WO2007084851A3 - Providing selective access to a web site - Google Patents

Providing selective access to a web site Download PDF

Info

Publication number
WO2007084851A3
WO2007084851A3 PCT/US2007/060483 US2007060483W WO2007084851A3 WO 2007084851 A3 WO2007084851 A3 WO 2007084851A3 US 2007060483 W US2007060483 W US 2007060483W WO 2007084851 A3 WO2007084851 A3 WO 2007084851A3
Authority
WO
WIPO (PCT)
Prior art keywords
token
client
site
restricted
web site
Prior art date
Application number
PCT/US2007/060483
Other languages
French (fr)
Other versions
WO2007084851A2 (en
Inventor
Arturo E Crespo
Louis Vincent Perrochon
Original Assignee
Google Inc
Arturo E Crespo
Louis Vincent Perrochon
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Google Inc, Arturo E Crespo, Louis Vincent Perrochon filed Critical Google Inc
Publication of WO2007084851A2 publication Critical patent/WO2007084851A2/en
Publication of WO2007084851A3 publication Critical patent/WO2007084851A3/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0807Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6227Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database where protection concerns the structure of data, e.g. records, types, queries
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q30/00Commerce
    • G06Q30/06Buying, selling or leasing transactions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/102Entity profiles
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/02Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/14Session management
    • H04L67/142Managing session states for stateless protocols; Signalling session states; State transitions; Keeping-state mechanisms

Abstract

A restricted web site has features that are selectively exposed to clients. A screening web site interacts with clients and collects data about the clients using passive and/or active techniques. The screening site generates a token for the client, and includes data in the token identifying the token and describing the client. The token is encoded in a cookie and saved in the client's web browser. The client subsequently provides the token to the restricted site. The restricted site validates the token to ensure that it is legitimate, has not expired, and has not been used before. The restricted site selects one or more features to provide to the client based on the data about the client in the token and/or on other information. If the client does not present a token or the token is invalid, the restricted site does not expose any features to the client.
PCT/US2007/060483 2006-01-13 2007-01-12 Providing selective access to a web site WO2007084851A2 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US11/331,797 US7930736B2 (en) 2006-01-13 2006-01-13 Providing selective access to a web site
US11/331,797 2006-01-13

Publications (2)

Publication Number Publication Date
WO2007084851A2 WO2007084851A2 (en) 2007-07-26
WO2007084851A3 true WO2007084851A3 (en) 2008-04-10

Family

ID=38264946

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2007/060483 WO2007084851A2 (en) 2006-01-13 2007-01-12 Providing selective access to a web site

Country Status (2)

Country Link
US (3) US7930736B2 (en)
WO (1) WO2007084851A2 (en)

