Patent US7272639 - Internet server access control and monitoring systems

This invention relates to methods for controlling and monitoring access to network servers. In particular, the process described in the invention includes client-server sessions over the Internet. In this environment, when the user attempts to access an access-controlled file, the server subjects the request to a secondary server which determines whether the client has an authorization or valid account. Upon such verification, the user is provided with a session identification which allows the user to access to the requested file as well as any other files within the present protection domain.

Inventors: Thomas Mark Levergood, Lawrence C. Stewart, Stephen Jeffrey Morris, Andrew C. Payne, George Winfield Treese
Original Assignee: Soverain Software LLC
Primary Examiner: Patrice Winder
Attorney: Jones Day
Current U.S. Classification: 709/218; 709/203; 709/229

View patent at USPTO
Search USPTO Assignment Database

Citations

Cited Patent	Filing date	Issue date	Original Assignee	Title
US4305059	Jan 3, 1980	Dec 8, 1981		Modular funds transfer system
US4528643	Jan 10, 1983	Jul 9, 1985	FPDC, Inc.	System for reproducing information in material objects at a point of sale location
US4529870	Jun 25, 1982	Jul 16, 1985		Cryptographic identification, financial transaction, and credential device
US4578530	Dec 7, 1983	Mar 25, 1986	VISA U.S.A., Inc.	End-to-end encryption system and method of operation
US4734858	Nov 26, 1984	Mar 29, 1988	Portel Services Network, Inc.	Data terminal and system for placing orders
US4755940	Jan 6, 1987	Jul 5, 1988	International Business Machines Corporation	Transaction security system
US4759063	Aug 22, 1983	Jul 19, 1988		Blind signature systems
US4759064	Oct 7, 1985	Jul 19, 1988		Blind unanticipated signature systems
US4775935	Sep 22, 1986	Oct 4, 1988	Westinghouse Electric Corp.	Video merchandising system with variable and adoptive product sequence presentation order
US4795890	Feb 2, 1987	Jan 3, 1989	Light Signatures, Inc.	Device authentication system for on and off line use
US4799156	Oct 1, 1986	Jan 17, 1989	Strategic Processing Corporation	Interactive market management system
US4812628	Mar 27, 1987	Mar 14, 1989	Visa International Service Association	Transaction system with off-line risk assessment
US4827508	Oct 14, 1985	May 2, 1989	Personal Library Software, Inc.	Database usage metering and protection system and method
US4891503	Mar 29, 1988	Jan 2, 1990	Gascard, Inc.	Distributed authorization system
US4922521	Mar 8, 1989	May 1, 1990	U.S. Philips Corporation	System for providing secure telecommunication access to a computer
US4926480	May 24, 1988	May 15, 1990		Card-computer moderated systems
US4935870	Aug 3, 1988	Jun 19, 1990	Keycom Electronic Publishing	Apparatus for downloading macro programs and executing a downloaded macro program responding to activation of a single key
US4947028	Jul 19, 1988	Aug 7, 1990	Arbor International, Inc.	Automated order and payment system
US4947430	Nov 23, 1987	Aug 7, 1990		Undeniable signature systems
US4949380	Oct 20, 1988	Aug 14, 1990		Returned-value blind signature systems
US4972318	Apr 24, 1990	Nov 20, 1990	Iron City Sash & Door Company	Order entry and inventory control method
US4977595	Mar 28, 1990	Dec 11, 1990	Nippon Telegraph and Telephone Corporation	Method and apparatus for implementing electronic cash
US4982346	Dec 16, 1988	Jan 1, 1991	Expertel Communications Incorporated	Mall promotion network apparatus and method
US4987593	Apr 5, 1990	Jan 22, 1991		One-show blind signature systems
US4991210	May 4, 1989	Feb 5, 1991		Unpredictable blind signature systems
US4992940	Mar 13, 1989	Feb 12, 1991	H-Renee, Incorporated	System and method for automated selection of equipment for purchase through input of user desired specifications
US4996711	Jun 21, 1989	Feb 26, 1991		Selected-exponent signature systems
