and connected to both the wireless and wireline networks and responsive to inputs from the subscribers a called subscriber profile for each of said subscribers , said profile containing message routing commands for each called subscriber depending on the format of the message ; receiving any of an electronic mail , a facsimile , and a voice mail message addressed to a particular called subscriber at said particular called subscriber' ; s single address from a calling subscriber on either of the wireless and wireline networks ; determining from the stored called subscriber profile the message routing commands for routing the received message to the particular called subscriber dependent on the format of the message ; responsive to a message routing command , converting the received message from the received format to a different format ; and routing the received message in said different format to any of a wireless or a wireless network according to the message routing commands in the called subscriber profile . US5742905A CLAIM 6 . A personal communication internetwork for sending and receiving wireless and wireline messages between subscribers in different formats , each subscriber having a single address to which all incoming messages are addressed regardless of the format of the message , said incoming messages including at least a plurality of telephone , pager , facsimile , voice mail , and electronic text communications , said internetwork including : means connected to receive and transmit messages in more than one format from a calling party over wireless and wireline communication networks ; means common to the subscribers and connected to said wireless and wireline networks for storing for each subscriber a profile responsive to inputs received from each of the subscribers and configured to store routing commands including communication forwarding options for said each subscriber depending on the format of the message from the calling party ; and a communication router connected to receive the received messages from the wireless and wireline networks and being responsive to the profile in said storing means for transmitting the received messages over the wireless and wireline networks according to the stored forwarding options , said communication router including a media format translation device configured to translate a received communication into a different communication (different communication) medium for transmission . |
| US8869249B2 CLAIM 11 . A non-transitory computer-readable storage medium containing instructions for controlling a computer system to be configured for : receiving , for a user , first user (service provider) authentication information for a first authentication method ; receiving , for the user , second user (said server) authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing system (generic data) , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US5742905A CLAIM 1 . A personal communication internetwork for sending and receiving wireless and wireline messages , said internetwork comprising (1) a server , including : (a) a message transfer agent interfaced with at least one wireline data network ; (b) a wireless data network protocol handler connected to the message transfer agent and interfacing with at least one wireless data network ; (c) a mobility controller , including i . a subscriber profile cache ; ii . a message router responsive to message routing parameters in the subscriber profile ; iii . an interface connected to exchange message routing parameters between the subscriber profile and the at least one wireless network ; iv . an interface connected to exchange message routing parameters between the subscriber profile and a personal communication control point ; and v . an interface with at least one of a telephone network , an alphanumeric pager network , and a voice peripheral ; and a personal communication control point connected to the server , including : (a) a first interface connected to exchange message routing parameter signals with the server ; (b) a second interface connected to exchange generic data (computing system) message routing parameter signals with the server ; (c) a subscriber profile connected to receive and maintain message routing parameters ; and (d) a call processor connected between the subscriber profile and the first and second interfaces . US5742905A CLAIM 5 . A method for providing personal communication services to a called subscriber who can receive any of an electronic mail , facsimile , and a voice mail message under a single address regardless of the format of the message from a calling subscriber who can send messages in more than one format and on either a wireless or a wireline network , said method comprising the steps of : storing in a service provider (first user) database common to a plurality of subscribers and connected to both the wireless and wireline networks and responsive to inputs from the subscribers a called subscriber profile for each of said subscribers , said profile containing message routing commands for each called subscriber depending on the format of the message ; receiving any of an electronic mail , a facsimile , and a voice mail message addressed to a particular called subscriber at said particular called subscriber' ; s single address from a calling subscriber on either of the wireless and wireline networks ; determining from the stored called subscriber profile the message routing commands for routing the received message to the particular called subscriber dependent on the format of the message ; responsive to a message routing command , converting the received message from the received format to a different format ; and routing the received message in said different format to any of a wireless or a wireless network according to the message routing commands in the called subscriber profile . US5742905A CLAIM 7 . The personal communications internetwork of claim 6 further including a server connected to said means for storing a profile for each subscriber , said server (second user) including a processor and said processor including an interface with at least a plurality of said means for storing a profile , a wireless data network , an alphanumeric paging network , a telephone network switch , and a text-to-speech voice peripheral . |
| US8869249B2 CLAIM 12 . The non-transitory computer-readable storage medium of claim 11 , further configured for : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user (service provider) authentication information and the second user (said server) authentication information are authenticated . |
US5742905A CLAIM 5 . A method for providing personal communication services to a called subscriber who can receive any of an electronic mail , facsimile , and a voice mail message under a single address regardless of the format of the message from a calling subscriber who can send messages in more than one format and on either a wireless or a wireline network , said method comprising the steps of : storing in a service provider (first user) database common to a plurality of subscribers and connected to both the wireless and wireline networks and responsive to inputs from the subscribers a called subscriber profile for each of said subscribers , said profile containing message routing commands for each called subscriber depending on the format of the message ; receiving any of an electronic mail , a facsimile , and a voice mail message addressed to a particular called subscriber at said particular called subscriber' ; s single address from a calling subscriber on either of the wireless and wireline networks ; determining from the stored called subscriber profile the message routing commands for routing the received message to the particular called subscriber dependent on the format of the message ; responsive to a message routing command , converting the received message from the received format to a different format ; and routing the received message in said different format to any of a wireless or a wireless network according to the message routing commands in the called subscriber profile . US5742905A CLAIM 7 . The personal communications internetwork of claim 6 further including a server connected to said means for storing a profile for each subscriber , said server (second user) including a processor and said processor including an interface with at least a plurality of said means for storing a profile , a wireless data network , an alphanumeric paging network , a telephone network switch , and a text-to-speech voice peripheral . |
| US8869249B2 CLAIM 13 . The non-transitory computer-readable storage medium of claim 11 , wherein the second user (said server) authentication information comprises an access code . |
US5742905A CLAIM 7 . The personal communications internetwork of claim 6 further including a server connected to said means for storing a profile for each subscriber , said server (second user) including a processor and said processor including an interface with at least a plurality of said means for storing a profile , a wireless data network , an alphanumeric paging network , a telephone network switch , and a text-to-speech voice peripheral . |
| US8869249B2 CLAIM 14 . The non-transitory computer-readable storage medium of claim 13 , wherein the access code is sent to the user via a different communication (different communication) channel from which the first user (service provider) authentication information is received . |
US5742905A CLAIM 5 . A method for providing personal communication services to a called subscriber who can receive any of an electronic mail , facsimile , and a voice mail message under a single address regardless of the format of the message from a calling subscriber who can send messages in more than one format and on either a wireless or a wireline network , said method comprising the steps of : storing in a service provider (first user) database common to a plurality of subscribers and connected to both the wireless and wireline networks and responsive to inputs from the subscribers a called subscriber profile for each of said subscribers , said profile containing message routing commands for each called subscriber depending on the format of the message ; receiving any of an electronic mail , a facsimile , and a voice mail message addressed to a particular called subscriber at said particular called subscriber' ; s single address from a calling subscriber on either of the wireless and wireline networks ; determining from the stored called subscriber profile the message routing commands for routing the received message to the particular called subscriber dependent on the format of the message ; responsive to a message routing command , converting the received message from the received format to a different format ; and routing the received message in said different format to any of a wireless or a wireless network according to the message routing commands in the called subscriber profile . US5742905A CLAIM 6 . A personal communication internetwork for sending and receiving wireless and wireline messages between subscribers in different formats , each subscriber having a single address to which all incoming messages are addressed regardless of the format of the message , said incoming messages including at least a plurality of telephone , pager , facsimile , voice mail , and electronic text communications , said internetwork including : means connected to receive and transmit messages in more than one format from a calling party over wireless and wireline communication networks ; means common to the subscribers and connected to said wireless and wireline networks for storing for each subscriber a profile responsive to inputs received from each of the subscribers and configured to store routing commands including communication forwarding options for said each subscriber depending on the format of the message from the calling party ; and a communication router connected to receive the received messages from the wireless and wireline networks and being responsive to the profile in said storing means for transmitting the received messages over the wireless and wireline networks according to the stored forwarding options , said communication router including a media format translation device configured to translate a received communication into a different communication (different communication) medium for transmission . |
| US8869249B2 CLAIM 15 . A method comprising : receiving , for a user , first user (service provider) authentication information for a first authentication method ; upon authenticating the first user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device after receiving , for the user , a second user (said server) authentication information , wherein the front-end storage device is accessible to a user device for the user via a network and the back-end storage device is not directly connected to the network ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the second user authentication information , enabling , by a computing device , user access to the subset of data that has been moved to the front-end storage device via the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US5742905A CLAIM 5 . A method for providing personal communication services to a called subscriber who can receive any of an electronic mail , facsimile , and a voice mail message under a single address regardless of the format of the message from a calling subscriber who can send messages in more than one format and on either a wireless or a wireline network , said method comprising the steps of : storing in a service provider (first user) database common to a plurality of subscribers and connected to both the wireless and wireline networks and responsive to inputs from the subscribers a called subscriber profile for each of said subscribers , said profile containing message routing commands for each called subscriber depending on the format of the message ; receiving any of an electronic mail , a facsimile , and a voice mail message addressed to a particular called subscriber at said particular called subscriber' ; s single address from a calling subscriber on either of the wireless and wireline networks ; determining from the stored called subscriber profile the message routing commands for routing the received message to the particular called subscriber dependent on the format of the message ; responsive to a message routing command , converting the received message from the received format to a different format ; and routing the received message in said different format to any of a wireless or a wireless network according to the message routing commands in the called subscriber profile . US5742905A CLAIM 7 . The personal communications internetwork of claim 6 further including a server connected to said means for storing a profile for each subscriber , said server (second user) including a processor and said processor including an interface with at least a plurality of said means for storing a profile , a wireless data network , an alphanumeric paging network , a telephone network switch , and a text-to-speech voice peripheral . |
| US8869249B2 CLAIM 16 . The method of claim 15 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user (service provider) authentication information and the second user (said server) authentication information are authenticated . |