Families Citing this family (50)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8346593B2 (en) 2004-06-30 2013-01-01 Experian Marketing Solutions, Inc. System, method, and software for prediction of attitudinal and message responsiveness
US8732004B1 (en) 2004-09-22 2014-05-20 Experian Information Solutions, Inc. Automated analysis of data to generate prospect notifications based on trigger events
US8775586B2 (en) * 2005-09-29 2014-07-08 Avaya Inc. Granting privileges and sharing resources in a telecommunications system
JP2009525708A (en) * 2006-02-01 2009-07-09 ココ・コミュニケーションズ・コーポレーション Protocol link layer
US8255539B2 (en) * 2006-12-29 2012-08-28 Amadeus Sas System and method for extending sessions
US8606626B1 (en) 2007-01-31 2013-12-10 Experian Information Solutions, Inc. Systems and methods for providing a direct marketing campaign planning environment
US7996521B2 (en) 2007-11-19 2011-08-09 Experian Marketing Solutions, Inc. Service for mapping IP addresses to user segments
US8051455B2 (en) 2007-12-12 2011-11-01 Backchannelmedia Inc. Systems and methods for providing a token registry and encoder
US8160064B2 (en) 2008-10-22 2012-04-17 Backchannelmedia Inc. Systems and methods for providing a network link between broadcast content and content located on a computer network
US9094721B2 (en) 2008-10-22 2015-07-28 Rakuten, Inc. Systems and methods for providing a network link between broadcast content and content located on a computer network
US20100175113A1 (en) * 2009-01-05 2010-07-08 International Business Machine Corporation Secure System Access Without Password Sharing
US9185443B1 (en) * 2009-04-06 2015-11-10 The Directv Group, Inc. Method and system for determining a channel service
US8639920B2 (en) 2009-05-11 2014-01-28 Experian Marketing Solutions, Inc. Systems and methods for providing anonymized user profile data
US8613067B2 (en) 2009-11-17 2013-12-17 Secureauth Corporation Single sign on with multiple authentication factors
US8782134B2 (en) 2009-11-23 2014-07-15 Microsoft Corporation Common organization estimation at registration
US20110225495A1 (en) * 2010-03-12 2011-09-15 Salesforce.Com, Inc. Service Cloud Console
US8826231B1 (en) * 2010-06-28 2014-09-02 The Boeing Company Methods and systems for deploying software applications
US9152727B1 (en) 2010-08-23 2015-10-06 Experian Marketing Solutions, Inc. Systems and methods for processing consumer information for targeted marketing applications
US8799453B2 (en) 2010-10-20 2014-08-05 Microsoft Corporation Managing networks and machines for an online service
US8417737B2 (en) 2010-10-20 2013-04-09 Microsoft Corporation Online database availability during upgrade
US8751656B2 (en) 2010-10-20 2014-06-10 Microsoft Corporation Machine manager for deploying and managing machines
US8386501B2 (en) 2010-10-20 2013-02-26 Microsoft Corporation Dynamically splitting multi-tenant databases
US9075661B2 (en) 2010-10-20 2015-07-07 Microsoft Technology Licensing, Llc Placing objects on hosts using hard and soft constraints
US8850550B2 (en) * 2010-11-23 2014-09-30 Microsoft Corporation Using cached security tokens in an online service
US9652769B1 (en) * 2010-11-30 2017-05-16 Carbonite, Inc. Methods, apparatus and systems for securely storing and/or accessing payment information or other sensitive information based on tokens
US9721030B2 (en) 2010-12-09 2017-08-01 Microsoft Technology Licensing, Llc Codeless sharing of spreadsheet objects
US10534931B2 (en) 2011-03-17 2020-01-14 Attachmate Corporation Systems, devices and methods for automatic detection and masking of private data
US9215096B2 (en) 2011-08-26 2015-12-15 Salesforce.Com, Inc. Computer implemented methods and apparatus for providing communication between network domains in a service cloud
KR101767301B1 (en) 2011-09-09 2017-08-10 라쿠텐 인코포레이티드 Systems and methods for consumer control over interactive television exposure
US9654541B1 (en) 2012-11-12 2017-05-16 Consumerinfo.Com, Inc. Aggregating user web browsing data
EP3008935B1 (en) * 2013-06-12 2022-04-20 Telecom Italia S.p.A. Mobile device authentication in heterogeneous communication networks scenario
US9305163B2 (en) 2013-08-15 2016-04-05 Mocana Corporation User, device, and app authentication implemented between a client device and VPN gateway
US9473298B2 (en) 2013-08-15 2016-10-18 Blue Cedar Networks, Inc. Simplifying IKE process in a gateway to enable datapath scaling using a two tier cache configuration
US8997208B2 (en) 2013-08-15 2015-03-31 Mocana Corporation Gateway device for terminating a large volume of VPN connections
US20150153935A1 (en) * 2013-12-04 2015-06-04 Dropbox, Inc. Reservation system
US11257117B1 (en) 2014-06-25 2022-02-22 Experian Information Solutions, Inc. Mobile device sighting location analytics and profiling system
US9736019B2 (en) * 2015-05-14 2017-08-15 Eero Inc. Methods for dynamic router configuration in a mesh network
US9767309B1 (en) 2015-11-23 2017-09-19 Experian Information Solutions, Inc. Access control system for implementing access restrictions of regulated database records while identifying and providing indicators of regulated database records matching validation criteria
US11244053B2 (en) * 2016-03-03 2022-02-08 Deviceatlas Limited Counterfeit electronic device detection
US10678894B2 (en) 2016-08-24 2020-06-09 Experian Information Solutions, Inc. Disambiguation and authentication of device users
US10764272B1 (en) * 2017-01-13 2020-09-01 Walgreen Co. Secured automatic user log-in at website via personal electronic device
US10089619B1 (en) * 2017-10-04 2018-10-02 Capital One Services, Llc Electronic wallet device
CN107733653B (en) * 2017-10-09 2021-04-02 用友网络科技股份有限公司 User authority identification method and system and computer equipment
US11165581B2 (en) * 2018-10-05 2021-11-02 Mimecast Services Ltd. System for improved identification and authentication
US11032275B2 (en) * 2018-10-05 2021-06-08 Mimecast Services Ltd. System for improved identification and authentication
US11061999B2 (en) * 2018-11-06 2021-07-13 Citrix Systems, Inc. Systems and methods for dynamically enforcing digital rights management via embedded browser
US11089475B2 (en) * 2018-11-06 2021-08-10 Red Hat, Inc. Booting and operating computing devices at designated locations
US10755247B2 (en) * 2018-12-05 2020-08-25 Capital One Services, Llc Crowdfunding credit card payments
US11682041B1 (en) 2020-01-13 2023-06-20 Experian Marketing Solutions, Llc Systems and methods of a tracking analytics platform
WO2021262680A1 (en) * 2020-06-22 2021-12-30 Aadya Security, Inc. Distributed endpoint security architecture automated by artificial intelligence