US5025373	Jun 30, 1988	Jun 18, 1991	JML Communications, Inc.	Portable personal-banking system
US5060153	Apr 5, 1989	Oct 22, 1991	Sharp Kabushiki Kaisha	Teller machine with mode for continuously sending off-line collected transaction data to a host while ignoring incomplete data response signals
US5077607	Apr 20, 1989	Dec 31, 1991	Scientific-Atlanta, Inc.	Cable television transaction terminal
US5105184	Nov 9, 1989	Apr 14, 1992		Methods for displaying and integrating commercial advertisements with computer software
US5220501	Dec 8, 1989	Jun 15, 1993	Online Resources, Ltd.	Method and system for remote delivery of retail banking services
US5247575	Apr 24, 1992	Sep 21, 1993		Information distribution system
US5276736	Jul 13, 1992	Jan 4, 1994		Optionally moderated transaction systems
US5305195	Mar 25, 1992	Apr 19, 1994	Gerald Singer	Interactive advertising system for on-line terminals
US5311594	Mar 26, 1993	May 10, 1994	AT&T Bell Laboratories	Fraud protection for card transactions
US5319542	Sep 27, 1990	Jun 7, 1994	International Business Machines Corporation	System for ordering items using an electronic catalogue
US5321751	Feb 18, 1993	Jun 14, 1994	Eastman Kodak Company	Method and apparatus for credit card verification
US5336870	May 26, 1992	Aug 9, 1994		System for remote purchase payment transactions and remote bill payments
US5341429	Dec 4, 1992	Aug 23, 1994	TestDrive Corporation	Transformation of ephemeral material
US5347632	Jul 28, 1989	Sep 13, 1994	Prodigy Services Company	Reception system for an interactive computer network and method of operation
US5351186	Jan 16, 1991	Sep 27, 1994	Bullock Communications, Inc.	System and method for obtaining information concerning a product or a service
US5351293	Feb 1, 1993	Sep 27, 1994	Wave Systems Corp.	System method and apparatus for authenticating an encrypted signal
US5383113	Jul 25, 1991	Jan 17, 1995	Checkfree Corporation	System and method for electronically providing customer services including payment of bills, financial analysis and loans
US5414833	Oct 27, 1993	May 9, 1995	International Business Machines Corporation	Network security system and method using a parallel finite state machine adaptive active monitor and responder
US5475585	Feb 2, 1994	Dec 12, 1995		Transactional processing system
US5521631	May 25, 1994	May 28, 1996	SpectraVision, Inc.	Interactive digital video services system with store and forward capabilities
US5530852	Dec 20, 1994	Jun 25, 1996	Sun Microsystems, Inc.	Method for extracting profiles and topics from a first file written in a first markup language and generating files in different markup languages containing the profiles and topics for use in accessing data described by the profiles and topics
US5535229	May 10, 1993	Jul 9, 1996	Global Interconnect, Corp.	Digital data transfer system for use especially with advertisement insertion systems
US5544322	May 9, 1994	Aug 6, 1996	International Business Machines Corporation	System and method for policy-based inter-realm authentication within a distributed processing system
US5557516	Feb 4, 1994	Sep 17, 1996	MasterCard International	System and method for conducting cashless transactions
US5557518	Apr 28, 1994	Sep 17, 1996	Citibank, N.A.	Trusted agents for open electronic commerce
US5557798	Dec 21, 1990	Sep 17, 1996	Tibco, Inc.	Apparatus and method for providing decoupling of data exchange details for providing high performance communication between software processes
US5560008	May 15, 1989	Sep 24, 1996	International Business Machines Corporation	Remote authentication and authorization in a distributed data processing system
US5577209	Jul 5, 1994	Nov 19, 1996	ITT Corporation	Apparatus and method for providing multi-level security for communication among computers and terminals on a network
US5590197	Apr 4, 1995	Dec 31, 1996	V-ONE Corporation	Electronic payment system and method
US5592378	Aug 19, 1994	Jan 7, 1997	Andersen Consulting LLP	Computerized order entry system and method