US5742905A CLAIM 5 . A method for providing personal communication services to a called subscriber who can receive any of an electronic mail , facsimile , and a voice mail message under a single address regardless of the format of the message from a calling subscriber who can send messages in more than one format and on either a wireless or a wireline network , said method comprising the steps of : storing in a service provider (first user) database common to a plurality of subscribers and connected to both the wireless and wireline networks and responsive to inputs from the subscribers a called subscriber profile for each of said subscribers , said profile containing message routing commands for each called subscriber depending on the format of the message ; receiving any of an electronic mail , a facsimile , and a voice mail message addressed to a particular called subscriber at said particular called subscriber' ; s single address from a calling subscriber on either of the wireless and wireline networks ; determining from the stored called subscriber profile the message routing commands for routing the received message to the particular called subscriber dependent on the format of the message ; responsive to a message routing command , converting the received message from the received format to a different format ; and routing the received message in said different format to any of a wireless or a wireless network according to the message routing commands in the called subscriber profile . US5742905A CLAIM 7 . The personal communications internetwork of claim 6 further including a server connected to said means for storing a profile for each subscriber , said server (second user) including a processor and said processor including an interface with at least a plurality of said means for storing a profile , a wireless data network , an alphanumeric paging network , a telephone network switch , and a text-to-speech voice peripheral . |
| US8869249B2 CLAIM 18 . The method of claim 15 , wherein the second user (said server) authentication information comprises an access code . |
US5742905A CLAIM 7 . The personal communications internetwork of claim 6 further including a server connected to said means for storing a profile for each subscriber , said server (second user) including a processor and said processor including an interface with at least a plurality of said means for storing a profile , a wireless data network , an alphanumeric paging network , a telephone network switch , and a text-to-speech voice peripheral . |
| US8869249B2 CLAIM 19 . The method of claim 18 , further comprising sending the access code to the user upon receiving the first user (service provider) authentication information . |
US5742905A CLAIM 5 . A method for providing personal communication services to a called subscriber who can receive any of an electronic mail , facsimile , and a voice mail message under a single address regardless of the format of the message from a calling subscriber who can send messages in more than one format and on either a wireless or a wireline network , said method comprising the steps of : storing in a service provider (first user) database common to a plurality of subscribers and connected to both the wireless and wireline networks and responsive to inputs from the subscribers a called subscriber profile for each of said subscribers , said profile containing message routing commands for each called subscriber depending on the format of the message ; receiving any of an electronic mail , a facsimile , and a voice mail message addressed to a particular called subscriber at said particular called subscriber' ; s single address from a calling subscriber on either of the wireless and wireline networks ; determining from the stored called subscriber profile the message routing commands for routing the received message to the particular called subscriber dependent on the format of the message ; responsive to a message routing command , converting the received message from the received format to a different format ; and routing the received message in said different format to any of a wireless or a wireless network according to the message routing commands in the called subscriber profile . |
| US8869249B2 CLAIM 20 . The method of claim 19 , wherein the access code is sent to the user via a different communication (different communication) channel from which the first user (service provider) authentication information is received . |
US5742905A CLAIM 5 . A method for providing personal communication services to a called subscriber who can receive any of an electronic mail , facsimile , and a voice mail message under a single address regardless of the format of the message from a calling subscriber who can send messages in more than one format and on either a wireless or a wireline network , said method comprising the steps of : storing in a service provider (first user) database common to a plurality of subscribers and connected to both the wireless and wireline networks and responsive to inputs from the subscribers a called subscriber profile for each of said subscribers , said profile containing message routing commands for each called subscriber depending on the format of the message ; receiving any of an electronic mail , a facsimile , and a voice mail message addressed to a particular called subscriber at said particular called subscriber' ; s single address from a calling subscriber on either of the wireless and wireline networks ; determining from the stored called subscriber profile the message routing commands for routing the received message to the particular called subscriber dependent on the format of the message ; responsive to a message routing command , converting the received message from the received format to a different format ; and routing the received message in said different format to any of a wireless or a wireless network according to the message routing commands in the called subscriber profile . US5742905A CLAIM 6 . A personal communication internetwork for sending and receiving wireless and wireline messages between subscribers in different formats , each subscriber having a single address to which all incoming messages are addressed regardless of the format of the message , said incoming messages including at least a plurality of telephone , pager , facsimile , voice mail , and electronic text communications , said internetwork including : means connected to receive and transmit messages in more than one format from a calling party over wireless and wireline communication networks ; means common to the subscribers and connected to said wireless and wireline networks for storing for each subscriber a profile responsive to inputs received from each of the subscribers and configured to store routing commands including communication forwarding options for said each subscriber depending on the format of the message from the calling party ; and a communication router connected to receive the received messages from the wireless and wireline networks and being responsive to the profile in said storing means for transmitting the received messages over the wireless and wireline networks according to the stored forwarding options , said communication router including a media format translation device configured to translate a received communication into a different communication (different communication) medium for transmission . |
| US8869249B2 Filed: 2002-01-18 Issued: 2014-10-21 Protecting information on a computer system using multiple authentication methods (Original Assignee) PeopleChart Corp (Current Assignee) PeopleChart Corp R. David Holvey, Arthur Douglas Jopling | US5428778A Filed: 1994-09-13 Issued: 1995-06-27 Selective dissemination of information (Original Assignee) Office Express Pty Ltd (Current Assignee) Oracle America Inc Cyril Brookes |
|---|---|
| US8869249B2 CLAIM 1 . A method comprising : receiving , for a user , first user authentication information for a first authentication method ; receiving , for the user , second user (said database) authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving , by a computing device , a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device (said database) for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US5428778A CLAIM 10 . The method as recited in claim 9 , further including the step of allowing the database user to examine an information item whose parameters match parameters selected by the database user provided that said database (second user, user device, user device access, user access) user is a member of a group indicated by the parameters associated with said information item . |
| US8869249B2 CLAIM 3 . The method of claim 1 , wherein the period of time starts upon authenticating the second user (said database) authentication information as long as the second user authentication information is authenticated within a prescheduled period of time . |
US5428778A CLAIM 10 . The method as recited in claim 9 , further including the step of allowing the database user to examine an information item whose parameters match parameters selected by the database user provided that said database (second user, user device, user device access, user access) user is a member of a group indicated by the parameters associated with said information item . |
| US8869249B2 CLAIM 4 . The method of claim 1 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user authentication information and the second user (said database) authentication information are authenticated . |
US5428778A CLAIM 10 . The method as recited in claim 9 , further including the step of allowing the database user to examine an information item whose parameters match parameters selected by the database user provided that said database (second user, user device, user device access, user access) user is a member of a group indicated by the parameters associated with said information item . |
| US8869249B2 CLAIM 7 . The method of claim 1 , wherein the second user (said database) authentication information comprises an access code . |
US5428778A CLAIM 10 . The method as recited in claim 9 , further including the step of allowing the database user to examine an information item whose parameters match parameters selected by the database user provided that said database (second user, user device, user device access, user access) user is a member of a group indicated by the parameters associated with said information item . |
| US8869249B2 CLAIM 11 . A non-transitory computer-readable storage medium containing instructions for controlling a computer system (computer system) to be configured for : receiving , for a user , first user authentication information for a first authentication method ; receiving , for the user , second user (said database) authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device (said database) for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing system , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US5428778A CLAIM 1 . A database user alerting method for use with a database system in which are stored a plurality of information items , said method including the steps , performed in a computer system (computer system) , of : storing in association with each information item in the database system a plurality of parameters including (i) at least one keyword indicative of the subject matter of said information item , and (ii) a priority level value for each information item , wherein said priority level value is selected from a predetermined set of priority level values , and wherein said at least one keyword is selected from a finite hierarchical set of keywords having a tree structure relating broad keywords to progressively narrower keywords ; creating and storing an interest profile for each database user indicative of categories of information of interest to said each database user , said interest profile comprising (i) a list of keywords taken from said finite hierarchical set and (ii) an associated priority level value for each keyword ; comparing the parameters stored in association with each information item with the stored interest profile for each database user ; and , alerting a database user of the existence of an information item when said interest profile for that database user includes (i) at least one keyword associated with the information item and (ii) a priority level value associated with said at least one keyword that does not exceed the priority level value associated with the information item . US5428778A CLAIM 10 . The method as recited in claim 9 , further including the step of allowing the database user to examine an information item whose parameters match parameters selected by the database user provided that said database (second user, user device, user device access, user access) user is a member of a group indicated by the parameters associated with said information item . |
| US8869249B2 CLAIM 12 . The non-transitory computer-readable storage medium of claim 11 , further configured for : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user authentication information and the second user (said database) authentication information are authenticated . |
US5428778A CLAIM 10 . The method as recited in claim 9 , further including the step of allowing the database user to examine an information item whose parameters match parameters selected by the database user provided that said database (second user, user device, user device access, user access) user is a member of a group indicated by the parameters associated with said information item . |
| US8869249B2 CLAIM 13 . The non-transitory computer-readable storage medium of claim 11 , wherein the second user (said database) authentication information comprises an access code . |
US5428778A CLAIM 10 . The method as recited in claim 9 , further including the step of allowing the database user to examine an information item whose parameters match parameters selected by the database user provided that said database (second user, user device, user device access, user access) user is a member of a group indicated by the parameters associated with said information item . |
| US8869249B2 CLAIM 15 . A method comprising : receiving , for a user , first user authentication information for a first authentication method ; upon authenticating the first user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device after receiving , for the user , a second user (said database) authentication information , wherein the front-end storage device is accessible to a user device (said database) for the user via a network and the back-end storage device is not directly connected to the network ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the second user authentication information , enabling , by a computing device , user access (said database) to the subset of data that has been moved to the front-end storage device via the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US5428778A CLAIM 10 . The method as recited in claim 9 , further including the step of allowing the database user to examine an information item whose parameters match parameters selected by the database user provided that said database (second user, user device, user device access, user access) user is a member of a group indicated by the parameters associated with said information item . |
| US8869249B2 CLAIM 16 . The method of claim 15 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user authentication information and the second user (said database) authentication information are authenticated . |
US5428778A CLAIM 10 . The method as recited in claim 9 , further including the step of allowing the database user to examine an information item whose parameters match parameters selected by the database user provided that said database (second user, user device, user device access, user access) user is a member of a group indicated by the parameters associated with said information item . |
| US8869249B2 CLAIM 18 . The method of claim 15 , wherein the second user (said database) authentication information comprises an access code . |