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050060548A1 (en) * 2000-03-09 2005-03-17 Microsoft Corporation Session-state manager

Family Cites Families (27)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5495533A (en) * 1994-04-29 1996-02-27 International Business Machines Corporation Personal key archive
US6754636B1 (en) 1996-09-04 2004-06-22 Walker Digital, Llc Purchasing systems and methods wherein a buyer takes possession at a retailer of a product purchased using a communication network
US7137006B1 (en) * 1999-09-24 2006-11-14 Citicorp Development Center, Inc. Method and system for single sign-on user access to multiple web servers
US6122740A (en) * 1996-12-19 2000-09-19 Intel Corporation Method and apparatus for remote network access logging and reporting
US6256671B1 (en) * 1998-06-24 2001-07-03 Nortel Networks Limited Method and apparatus for providing network access control using a domain name system
US6141653A (en) 1998-11-16 2000-10-31 Tradeaccess Inc System for interative, multivariate negotiations over a network
US6260024B1 (en) 1998-12-02 2001-07-10 Gary Shkedy Method and apparatus for facilitating buyer-driven purchase orders on a commercial network system
US6701438B1 (en) * 1999-06-14 2004-03-02 Sun Microsystems, Inc. Methods and apparatus for providing customizable security and logging protocols in a servlet engine
US6678731B1 (en) * 1999-07-08 2004-01-13 Microsoft Corporation Controlling access to a network server using an authentication ticket
US7028072B1 (en) * 1999-07-16 2006-04-11 Unicast Communications Corporation Method and apparatus for dynamically constructing customized advertisements
US6678733B1 (en) 1999-10-26 2004-01-13 At Home Corporation Method and system for authorizing and authenticating users
US20020087496A1 (en) * 2000-04-05 2002-07-04 Stirpe Paul A. System, method and applications for knowledge commerce
US20020107918A1 (en) * 2000-06-15 2002-08-08 Shaffer James D. System and method for capturing, matching and linking information in a global communications network
US6748426B1 (en) * 2000-06-15 2004-06-08 Murex Securities, Ltd. System and method for linking information in a global computer network
US6836845B1 (en) * 2000-06-30 2004-12-28 Palm Source, Inc. Method and apparatus for generating queries for secure authentication and authorization of transactions
US7016877B1 (en) * 2000-08-04 2006-03-21 Enfotrust Networks, Inc. Consumer-controlled limited and constrained access to a centrally stored information account
US6691070B1 (en) * 2000-11-03 2004-02-10 Mack Information Systems System and method for monitoring a controlled environment
US7379980B1 (en) * 2000-12-21 2008-05-27 At&T Delaware Intellectual Property, Inc. Cookie management systems and methods
US20020178074A1 (en) 2001-05-24 2002-11-28 Gregg Bloom Method and apparatus for efficient package delivery and storage
US7610390B2 (en) * 2001-12-04 2009-10-27 Sun Microsystems, Inc. Distributed network identity
GB2383505B (en) * 2001-12-21 2004-03-31 Searchspace Ltd System and method for monitoring usage patterns
US20040128546A1 (en) * 2002-12-31 2004-07-01 International Business Machines Corporation Method and system for attribute exchange in a heterogeneous federated environment
US7921152B2 (en) * 2003-07-17 2011-04-05 International Business Machines Corporation Method and system for providing user control over receipt of cookies from e-commerce applications
US20050154887A1 (en) * 2004-01-12 2005-07-14 International Business Machines Corporation System and method for secure network state management and single sign-on
US7630974B2 (en) * 2004-09-28 2009-12-08 Oracle International Corporation Multi-language support for enterprise identity and access management
US7536389B1 (en) * 2005-02-22 2009-05-19 Yahoo ! Inc. Techniques for crawling dynamic web content
US7908649B1 (en) * 2005-09-20 2011-03-15 Netapp, Inc. Method and apparatus for providing efficient authorization services in a web cache