US5428778A CLAIM 10 . The method as recited in claim 9 , further including the step of allowing the database user to examine an information item whose parameters match parameters selected by the database user provided that said database (second user, user device, user device access, user access) user is a member of a group indicated by the parameters associated with said information item . |
| US8869249B2 Filed: 2002-01-18 Issued: 2014-10-21 Protecting information on a computer system using multiple authentication methods (Original Assignee) PeopleChart Corp (Current Assignee) PeopleChart Corp R. David Holvey, Arthur Douglas Jopling | US5666534A Filed: 1993-06-29 Issued: 1997-09-09 Method and appartus for use by a host system for mechanizing highly configurable capabilities in carrying out remote support for such system (Original Assignee) Bull HN Information Systems Inc (Current Assignee) Bull HN Information Systems Inc Jeremy H. Gilbert, David B. Hout, Michael P. Keohane, David K. Perlow, Daniel G. Peters, Eric J. Storch |
|---|---|
| US8869249B2 CLAIM 1 . A method comprising : receiving , for a user , first user authentication information for a first authentication method (said organ) ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving , by a computing device , a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US5666534A CLAIM 27 . The method of claim 2 wherein said GMIS unit utilizes a hierarchical organization of menu screens , said organ (first authentication method) ization including an initial problem determination submenu containing a number of selection items relating to specific components of said number of components , each selection item leading to a number of submenus which in turn lead to dialogs for each command of said small number of commands enabling configuration of said number of said components . |
| US8869249B2 CLAIM 11 . A non-transitory computer-readable storage medium containing instructions for controlling a computer system (computer system) to be configured for : receiving , for a user , first user authentication information for a first authentication method (said organ) ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing system , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US5666534A CLAIM 3 . The method of claim 2 wherein said computer system (computer system) includes a number of source error log files used by said host computer for logging errors encountered while running applications on said host computer and wherein said remotely located response center performs support services for said host system by calling back into said host system in response to a first component of said number of components having detected an overthreshold condition which caused a callout action to be made by said RSF unit for further diagnosis and correction of a system problem reported by said host system , said first component including said number of source error log files and a control attribute file and wherein said step (b) of said method further includes the steps of : (f) configuring each of said number of source error log files to be monitored by causing storage of a source record entry in said control file for each of said number of source log files to be monitored , said record entry containing a unique user specified name for said log file , a path name to said log file , information identifying the type of log file , information identifying how often to scan for new messages and information designating what notification action to invoke if a message is detected by said first component as being overthreshold ; and ; (g) initiating said notification action specified by said source record entry to said response center upon detecting an occurrence of an overthreshold condition within one of said source log files being monitored . US5666534A CLAIM 27 . The method of claim 2 wherein said GMIS unit utilizes a hierarchical organization of menu screens , said organ (first authentication method) ization including an initial problem determination submenu containing a number of selection items relating to specific components of said number of components , each selection item leading to a number of submenus which in turn lead to dialogs for each command of said small number of commands enabling configuration of said number of said components . |
| US8869249B2 CLAIM 15 . A method comprising : receiving , for a user , first user authentication information for a first authentication method (said organ) ; upon authenticating the first user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device after receiving , for the user , a second user authentication information , wherein the front-end storage device is accessible to a user device for the user via a network and the back-end storage device is not directly connected to the network ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the second user authentication information , enabling , by a computing device , user access to the subset of data that has been moved to the front-end storage device via the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US5666534A CLAIM 27 . The method of claim 2 wherein said GMIS unit utilizes a hierarchical organization of menu screens , said organ (first authentication method) ization including an initial problem determination submenu containing a number of selection items relating to specific components of said number of components , each selection item leading to a number of submenus which in turn lead to dialogs for each command of said small number of commands enabling configuration of said number of said components . |
| US8869249B2 Filed: 2002-01-18 Issued: 2014-10-21 Protecting information on a computer system using multiple authentication methods (Original Assignee) PeopleChart Corp (Current Assignee) PeopleChart Corp R. David Holvey, Arthur Douglas Jopling | US5267314A Filed: 1992-11-17 Issued: 1993-11-30 Secure transaction system and method utilized therein (Original Assignee) Leon Stambler Leon Stambler |
|---|---|
| US8869249B2 CLAIM 1 . A method comprising : receiving , for a user , first user (first number) authentication information for a first authentication method ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving , by a computing device , a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US5267314A CLAIM 5 . A method for enrolling and authenticating a party , comprising the steps of : receiving a personal identification number (PIN) from the party ; generating coded authentication information using the received PIN ; generating first and second numbers such that the coded authentication information is derivable from the first and second numbers , the first number (first user) being secret and the second number being non-secret ; storing information comprising the secret number in a first storage means addressable using a predetermined secret address ; generating a coded secret address using at least part of the predetermined secret address and the received PIN ; and storing the coded secret address and the non-secret number in a second storage means addressable using a predetermined non-secret address . |
| US8869249B2 CLAIM 4 . The method of claim 1 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user (first number) authentication information and the second user authentication information are authenticated . |
US5267314A CLAIM 5 . A method for enrolling and authenticating a party , comprising the steps of : receiving a personal identification number (PIN) from the party ; generating coded authentication information using the received PIN ; generating first and second numbers such that the coded authentication information is derivable from the first and second numbers , the first number (first user) being secret and the second number being non-secret ; storing information comprising the secret number in a first storage means addressable using a predetermined secret address ; generating a coded secret address using at least part of the predetermined secret address and the received PIN ; and storing the coded secret address and the non-secret number in a second storage means addressable using a predetermined non-secret address . |
| US8869249B2 CLAIM 8 . The method of claim 7 , further comprising sending the access code to the user upon receiving the first user (first number) authentication information . |
US5267314A CLAIM 5 . A method for enrolling and authenticating a party , comprising the steps of : receiving a personal identification number (PIN) from the party ; generating coded authentication information using the received PIN ; generating first and second numbers such that the coded authentication information is derivable from the first and second numbers , the first number (first user) being secret and the second number being non-secret ; storing information comprising the secret number in a first storage means addressable using a predetermined secret address ; generating a coded secret address using at least part of the predetermined secret address and the received PIN ; and storing the coded secret address and the non-secret number in a second storage means addressable using a predetermined non-secret address . |
| US8869249B2 CLAIM 10 . The method of claim 8 , wherein the access code is sent to the user via a different communication channel from which the first user (first number) authentication information is received . |
US5267314A CLAIM 5 . A method for enrolling and authenticating a party , comprising the steps of : receiving a personal identification number (PIN) from the party ; generating coded authentication information using the received PIN ; generating first and second numbers such that the coded authentication information is derivable from the first and second numbers , the first number (first user) being secret and the second number being non-secret ; storing information comprising the secret number in a first storage means addressable using a predetermined secret address ; generating a coded secret address using at least part of the predetermined secret address and the received PIN ; and storing the coded secret address and the non-secret number in a second storage means addressable using a predetermined non-secret address . |
| US8869249B2 CLAIM 11 . A non-transitory computer-readable storage medium containing instructions for controlling a computer system to be configured for : receiving , for a user , first user (first number) authentication information for a first authentication method ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing system (other components) , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US5267314A CLAIM 5 . A method for enrolling and authenticating a party , comprising the steps of : receiving a personal identification number (PIN) from the party ; generating coded authentication information using the received PIN ; generating first and second numbers such that the coded authentication information is derivable from the first and second numbers , the first number (first user) being secret and the second number being non-secret ; storing information comprising the secret number in a first storage means addressable using a predetermined secret address ; generating a coded secret address using at least part of the predetermined secret address and the received PIN ; and storing the coded secret address and the non-secret number in a second storage means addressable using a predetermined non-secret address . US5267314A CLAIM 14 . The method of claim 13 , wherein the step of generating the predetermined secret address comprises the steps of : uncoding the retrieved coded secret address using the received second PIN to generate said one of the components of the predetermined secret address ; and generating the predetermined secret address by combining the generated said one of the components with the other components (computing system) of the predetermined secret address . |
| US8869249B2 CLAIM 12 . The non-transitory computer-readable storage medium of claim 11 , further configured for : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user (first number) authentication information and the second user authentication information are authenticated . |
US5267314A CLAIM 5 . A method for enrolling and authenticating a party , comprising the steps of : receiving a personal identification number (PIN) from the party ; generating coded authentication information using the received PIN ; generating first and second numbers such that the coded authentication information is derivable from the first and second numbers , the first number (first user) being secret and the second number being non-secret ; storing information comprising the secret number in a first storage means addressable using a predetermined secret address ; generating a coded secret address using at least part of the predetermined secret address and the received PIN ; and storing the coded secret address and the non-secret number in a second storage means addressable using a predetermined non-secret address . |
| US8869249B2 CLAIM 14 . The non-transitory computer-readable storage medium of claim 13 , wherein the access code is sent to the user via a different communication channel from which the first user (first number) authentication information is received . |
US5267314A CLAIM 5 . A method for enrolling and authenticating a party , comprising the steps of : receiving a personal identification number (PIN) from the party ; generating coded authentication information using the received PIN ; generating first and second numbers such that the coded authentication information is derivable from the first and second numbers , the first number (first user) being secret and the second number being non-secret ; storing information comprising the secret number in a first storage means addressable using a predetermined secret address ; generating a coded secret address using at least part of the predetermined secret address and the received PIN ; and storing the coded secret address and the non-secret number in a second storage means addressable using a predetermined non-secret address . |
| US8869249B2 CLAIM 15 . A method comprising : receiving , for a user , first user (first number) authentication information for a first authentication method ; upon authenticating the first user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device after receiving , for the user , a second user authentication information , wherein the front-end storage device is accessible to a user device for the user via a network and the back-end storage device is not directly connected to the network ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the second user authentication information , enabling , by a computing device , user access to the subset of data that has been moved to the front-end storage device via the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US5267314A CLAIM 5 . A method for enrolling and authenticating a party , comprising the steps of : receiving a personal identification number (PIN) from the party ; generating coded authentication information using the received PIN ; generating first and second numbers such that the coded authentication information is derivable from the first and second numbers , the first number (first user) being secret and the second number being non-secret ; storing information comprising the secret number in a first storage means addressable using a predetermined secret address ; generating a coded secret address using at least part of the predetermined secret address and the received PIN ; and storing the coded secret address and the non-secret number in a second storage means addressable using a predetermined non-secret address . |
| US8869249B2 CLAIM 16 . The method of claim 15 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user (first number) authentication information and the second user authentication information are authenticated . |
US5267314A CLAIM 5 . A method for enrolling and authenticating a party , comprising the steps of : receiving a personal identification number (PIN) from the party ; generating coded authentication information using the received PIN ; generating first and second numbers such that the coded authentication information is derivable from the first and second numbers , the first number (first user) being secret and the second number being non-secret ; storing information comprising the secret number in a first storage means addressable using a predetermined secret address ; generating a coded secret address using at least part of the predetermined secret address and the received PIN ; and storing the coded secret address and the non-secret number in a second storage means addressable using a predetermined non-secret address . |
| US8869249B2 CLAIM 19 . The method of claim 18 , further comprising sending the access code to the user upon receiving the first user (first number) authentication information . |
US5267314A CLAIM 5 . A method for enrolling and authenticating a party , comprising the steps of : receiving a personal identification number (PIN) from the party ; generating coded authentication information using the received PIN ; generating first and second numbers such that the coded authentication information is derivable from the first and second numbers , the first number (first user) being secret and the second number being non-secret ; storing information comprising the secret number in a first storage means addressable using a predetermined secret address ; generating a coded secret address using at least part of the predetermined secret address and the received PIN ; and storing the coded secret address and the non-secret number in a second storage means addressable using a predetermined non-secret address . |
| US8869249B2 CLAIM 20 . The method of claim 19 , wherein the access code is sent to the user via a different communication channel from which the first user (first number) authentication information is received . |
US5267314A CLAIM 5 . A method for enrolling and authenticating a party , comprising the steps of : receiving a personal identification number (PIN) from the party ; generating coded authentication information using the received PIN ; generating first and second numbers such that the coded authentication information is derivable from the first and second numbers , the first number (first user) being secret and the second number being non-secret ; storing information comprising the secret number in a first storage means addressable using a predetermined secret address ; generating a coded secret address using at least part of the predetermined secret address and the received PIN ; and storing the coded secret address and the non-secret number in a second storage means addressable using a predetermined non-secret address . |
| US8869249B2 Filed: 2002-01-18 Issued: 2014-10-21 Protecting information on a computer system using multiple authentication methods (Original Assignee) PeopleChart Corp (Current Assignee) PeopleChart Corp R. David Holvey, Arthur Douglas Jopling | US5204897A Filed: 1992-07-14 Issued: 1993-04-20 Management interface for license management system (Original Assignee) Digital Equipment Corp (Current Assignee) Hewlett Packard Development Co LP Robert M. Wyman |
|---|---|
| US8869249B2 CLAIM 1 . A method comprising : receiving , for a user , first user authentication information for a first authentication method ; receiving , for the user , second user (said server) authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving , by a computing device , a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US5204897A CLAIM 4 . A method according to claim 3 wherein said store is maintained by a license server , and said request is sent to said server (second user) . |
| US8869249B2 CLAIM 3 . The method of claim 1 , wherein the period of time starts upon authenticating the second user (said server) authentication information as long as the second user authentication information is authenticated within a prescheduled period of time . |
US5204897A CLAIM 4 . A method according to claim 3 wherein said store is maintained by a license server , and said request is sent to said server (second user) . |
| US8869249B2 CLAIM 4 . The method of claim 1 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user authentication information and the second user (said server) authentication information are authenticated . |
US5204897A CLAIM 4 . A method according to claim 3 wherein said store is maintained by a license server , and said request is sent to said server (second user) . |
| US8869249B2 CLAIM 7 . The method of claim 1 , wherein the second user (said server) authentication information comprises an access code . |
US5204897A CLAIM 4 . A method according to claim 3 wherein said store is maintained by a license server , and said request is sent to said server (second user) . |
| US8869249B2 CLAIM 11 . A non-transitory computer-readable storage medium containing instructions for controlling a computer system (computer system) to be configured for : receiving , for a user , first user authentication information for a first authentication method ; receiving , for the user , second user (said server) authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing system , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US5204897A CLAIM 1 . A method of managing use of licensed software items , said software items separately executable on a computer system (computer system) or accessible by said computer system , the computer system including a processor and one or more nodes , comprising the steps of : maintaining by said processor a store of license authorizations for said software items ; each license authorization including an indication of license management policy for a software item , said indication having a plurality of sets of policy components , said sets of policy components granting specified restrictive rights to execute or access said software items by said nodes ; said specified restrictive rights including sets of restrictions in at least context of use and duration of use of a software item ; said policy components of each set providing alternatives in rights to execute or access said software items by one or more nodes in said computer system ; said license authorizations being received by said processor , for storing in said store , from a license grantor external to said processor ; accessing said store by said processor using management functions executed on said processor to identify a license authorization in said store , and to modify in said store one or more of said specified restrictive rights of said policy components of the identified license authorization . US5204897A CLAIM 4 . A method according to claim 3 wherein said store is maintained by a license server , and said request is sent to said server (second user) . |
| US8869249B2 CLAIM 12 . The non-transitory computer-readable storage medium of claim 11 , further configured for : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user authentication information and the second user (said server) authentication information are authenticated . |
US5204897A CLAIM 4 . A method according to claim 3 wherein said store is maintained by a license server , and said request is sent to said server (second user) . |
| US8869249B2 CLAIM 13 . The non-transitory computer-readable storage medium of claim 11 , wherein the second user (said server) authentication information comprises an access code . |
US5204897A CLAIM 4 . A method according to claim 3 wherein said store is maintained by a license server , and said request is sent to said server (second user) . |
| US8869249B2 CLAIM 15 . A method comprising : receiving , for a user , first user authentication information for a first authentication method ; upon authenticating the first user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device after receiving , for the user , a second user (said server) authentication information , wherein the front-end storage device is accessible to a user device for the user via a network and the back-end storage device is not directly connected to the network ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the second user authentication information , enabling , by a computing device , user access to the subset of data that has been moved to the front-end storage device via the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US5204897A CLAIM 4 . A method according to claim 3 wherein said store is maintained by a license server , and said request is sent to said server (second user) . |
| US8869249B2 CLAIM 16 . The method of claim 15 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user authentication information and the second user (said server) authentication information are authenticated . |
US5204897A CLAIM 4 . A method according to claim 3 wherein said store is maintained by a license server , and said request is sent to said server (second user) . |
| US8869249B2 CLAIM 18 . The method of claim 15 , wherein the second user (said server) authentication information comprises an access code . |
US5204897A CLAIM 4 . A method according to claim 3 wherein said store is maintained by a license server , and said request is sent to said server (second user) . |
| US8869249B2 Filed: 2002-01-18 Issued: 2014-10-21 Protecting information on a computer system using multiple authentication methods (Original Assignee) PeopleChart Corp (Current Assignee) PeopleChart Corp R. David Holvey, Arthur Douglas Jopling | US5694590A Filed: 1992-02-28 Issued: 1997-12-02 Apparatus and method for the detection of security violations in multilevel secure databases (Original Assignee) Mitre Corp (Current Assignee) Green Wireless LLC Bhavani Marienne Thuraisingham, William Rose Barlett Ford |
|---|---|
| US8869249B2 CLAIM 11 . A non-transitory computer-readable storage medium containing instructions for controlling a computer system to be configured for : receiving , for a user , first user authentication information for a first authentication method ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing system (resolving conflicts) , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US5694590A CLAIM 2 . Apparatus of claim 1 wherein the expert system comprises : a knowledge base which represents information as frames and rules , said information including a) the modified representation of the multilevel database application , b) information from the multilevel database , and c) activities of the multilevel secure database management system ; a knowledge manager for managing the knowledge base ; a truth maintenance system to maintain the consistency of the frames and rules of the knowledge base ; an inference engine which reasons with the information of the knowledge base using third methods , whereby the additional security violations are detected by inference ; a conflict and contention resolution system for resolving conflicts (computing system) in the reasoning process of the third methods ; and a user interface which provides an interface between a user , the knowledge manager and the inference engine . |
| US8869249B2 Filed: 2002-01-18 Issued: 2014-10-21 Protecting information on a computer system using multiple authentication methods (Original Assignee) PeopleChart Corp (Current Assignee) PeopleChart Corp R. David Holvey, Arthur Douglas Jopling | US5710578A Filed: 1990-05-09 Issued: 1998-01-20 Computer program product for utilizing fast polygon fill routines in a graphics display system (Original Assignee) International Business Machines Corp (Current Assignee) International Business Machines Corp Gary Michael Beauregard, Larry Keith Loucks, Khoa Dang Nguyen, Robert John Urquhart |
|---|---|
| US8869249B2 CLAIM 10 . The method of claim 8 , wherein the access code is sent to the user via a different communication (one boundary) channel from which the first user authentication information is received . |
US5710578A CLAIM 1 . An article of manufacture comprising : a computer usable medium having computer readable program code means embodied therein for causing a polygon having a boundary definable by a plurality of selectable pels on a graphics display to be filled , the computer readable program code means in said article of manufacture comprising : computer readable program code means for causing a computer to effect , with respect to one boundary (different communication, different communication channel) line at a time , a sequential traverse of said plurality of selectable pels of each respective said boundary line ; computer readable program code means for causing the computer to store in an array during said traverse a value of an outer pel of said boundary of said plurality of selectable pels for each one of a plurality of scan lines of said polygon ; and computer readable program code means for causing the computer to draw a fill line , after said traverse , between said outer pels having said stored values , for each said one of said scan lines . |
| US8869249B2 CLAIM 11 . A non-transitory computer-readable storage medium containing instructions for controlling a computer system (computer system) to be configured for : receiving , for a user , first user authentication information for a first authentication method ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing system , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US5710578A CLAIM 7 . An article of manufacture for use in a computer system (computer system) having an operating system and a graphics support library for filling a polygon having a boundary defined by a plurality of selectable pels displayed on a graphics display , said article of manufacture comprising a computer usable medium having computer readable program code means embodied in said medium , said program code means including : computer readable program code means embodied in said computer usable medium for causing a computer to effect , with respect to one boundary line at a time , a sequential traverse of said plurality of selectable pels of each respective said boundary line ; computer readable program code means embodied in said computer usable medium for causing a computer to generate an array , during said traverse , having a plurality of maximum values and a plurality of minimum values , each one of said maximum values representative of each one of an outer point of said boundary for each one of a plurality of scan lines during said traverse from a y minimum value of said polygon to a y maximum value of said polygon and each one of said minimum values representative of each one of said outer point of said boundary for each one of a plurality of scan lines during said traverse from the y maximum value of the polygon to the y minimum value of said polygon ; and computer readable program code means embodied in said computer usable medium for passing a pointer to the array , after said sequential traverse of said polygon , to a routine in the graphics support library of the computer for drawing a fill line from said outer point of said minimum value to said outer point of said maximum value for each one of said plurality of scan lines . |
| US8869249B2 CLAIM 14 . The non-transitory computer-readable storage medium of claim 13 , wherein the access code is sent to the user via a different communication (one boundary) channel from which the first user authentication information is received . |