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050060548A1 (en) * 2000-03-09 2005-03-17 Microsoft Corporation Session-state manager

Also Published As

Publication number Publication date
US20110185412A1 (en) 2011-07-28
WO2007084851A2 (en) 2007-07-26
US20130014241A1 (en) 2013-01-10
US20070169189A1 (en) 2007-07-19
US8347371B2 (en) 2013-01-01
US7930736B2 (en) 2011-04-19

Similar Documents

Publication Publication Date Title
WO2007084851A3 (en) Providing selective access to a web site
WO2005106741A3 (en) Home ticketing system
AU2003294251A1 (en) Server resource management, analysis, and intrusion negation
WO2006068969A3 (en) Method and device for publishing cross-network user behavioral data
WO2006025892A3 (en) Techniques for health monitoring and control of application servers
WO2006121646A3 (en) Automated client device management
EP1672873A3 (en) Providing tokens to access federated resources
WO2008021454A3 (en) Federated credentialing system and method
WO2007002089A3 (en) Identity information services, methods, devices, and systems
WO2002048843A3 (en) Web-based method and system for applying a legally enforceable signature on an electronic document
WO2003062961A3 (en) Packet-based internet voting transactions with biometric authentication
WO2006007146A3 (en) A method and apparatus for managing power consumption of a server
WO2006053087A3 (en) Method and system for insurance portfolio analysis
EP2479957A3 (en) System and method for authenticating remote server access
WO2007012035A3 (en) Wagering game with encryption and authentication
WO2005109225A3 (en) Online fraud solution
WO2008042614A3 (en) Role based internet access and individualized role based systems to view biometric information
WO2003075125A3 (en) Location aware data network
WO2008015458A3 (en) System and method for authenticating a workflow
WO2006076187A3 (en) Method and apparatus for enhancing security of wireless communications
EP1612686A4 (en) Content providing server, information processing device and method, and computer program
EP1612685A4 (en) Content providing server, information processing device and method, and computer program
WO2006081013A3 (en) System and method of managing content
WO2007028160A3 (en) Database system and method for access control and workflow routing
EP1850233A4 (en) Authentication method, authentication system, and tag device thereof, information reference client, authentication server, and information server

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application
NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 07710104

Country of ref document: EP

Kind code of ref document: A2