US5710578A CLAIM 1 . An article of manufacture comprising : a computer usable medium having computer readable program code means embodied therein for causing a polygon having a boundary definable by a plurality of selectable pels on a graphics display to be filled , the computer readable program code means in said article of manufacture comprising : computer readable program code means for causing a computer to effect , with respect to one boundary (different communication, different communication channel) line at a time , a sequential traverse of said plurality of selectable pels of each respective said boundary line ; computer readable program code means for causing the computer to store in an array during said traverse a value of an outer pel of said boundary of said plurality of selectable pels for each one of a plurality of scan lines of said polygon ; and computer readable program code means for causing the computer to draw a fill line , after said traverse , between said outer pels having said stored values , for each said one of said scan lines . |
| US8869249B2 CLAIM 20 . The method of claim 19 , wherein the access code is sent to the user via a different communication (one boundary) channel from which the first user authentication information is received . |
US5710578A CLAIM 1 . An article of manufacture comprising : a computer usable medium having computer readable program code means embodied therein for causing a polygon having a boundary definable by a plurality of selectable pels on a graphics display to be filled , the computer readable program code means in said article of manufacture comprising : computer readable program code means for causing a computer to effect , with respect to one boundary (different communication, different communication channel) line at a time , a sequential traverse of said plurality of selectable pels of each respective said boundary line ; computer readable program code means for causing the computer to store in an array during said traverse a value of an outer pel of said boundary of said plurality of selectable pels for each one of a plurality of scan lines of said polygon ; and computer readable program code means for causing the computer to draw a fill line , after said traverse , between said outer pels having said stored values , for each said one of said scan lines . |
| US8869249B2 Filed: 2002-01-18 Issued: 2014-10-21 Protecting information on a computer system using multiple authentication methods (Original Assignee) PeopleChart Corp (Current Assignee) PeopleChart Corp R. David Holvey, Arthur Douglas Jopling | US4956769A Filed: 1988-05-16 Issued: 1990-09-11 Occurence and value based security system for computer databases (Original Assignee) Sysmith Inc (Current Assignee) Sysmith Inc Robert D. Smith |
|---|---|
| US8869249B2 CLAIM 11 . A non-transitory computer-readable storage medium containing instructions for controlling a computer system (computer system) to be configured for : receiving , for a user , first user (first user) authentication information for a first authentication method ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing system , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US4956769A CLAIM 3 . A method as in claim 2 further including the step of retaining said data security access table , said user security access profile table and said terminal location security access table until the system user logs off the host computer system (computer system) . |
| US8869249B2 CLAIM 15 . A method comprising : receiving , for a user , first user (first user) authentication information for a first authentication method ; upon authenticating the first user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device after receiving , for the user , a second user authentication information , wherein the front-end storage device is accessible to a user device for the user via a network and the back-end storage device is not directly connected to the network ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the second user authentication information , enabling , by a computing device , user access (user access) to the subset of data that has been moved to the front-end storage device via the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
US4956769A CLAIM 4 . A method as in claim 3 wherein said step of establishing said data security access table , said user access (user access) profile table an said terminal location security access table , each includes the steps of : (i) parsing the system sign on by the system user and extracting therefrom the unique user identification symbol ; (ii) building each of said respective tables by comparing said extracted unique user identification symbol against a value based security database having for each unique user identification symbol a first entry representing the unique user identification symbol and a second entry containing a selected set of access rules associated with said first entry for determining allowable Input/Output operations by the system user associated with the unique user identification symbol on selected data records and fields of the database and identifying selected terminal locations from which each of said Input/Output operations on the database is allowable . |
| US8869249B2 Filed: 2002-01-18 Issued: 2014-10-21 Protecting information on a computer system using multiple authentication methods (Original Assignee) PeopleChart Corp (Current Assignee) PeopleChart Corp R. David Holvey, Arthur Douglas Jopling | USRE31302E Filed: 1979-07-23 Issued: 1983-07-05 Validation systems for credit card or the like Leon Stambler |
|---|---|
| US8869249B2 CLAIM 1 . A method comprising : receiving , for a user , first user (second information) authentication information for a first authentication method ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving , by a computing device , a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
USRE31302E CLAIM 6 . In a system of the type where the owner of an information bearing card , such as a credit card to the like is in sole possession of a predetermined memorized number of a given number of significant digits , said credit card having on a surface thereof a plurality of indicia representative of first information groups , each group corresponding to one of said digits of said memorized number and second information (first user) groups corresponding to a decoding sequence for each one of said first information groups , in combination therewith apparatus for verifying that said memorized number and said first information groups correspond , comprising : a . first means for receiving and storing said memorized number after insertion thereby by an owner , b . card reading means responsive to said indicia on said card to provide an electrical signal according to said indicia , c . a plurality of selectable translators , each capable of responding to any one of said first information groups to provide at an output a decoded signal representative of one of said first information as corresponding to one of said digits of said memorized number , d . a translator selector circuit , coupled to said first means and said card reading means and operative in a first mode responsive to at least one of said significant digits of said stored number to select one of said translators to cause a first information group to be decoded according to said significant digit , and operative in a second mode responsive to said electrical signal representative of a second information group for selecting one of said translators to cause another first information group to be decoded according to said second information group whereby each one of said first information groups is decoded to correspond with said memorized number under control of at least one digit of said number and said second information and , e . comparison means coupled to said translators and said first means for comparing said memorized number . [ . or . ] . . Iadd . is . Iaddend . stored with said first information groups as decoded to provide an indication when said number and said decoded first information groups correspond . |
| US8869249B2 CLAIM 4 . The method of claim 1 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user (second information) authentication information and the second user authentication information are authenticated . |
USRE31302E CLAIM 6 . In a system of the type where the owner of an information bearing card , such as a credit card to the like is in sole possession of a predetermined memorized number of a given number of significant digits , said credit card having on a surface thereof a plurality of indicia representative of first information groups , each group corresponding to one of said digits of said memorized number and second information (first user) groups corresponding to a decoding sequence for each one of said first information groups , in combination therewith apparatus for verifying that said memorized number and said first information groups correspond , comprising : a . first means for receiving and storing said memorized number after insertion thereby by an owner , b . card reading means responsive to said indicia on said card to provide an electrical signal according to said indicia , c . a plurality of selectable translators , each capable of responding to any one of said first information groups to provide at an output a decoded signal representative of one of said first information as corresponding to one of said digits of said memorized number , d . a translator selector circuit , coupled to said first means and said card reading means and operative in a first mode responsive to at least one of said significant digits of said stored number to select one of said translators to cause a first information group to be decoded according to said significant digit , and operative in a second mode responsive to said electrical signal representative of a second information group for selecting one of said translators to cause another first information group to be decoded according to said second information group whereby each one of said first information groups is decoded to correspond with said memorized number under control of at least one digit of said number and said second information and , e . comparison means coupled to said translators and said first means for comparing said memorized number . [ . or . ] . . Iadd . is . Iaddend . stored with said first information groups as decoded to provide an indication when said number and said decoded first information groups correspond . |
| US8869249B2 CLAIM 5 . The method of claim 1 , wherein : the network comprises an external network (signal indicative) , and the back-end server is only accessible via the front-end server from an internal network . |
USRE31302E CLAIM 5 . In a system of the type where the owner of an information bearing card such as a credit card or the like is in sole possession of a predetermined number , which number has a given number of significant digits from one to n , where n is a positive integer greater than one , said credit card having on a surface thereof a plurality of first indicia corresponding to said predetermined memorized number and a plurality of second indicia corresponding to a code determining the translation of such first indicia as present on said surface of said card , in combination therewith apparatus for verifying that said memorized number and said first indicia correspond , comprising : a . first means including a keyboard for receiving and storing said memorized number after insertion thereby by an owner , b . card reading means responsive to said indicia on said credit card for providing at an output thereof an electrical signal according to said indicia , c . a plurality of selectable translators coupled to said card reading means and each responsive to said electrical signal to provide at an output a decoded signal representative of one of said digits contained in said memorized number when a correct translator is selected according to said second indicia on said card , d . a translator selector circuit , operative in a first or second mode , said selector circuit coupled to said plurality of translator circuits and said card reading means and responsive to said electrical signal to provide a control signal indicative (external network) of said second indicia on said card to select one of said plurality of translators for decoding one of said digits according to said second indicia in said second mode , and operative in a first mode responsive to one of said significant digits of said memorized number as stored in said first means for selecting another of said plurality of translators for decoding at least another of said digits independent of said second indicia , and e . comparison means coupled to said output of said translators and said first means for comparing said stored number with said translated decoded signals to provide an output when said decoded signals correspond to said stored number , said output verifying that said memorized number and said first indicia on said card correspond . |
| US8869249B2 CLAIM 6 . The method of claim 5 , wherein : the external network (signal indicative) includes the Internet , and the internal network is not directly accessible from any access point connected to the external network . |
USRE31302E CLAIM 5 . In a system of the type where the owner of an information bearing card such as a credit card or the like is in sole possession of a predetermined number , which number has a given number of significant digits from one to n , where n is a positive integer greater than one , said credit card having on a surface thereof a plurality of first indicia corresponding to said predetermined memorized number and a plurality of second indicia corresponding to a code determining the translation of such first indicia as present on said surface of said card , in combination therewith apparatus for verifying that said memorized number and said first indicia correspond , comprising : a . first means including a keyboard for receiving and storing said memorized number after insertion thereby by an owner , b . card reading means responsive to said indicia on said credit card for providing at an output thereof an electrical signal according to said indicia , c . a plurality of selectable translators coupled to said card reading means and each responsive to said electrical signal to provide at an output a decoded signal representative of one of said digits contained in said memorized number when a correct translator is selected according to said second indicia on said card , d . a translator selector circuit , operative in a first or second mode , said selector circuit coupled to said plurality of translator circuits and said card reading means and responsive to said electrical signal to provide a control signal indicative (external network) of said second indicia on said card to select one of said plurality of translators for decoding one of said digits according to said second indicia in said second mode , and operative in a first mode responsive to one of said significant digits of said memorized number as stored in said first means for selecting another of said plurality of translators for decoding at least another of said digits independent of said second indicia , and e . comparison means coupled to said output of said translators and said first means for comparing said stored number with said translated decoded signals to provide an output when said decoded signals correspond to said stored number , said output verifying that said memorized number and said first indicia on said card correspond . |
| US8869249B2 CLAIM 7 . The method of claim 1 , wherein the second user authentication information comprises an access code (decode signal) . |
USRE31302E CLAIM 1 . In a system where the owner of an information bearing card such as a credit card or the like is in the sole possession of a predetermined memorized number of a given number of significant digits , said credit card having on a surface thereof a plurality of first indicia corresponding to said predetermined number and a plurality of second indicia corresponding to a code determining how said first indicia is manifested on said information bearing card , in combination therewith apparatus for verifying that said number and said first indicia correspond , comprising : a . first means including a keyboard for storing said number after insertion thereby by an owner , b . second means responsive to both said first and second indicia on said credit card for providing at an output thereof an electrical signal according to said indicia , c . third means responsive to a digit of said number as stored to provide a first control signal and then responsive to only said second indicia for providing any one of a plurality of control signals each one operative to determine how said first indicia is to be translated , d . a plurality of translating means coupled to said second means , each one capable of responding to said electrical signal output representative of said first indicia to provide a decoded signal therefrom according to the particular format of said translator , each of said decoded signals representative of a digit contained in said predetermined number when translated according to said second indicia , e . translating selector means responsive to said control signals and coupled to said translating means to cause a first one of said translating means to be selected according to said first control signal and thereafter others of said translating means to be selected according to said plurality of control signals , whereby different selected ones of said translating means provide different digits of said number according to said second indicia on said credit card , and f . comparison means responsive to said decoded signals and said stroed number to provide an output when said decode signal (access code) s correspond to said stored number , said output verifying that said memorized number and said first indicia on said card correspond . |
| US8869249B2 CLAIM 8 . The method of claim 7 , further comprising sending the access code (decode signal) to the user upon receiving the first user (second information) authentication information . |
USRE31302E CLAIM 1 . In a system where the owner of an information bearing card such as a credit card or the like is in the sole possession of a predetermined memorized number of a given number of significant digits , said credit card having on a surface thereof a plurality of first indicia corresponding to said predetermined number and a plurality of second indicia corresponding to a code determining how said first indicia is manifested on said information bearing card , in combination therewith apparatus for verifying that said number and said first indicia correspond , comprising : a . first means including a keyboard for storing said number after insertion thereby by an owner , b . second means responsive to both said first and second indicia on said credit card for providing at an output thereof an electrical signal according to said indicia , c . third means responsive to a digit of said number as stored to provide a first control signal and then responsive to only said second indicia for providing any one of a plurality of control signals each one operative to determine how said first indicia is to be translated , d . a plurality of translating means coupled to said second means , each one capable of responding to said electrical signal output representative of said first indicia to provide a decoded signal therefrom according to the particular format of said translator , each of said decoded signals representative of a digit contained in said predetermined number when translated according to said second indicia , e . translating selector means responsive to said control signals and coupled to said translating means to cause a first one of said translating means to be selected according to said first control signal and thereafter others of said translating means to be selected according to said plurality of control signals , whereby different selected ones of said translating means provide different digits of said number according to said second indicia on said credit card , and f . comparison means responsive to said decoded signals and said stroed number to provide an output when said decode signal (access code) s correspond to said stored number , said output verifying that said memorized number and said first indicia on said card correspond . USRE31302E CLAIM 6 . In a system of the type where the owner of an information bearing card , such as a credit card to the like is in sole possession of a predetermined memorized number of a given number of significant digits , said credit card having on a surface thereof a plurality of indicia representative of first information groups , each group corresponding to one of said digits of said memorized number and second information (first user) groups corresponding to a decoding sequence for each one of said first information groups , in combination therewith apparatus for verifying that said memorized number and said first information groups correspond , comprising : a . first means for receiving and storing said memorized number after insertion thereby by an owner , b . card reading means responsive to said indicia on said card to provide an electrical signal according to said indicia , c . a plurality of selectable translators , each capable of responding to any one of said first information groups to provide at an output a decoded signal representative of one of said first information as corresponding to one of said digits of said memorized number , d . a translator selector circuit , coupled to said first means and said card reading means and operative in a first mode responsive to at least one of said significant digits of said stored number to select one of said translators to cause a first information group to be decoded according to said significant digit , and operative in a second mode responsive to said electrical signal representative of a second information group for selecting one of said translators to cause another first information group to be decoded according to said second information group whereby each one of said first information groups is decoded to correspond with said memorized number under control of at least one digit of said number and said second information and , e . comparison means coupled to said translators and said first means for comparing said memorized number . [ . or . ] . . Iadd . is . Iaddend . stored with said first information groups as decoded to provide an indication when said number and said decoded first information groups correspond . |
| US8869249B2 CLAIM 9 . The method of claim 8 , wherein the access code (decode signal) is sent to the user via a communication path (top surface) that has been previously established . |
USRE31302E CLAIM 1 . In a system where the owner of an information bearing card such as a credit card or the like is in the sole possession of a predetermined memorized number of a given number of significant digits , said credit card having on a surface thereof a plurality of first indicia corresponding to said predetermined number and a plurality of second indicia corresponding to a code determining how said first indicia is manifested on said information bearing card , in combination therewith apparatus for verifying that said number and said first indicia correspond , comprising : a . first means including a keyboard for storing said number after insertion thereby by an owner , b . second means responsive to both said first and second indicia on said credit card for providing at an output thereof an electrical signal according to said indicia , c . third means responsive to a digit of said number as stored to provide a first control signal and then responsive to only said second indicia for providing any one of a plurality of control signals each one operative to determine how said first indicia is to be translated , d . a plurality of translating means coupled to said second means , each one capable of responding to said electrical signal output representative of said first indicia to provide a decoded signal therefrom according to the particular format of said translator , each of said decoded signals representative of a digit contained in said predetermined number when translated according to said second indicia , e . translating selector means responsive to said control signals and coupled to said translating means to cause a first one of said translating means to be selected according to said first control signal and thereafter others of said translating means to be selected according to said plurality of control signals , whereby different selected ones of said translating means provide different digits of said number according to said second indicia on said credit card , and f . comparison means responsive to said decoded signals and said stroed number to provide an output when said decode signal (access code) s correspond to said stored number , said output verifying that said memorized number and said first indicia on said card correspond . USRE31302E CLAIM 3 . The system according to claim 2 further comprising : a . a housing of a generally rectangular configuration and having an internal hollow capable of accommodating said first means including said shift register , said keyboard being located in a top surface (communication path) of said housing . |
| US8869249B2 CLAIM 10 . The method of claim 8 , wherein the access code (decode signal) is sent to the user via a different communication channel from which the first user (second information) authentication information is received . |
USRE31302E CLAIM 1 . In a system where the owner of an information bearing card such as a credit card or the like is in the sole possession of a predetermined memorized number of a given number of significant digits , said credit card having on a surface thereof a plurality of first indicia corresponding to said predetermined number and a plurality of second indicia corresponding to a code determining how said first indicia is manifested on said information bearing card , in combination therewith apparatus for verifying that said number and said first indicia correspond , comprising : a . first means including a keyboard for storing said number after insertion thereby by an owner , b . second means responsive to both said first and second indicia on said credit card for providing at an output thereof an electrical signal according to said indicia , c . third means responsive to a digit of said number as stored to provide a first control signal and then responsive to only said second indicia for providing any one of a plurality of control signals each one operative to determine how said first indicia is to be translated , d . a plurality of translating means coupled to said second means , each one capable of responding to said electrical signal output representative of said first indicia to provide a decoded signal therefrom according to the particular format of said translator , each of said decoded signals representative of a digit contained in said predetermined number when translated according to said second indicia , e . translating selector means responsive to said control signals and coupled to said translating means to cause a first one of said translating means to be selected according to said first control signal and thereafter others of said translating means to be selected according to said plurality of control signals , whereby different selected ones of said translating means provide different digits of said number according to said second indicia on said credit card , and f . comparison means responsive to said decoded signals and said stroed number to provide an output when said decode signal (access code) s correspond to said stored number , said output verifying that said memorized number and said first indicia on said card correspond . USRE31302E CLAIM 6 . In a system of the type where the owner of an information bearing card , such as a credit card to the like is in sole possession of a predetermined memorized number of a given number of significant digits , said credit card having on a surface thereof a plurality of indicia representative of first information groups , each group corresponding to one of said digits of said memorized number and second information (first user) groups corresponding to a decoding sequence for each one of said first information groups , in combination therewith apparatus for verifying that said memorized number and said first information groups correspond , comprising : a . first means for receiving and storing said memorized number after insertion thereby by an owner , b . card reading means responsive to said indicia on said card to provide an electrical signal according to said indicia , c . a plurality of selectable translators , each capable of responding to any one of said first information groups to provide at an output a decoded signal representative of one of said first information as corresponding to one of said digits of said memorized number , d . a translator selector circuit , coupled to said first means and said card reading means and operative in a first mode responsive to at least one of said significant digits of said stored number to select one of said translators to cause a first information group to be decoded according to said significant digit , and operative in a second mode responsive to said electrical signal representative of a second information group for selecting one of said translators to cause another first information group to be decoded according to said second information group whereby each one of said first information groups is decoded to correspond with said memorized number under control of at least one digit of said number and said second information and , e . comparison means coupled to said translators and said first means for comparing said memorized number . [ . or . ] . . Iadd . is . Iaddend . stored with said first information groups as decoded to provide an indication when said number and said decoded first information groups correspond . |
| US8869249B2 CLAIM 11 . A non-transitory computer-readable storage medium containing instructions for controlling a computer system to be configured for : receiving , for a user , first user (second information) authentication information for a first authentication method ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the first user authentication information and the second user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device , the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing system , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
USRE31302E CLAIM 6 . In a system of the type where the owner of an information bearing card , such as a credit card to the like is in sole possession of a predetermined memorized number of a given number of significant digits , said credit card having on a surface thereof a plurality of indicia representative of first information groups , each group corresponding to one of said digits of said memorized number and second information (first user) groups corresponding to a decoding sequence for each one of said first information groups , in combination therewith apparatus for verifying that said memorized number and said first information groups correspond , comprising : a . first means for receiving and storing said memorized number after insertion thereby by an owner , b . card reading means responsive to said indicia on said card to provide an electrical signal according to said indicia , c . a plurality of selectable translators , each capable of responding to any one of said first information groups to provide at an output a decoded signal representative of one of said first information as corresponding to one of said digits of said memorized number , d . a translator selector circuit , coupled to said first means and said card reading means and operative in a first mode responsive to at least one of said significant digits of said stored number to select one of said translators to cause a first information group to be decoded according to said significant digit , and operative in a second mode responsive to said electrical signal representative of a second information group for selecting one of said translators to cause another first information group to be decoded according to said second information group whereby each one of said first information groups is decoded to correspond with said memorized number under control of at least one digit of said number and said second information and , e . comparison means coupled to said translators and said first means for comparing said memorized number . [ . or . ] . . Iadd . is . Iaddend . stored with said first information groups as decoded to provide an indication when said number and said decoded first information groups correspond . |
| US8869249B2 CLAIM 12 . The non-transitory computer-readable storage medium of claim 11 , further configured for : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user (second information) authentication information and the second user authentication information are authenticated . |
USRE31302E CLAIM 6 . In a system of the type where the owner of an information bearing card , such as a credit card to the like is in sole possession of a predetermined memorized number of a given number of significant digits , said credit card having on a surface thereof a plurality of indicia representative of first information groups , each group corresponding to one of said digits of said memorized number and second information (first user) groups corresponding to a decoding sequence for each one of said first information groups , in combination therewith apparatus for verifying that said memorized number and said first information groups correspond , comprising : a . first means for receiving and storing said memorized number after insertion thereby by an owner , b . card reading means responsive to said indicia on said card to provide an electrical signal according to said indicia , c . a plurality of selectable translators , each capable of responding to any one of said first information groups to provide at an output a decoded signal representative of one of said first information as corresponding to one of said digits of said memorized number , d . a translator selector circuit , coupled to said first means and said card reading means and operative in a first mode responsive to at least one of said significant digits of said stored number to select one of said translators to cause a first information group to be decoded according to said significant digit , and operative in a second mode responsive to said electrical signal representative of a second information group for selecting one of said translators to cause another first information group to be decoded according to said second information group whereby each one of said first information groups is decoded to correspond with said memorized number under control of at least one digit of said number and said second information and , e . comparison means coupled to said translators and said first means for comparing said memorized number . [ . or . ] . . Iadd . is . Iaddend . stored with said first information groups as decoded to provide an indication when said number and said decoded first information groups correspond . |
| US8869249B2 CLAIM 13 . The non-transitory computer-readable storage medium of claim 11 , wherein the second user authentication information comprises an access code (decode signal) . |
USRE31302E CLAIM 1 . In a system where the owner of an information bearing card such as a credit card or the like is in the sole possession of a predetermined memorized number of a given number of significant digits , said credit card having on a surface thereof a plurality of first indicia corresponding to said predetermined number and a plurality of second indicia corresponding to a code determining how said first indicia is manifested on said information bearing card , in combination therewith apparatus for verifying that said number and said first indicia correspond , comprising : a . first means including a keyboard for storing said number after insertion thereby by an owner , b . second means responsive to both said first and second indicia on said credit card for providing at an output thereof an electrical signal according to said indicia , c . third means responsive to a digit of said number as stored to provide a first control signal and then responsive to only said second indicia for providing any one of a plurality of control signals each one operative to determine how said first indicia is to be translated , d . a plurality of translating means coupled to said second means , each one capable of responding to said electrical signal output representative of said first indicia to provide a decoded signal therefrom according to the particular format of said translator , each of said decoded signals representative of a digit contained in said predetermined number when translated according to said second indicia , e . translating selector means responsive to said control signals and coupled to said translating means to cause a first one of said translating means to be selected according to said first control signal and thereafter others of said translating means to be selected according to said plurality of control signals , whereby different selected ones of said translating means provide different digits of said number according to said second indicia on said credit card , and f . comparison means responsive to said decoded signals and said stroed number to provide an output when said decode signal (access code) s correspond to said stored number , said output verifying that said memorized number and said first indicia on said card correspond . |
| US8869249B2 CLAIM 14 . The non-transitory computer-readable storage medium of claim 13 , wherein the access code (decode signal) is sent to the user via a different communication channel from which the first user (second information) authentication information is received . |
USRE31302E CLAIM 1 . In a system where the owner of an information bearing card such as a credit card or the like is in the sole possession of a predetermined memorized number of a given number of significant digits , said credit card having on a surface thereof a plurality of first indicia corresponding to said predetermined number and a plurality of second indicia corresponding to a code determining how said first indicia is manifested on said information bearing card , in combination therewith apparatus for verifying that said number and said first indicia correspond , comprising : a . first means including a keyboard for storing said number after insertion thereby by an owner , b . second means responsive to both said first and second indicia on said credit card for providing at an output thereof an electrical signal according to said indicia , c . third means responsive to a digit of said number as stored to provide a first control signal and then responsive to only said second indicia for providing any one of a plurality of control signals each one operative to determine how said first indicia is to be translated , d . a plurality of translating means coupled to said second means , each one capable of responding to said electrical signal output representative of said first indicia to provide a decoded signal therefrom according to the particular format of said translator , each of said decoded signals representative of a digit contained in said predetermined number when translated according to said second indicia , e . translating selector means responsive to said control signals and coupled to said translating means to cause a first one of said translating means to be selected according to said first control signal and thereafter others of said translating means to be selected according to said plurality of control signals , whereby different selected ones of said translating means provide different digits of said number according to said second indicia on said credit card , and f . comparison means responsive to said decoded signals and said stroed number to provide an output when said decode signal (access code) s correspond to said stored number , said output verifying that said memorized number and said first indicia on said card correspond . USRE31302E CLAIM 6 . In a system of the type where the owner of an information bearing card , such as a credit card to the like is in sole possession of a predetermined memorized number of a given number of significant digits , said credit card having on a surface thereof a plurality of indicia representative of first information groups , each group corresponding to one of said digits of said memorized number and second information (first user) groups corresponding to a decoding sequence for each one of said first information groups , in combination therewith apparatus for verifying that said memorized number and said first information groups correspond , comprising : a . first means for receiving and storing said memorized number after insertion thereby by an owner , b . card reading means responsive to said indicia on said card to provide an electrical signal according to said indicia , c . a plurality of selectable translators , each capable of responding to any one of said first information groups to provide at an output a decoded signal representative of one of said first information as corresponding to one of said digits of said memorized number , d . a translator selector circuit , coupled to said first means and said card reading means and operative in a first mode responsive to at least one of said significant digits of said stored number to select one of said translators to cause a first information group to be decoded according to said significant digit , and operative in a second mode responsive to said electrical signal representative of a second information group for selecting one of said translators to cause another first information group to be decoded according to said second information group whereby each one of said first information groups is decoded to correspond with said memorized number under control of at least one digit of said number and said second information and , e . comparison means coupled to said translators and said first means for comparing said memorized number . [ . or . ] . . Iadd . is . Iaddend . stored with said first information groups as decoded to provide an indication when said number and said decoded first information groups correspond . |
| US8869249B2 CLAIM 15 . A method comprising : receiving , for a user , first user (second information) authentication information for a first authentication method ; upon authenticating the first user authentication information , moving a subset of data stored on a back-end storage device to a front-end storage device after receiving , for the user , a second user authentication information , wherein the front-end storage device is accessible to a user device for the user via a network and the back-end storage device is not directly connected to the network ; receiving , for the user , second user authentication information for a second authentication method , the second authentication method being different from the first authentication method ; upon authenticating the second user authentication information , enabling , by a computing device , user access to the subset of data that has been moved to the front-end storage device via the network ; and allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device , wherein after the period of time expires , the subset of data is removed from the front-end storage device . |
USRE31302E CLAIM 6 . In a system of the type where the owner of an information bearing card , such as a credit card to the like is in sole possession of a predetermined memorized number of a given number of significant digits , said credit card having on a surface thereof a plurality of indicia representative of first information groups , each group corresponding to one of said digits of said memorized number and second information (first user) groups corresponding to a decoding sequence for each one of said first information groups , in combination therewith apparatus for verifying that said memorized number and said first information groups correspond , comprising : a . first means for receiving and storing said memorized number after insertion thereby by an owner , b . card reading means responsive to said indicia on said card to provide an electrical signal according to said indicia , c . a plurality of selectable translators , each capable of responding to any one of said first information groups to provide at an output a decoded signal representative of one of said first information as corresponding to one of said digits of said memorized number , d . a translator selector circuit , coupled to said first means and said card reading means and operative in a first mode responsive to at least one of said significant digits of said stored number to select one of said translators to cause a first information group to be decoded according to said significant digit , and operative in a second mode responsive to said electrical signal representative of a second information group for selecting one of said translators to cause another first information group to be decoded according to said second information group whereby each one of said first information groups is decoded to correspond with said memorized number under control of at least one digit of said number and said second information and , e . comparison means coupled to said translators and said first means for comparing said memorized number . [ . or . ] . . Iadd . is . Iaddend . stored with said first information groups as decoded to provide an indication when said number and said decoded first information groups correspond . |
| US8869249B2 CLAIM 16 . The method of claim 15 , further comprising : receiving a request for access to the subset of data ; and not allowing access to the subset of data if the request is received outside of the period of time even if the first user (second information) authentication information and the second user authentication information are authenticated . |
USRE31302E CLAIM 6 . In a system of the type where the owner of an information bearing card , such as a credit card to the like is in sole possession of a predetermined memorized number of a given number of significant digits , said credit card having on a surface thereof a plurality of indicia representative of first information groups , each group corresponding to one of said digits of said memorized number and second information (first user) groups corresponding to a decoding sequence for each one of said first information groups , in combination therewith apparatus for verifying that said memorized number and said first information groups correspond , comprising : a . first means for receiving and storing said memorized number after insertion thereby by an owner , b . card reading means responsive to said indicia on said card to provide an electrical signal according to said indicia , c . a plurality of selectable translators , each capable of responding to any one of said first information groups to provide at an output a decoded signal representative of one of said first information as corresponding to one of said digits of said memorized number , d . a translator selector circuit , coupled to said first means and said card reading means and operative in a first mode responsive to at least one of said significant digits of said stored number to select one of said translators to cause a first information group to be decoded according to said significant digit , and operative in a second mode responsive to said electrical signal representative of a second information group for selecting one of said translators to cause another first information group to be decoded according to said second information group whereby each one of said first information groups is decoded to correspond with said memorized number under control of at least one digit of said number and said second information and , e . comparison means coupled to said translators and said first means for comparing said memorized number . [ . or . ] . . Iadd . is . Iaddend . stored with said first information groups as decoded to provide an indication when said number and said decoded first information groups correspond . |
| US8869249B2 CLAIM 17 . The method of claim 15 , wherein : the network comprises an external network (signal indicative) , and the back-end server is only accessible via the front-end server from an internal network . |
USRE31302E CLAIM 5 . In a system of the type where the owner of an information bearing card such as a credit card or the like is in sole possession of a predetermined number , which number has a given number of significant digits from one to n , where n is a positive integer greater than one , said credit card having on a surface thereof a plurality of first indicia corresponding to said predetermined memorized number and a plurality of second indicia corresponding to a code determining the translation of such first indicia as present on said surface of said card , in combination therewith apparatus for verifying that said memorized number and said first indicia correspond , comprising : a . first means including a keyboard for receiving and storing said memorized number after insertion thereby by an owner , b . card reading means responsive to said indicia on said credit card for providing at an output thereof an electrical signal according to said indicia , c . a plurality of selectable translators coupled to said card reading means and each responsive to said electrical signal to provide at an output a decoded signal representative of one of said digits contained in said memorized number when a correct translator is selected according to said second indicia on said card , d . a translator selector circuit , operative in a first or second mode , said selector circuit coupled to said plurality of translator circuits and said card reading means and responsive to said electrical signal to provide a control signal indicative (external network) of said second indicia on said card to select one of said plurality of translators for decoding one of said digits according to said second indicia in said second mode , and operative in a first mode responsive to one of said significant digits of said memorized number as stored in said first means for selecting another of said plurality of translators for decoding at least another of said digits independent of said second indicia , and e . comparison means coupled to said output of said translators and said first means for comparing said stored number with said translated decoded signals to provide an output when said decoded signals correspond to said stored number , said output verifying that said memorized number and said first indicia on said card correspond . |
| US8869249B2 CLAIM 18 . The method of claim 15 , wherein the second user authentication information comprises an access code (decode signal) . |
USRE31302E CLAIM 1 . In a system where the owner of an information bearing card such as a credit card or the like is in the sole possession of a predetermined memorized number of a given number of significant digits , said credit card having on a surface thereof a plurality of first indicia corresponding to said predetermined number and a plurality of second indicia corresponding to a code determining how said first indicia is manifested on said information bearing card , in combination therewith apparatus for verifying that said number and said first indicia correspond , comprising : a . first means including a keyboard for storing said number after insertion thereby by an owner , b . second means responsive to both said first and second indicia on said credit card for providing at an output thereof an electrical signal according to said indicia , c . third means responsive to a digit of said number as stored to provide a first control signal and then responsive to only said second indicia for providing any one of a plurality of control signals each one operative to determine how said first indicia is to be translated , d . a plurality of translating means coupled to said second means , each one capable of responding to said electrical signal output representative of said first indicia to provide a decoded signal therefrom according to the particular format of said translator , each of said decoded signals representative of a digit contained in said predetermined number when translated according to said second indicia , e . translating selector means responsive to said control signals and coupled to said translating means to cause a first one of said translating means to be selected according to said first control signal and thereafter others of said translating means to be selected according to said plurality of control signals , whereby different selected ones of said translating means provide different digits of said number according to said second indicia on said credit card , and f . comparison means responsive to said decoded signals and said stroed number to provide an output when said decode signal (access code) s correspond to said stored number , said output verifying that said memorized number and said first indicia on said card correspond . |
| US8869249B2 CLAIM 19 . The method of claim 18 , further comprising sending the access code (decode signal) to the user upon receiving the first user (second information) authentication information . |
USRE31302E CLAIM 1 . In a system where the owner of an information bearing card such as a credit card or the like is in the sole possession of a predetermined memorized number of a given number of significant digits , said credit card having on a surface thereof a plurality of first indicia corresponding to said predetermined number and a plurality of second indicia corresponding to a code determining how said first indicia is manifested on said information bearing card , in combination therewith apparatus for verifying that said number and said first indicia correspond , comprising : a . first means including a keyboard for storing said number after insertion thereby by an owner , b . second means responsive to both said first and second indicia on said credit card for providing at an output thereof an electrical signal according to said indicia , c . third means responsive to a digit of said number as stored to provide a first control signal and then responsive to only said second indicia for providing any one of a plurality of control signals each one operative to determine how said first indicia is to be translated , d . a plurality of translating means coupled to said second means , each one capable of responding to said electrical signal output representative of said first indicia to provide a decoded signal therefrom according to the particular format of said translator , each of said decoded signals representative of a digit contained in said predetermined number when translated according to said second indicia , e . translating selector means responsive to said control signals and coupled to said translating means to cause a first one of said translating means to be selected according to said first control signal and thereafter others of said translating means to be selected according to said plurality of control signals , whereby different selected ones of said translating means provide different digits of said number according to said second indicia on said credit card , and f . comparison means responsive to said decoded signals and said stroed number to provide an output when said decode signal (access code) s correspond to said stored number , said output verifying that said memorized number and said first indicia on said card correspond . USRE31302E CLAIM 6 . In a system of the type where the owner of an information bearing card , such as a credit card to the like is in sole possession of a predetermined memorized number of a given number of significant digits , said credit card having on a surface thereof a plurality of indicia representative of first information groups , each group corresponding to one of said digits of said memorized number and second information (first user) groups corresponding to a decoding sequence for each one of said first information groups , in combination therewith apparatus for verifying that said memorized number and said first information groups correspond , comprising : a . first means for receiving and storing said memorized number after insertion thereby by an owner , b . card reading means responsive to said indicia on said card to provide an electrical signal according to said indicia , c . a plurality of selectable translators , each capable of responding to any one of said first information groups to provide at an output a decoded signal representative of one of said first information as corresponding to one of said digits of said memorized number , d . a translator selector circuit , coupled to said first means and said card reading means and operative in a first mode responsive to at least one of said significant digits of said stored number to select one of said translators to cause a first information group to be decoded according to said significant digit , and operative in a second mode responsive to said electrical signal representative of a second information group for selecting one of said translators to cause another first information group to be decoded according to said second information group whereby each one of said first information groups is decoded to correspond with said memorized number under control of at least one digit of said number and said second information and , e . comparison means coupled to said translators and said first means for comparing said memorized number . [ . or . ] . . Iadd . is . Iaddend . stored with said first information groups as decoded to provide an indication when said number and said decoded first information groups correspond . |
| US8869249B2 CLAIM 20 . The method of claim 19 , wherein the access code (decode signal) is sent to the user via a different communication channel from which the first user (second information) authentication information is received . |
USRE31302E CLAIM 1 . In a system where the owner of an information bearing card such as a credit card or the like is in the sole possession of a predetermined memorized number of a given number of significant digits , said credit card having on a surface thereof a plurality of first indicia corresponding to said predetermined number and a plurality of second indicia corresponding to a code determining how said first indicia is manifested on said information bearing card , in combination therewith apparatus for verifying that said number and said first indicia correspond , comprising : a . first means including a keyboard for storing said number after insertion thereby by an owner , b . second means responsive to both said first and second indicia on said credit card for providing at an output thereof an electrical signal according to said indicia , c . third means responsive to a digit of said number as stored to provide a first control signal and then responsive to only said second indicia for providing any one of a plurality of control signals each one operative to determine how said first indicia is to be translated , d . a plurality of translating means coupled to said second means , each one capable of responding to said electrical signal output representative of said first indicia to provide a decoded signal therefrom according to the particular format of said translator , each of said decoded signals representative of a digit contained in said predetermined number when translated according to said second indicia , e . translating selector means responsive to said control signals and coupled to said translating means to cause a first one of said translating means to be selected according to said first control signal and thereafter others of said translating means to be selected according to said plurality of control signals , whereby different selected ones of said translating means provide different digits of said number according to said second indicia on said credit card , and f . comparison means responsive to said decoded signals and said stroed number to provide an output when said decode signal (access code) s correspond to said stored number , said output verifying that said memorized number and said first indicia on said card correspond . USRE31302E CLAIM 6 . In a system of the type where the owner of an information bearing card , such as a credit card to the like is in sole possession of a predetermined memorized number of a given number of significant digits , said credit card having on a surface thereof a plurality of indicia representative of first information groups , each group corresponding to one of said digits of said memorized number and second information (first user) groups corresponding to a decoding sequence for each one of said first information groups , in combination therewith apparatus for verifying that said memorized number and said first information groups correspond , comprising : a . first means for receiving and storing said memorized number after insertion thereby by an owner , b . card reading means responsive to said indicia on said card to provide an electrical signal according to said indicia , c . a plurality of selectable translators , each capable of responding to any one of said first information groups to provide at an output a decoded signal representative of one of said first information as corresponding to one of said digits of said memorized number , d . a translator selector circuit , coupled to said first means and said card reading means and operative in a first mode responsive to at least one of said significant digits of said stored number to select one of said translators to cause a first information group to be decoded according to said significant digit , and operative in a second mode responsive to said electrical signal representative of a second information group for selecting one of said translators to cause another first information group to be decoded according to said second information group whereby each one of said first information groups is decoded to correspond with said memorized number under control of at least one digit of said number and said second information and , e . comparison means coupled to said translators and said first means for comparing said memorized number . [ . or . ] . . Iadd . is . Iaddend . stored with said first information groups as decoded to provide an indication when said number and said decoded first information groups correspond . |