US5594910	Nov 26, 1993	Jan 14, 1997	IBM Corp.	Interactive computer network and method of operation
US5596642	Sep 30, 1994	Jan 21, 1997	Electronic Payment Services, Inc.	Network settlement performed on consolidated information
US5596643	Jan 3, 1996	Jan 21, 1997	Electronic Payment Services, Inc.	Network settlement performed on consolidated information
US5604802	Jul 18, 1994	Feb 18, 1997	International Business Machines Corporation	Transaction processing system
US5621797	Dec 19, 1995	Apr 15, 1997	Citibank, N.A.	Electronic ticket presentation and transfer method
US5623547	Mar 6, 1995	Apr 22, 1997	Jonhig Limited	Value transfer system
US5623656	Dec 15, 1994	Apr 22, 1997	Lucent Technologies Inc.	Script-based data communication system and method utilizing state memory
US5642419	Dec 19, 1995	Jun 24, 1997	Citibank N.A.	Method for acquiring and revalidating an electronic credential
US5664110	Dec 8, 1994	Sep 2, 1997	Highpoint Systems, Inc.	Remote ordering system
US5664111	Feb 16, 1994	Sep 2, 1997	Honicorp, Inc.	Computerized, multimedia, network, real time, interactive marketing and transactional system
US5694551	Apr 24, 1995	Dec 2, 1997	Moore Business Forms, Inc.	Computer integration network for channeling customer orders through a centralized computer to various suppliers
US5708780	Jun 7, 1995	Jan 13, 1998	Open Market, Inc.	Internet server access control and monitoring systems
US5710884	Mar 29, 1995	Jan 20, 1998	Intel Corporation	System for automatically updating personal profile server with updates to additional user information gathered from monitoring user's electronic consuming habits generated on computer during use
US5715314	Oct 24, 1994	Feb 3, 1998	Open Market, Inc.	Network sales system
US5724424	Nov 29, 1995	Mar 3, 1998	Open Market, Inc.	Digital active advertising
US5727164	Dec 13, 1991	Mar 10, 1998	Max Software, Inc.	Apparatus for and method of managing the availability of items
US5734719	Dec 10, 1996	Mar 31, 1998	International Business Systems, Incorporated	Digital information accessing, delivery and production system
US5761662	May 8, 1997	Jun 2, 1998	Sun Microsystems, Inc.	Personalized information retrieval using user-defined profile
US5768521	Feb 2, 1996	Jun 16, 1998	Intel Corporation	General purpose metering mechanism for distribution of electronic information
US5774670	Oct 6, 1995	Jun 30, 1998	Netscape Communications Corporation	Persistent client state in a hypertext transfer protocol based client-server system
US5784565	Feb 5, 1997	Jul 21, 1998		Server for either anonymous or pre-authorized users to order goods or services on the world-wide web computer network
US5806077	Jan 15, 1993	Sep 8, 1998	International Business Machines Corporation	Hypertext display system
US5812776	Jun 7, 1995	Sep 22, 1998	Open Market, Inc.	Method of providing internet pages by mapping telephone number provided by client to URL and returning the same in a redirect command by server
US5819092	Oct 6, 1997	Oct 6, 1998	Vermeer Technologies, Inc.	Online service development tool with fee setting capabilities
US5826241	Sep 16, 1994	Oct 20, 1998	First Virtual Holdings Incorporated	Computerized system for making payments and authenticating transactions over the internet
US5826242	Aug 27, 1997	Oct 20, 1998	Netscape Communications Corporation	Method of on-line shopping utilizing persistent client state in a hypertext transfer protocol based client-server system
US5848399	Jul 25, 1996	Dec 8, 1998		Computer system for allowing a consumer to purchase packaged goods at home
US5895454	Apr 17, 1997	Apr 20, 1999		Integrated interface for vendor/product oriented internet websites
US5897622	Oct 16, 1996	Apr 27, 1999	Microsoft Corporation	Electronic shopping and merchandising system
US5909492	Jun 18, 1997	Jun 1, 1999	Open Market, Incorporated	Network sales system
US5920847	Oct 7, 1996	Jul 6, 1999	Visa International Service Association	Electronic bill pay system
US6006199	Dec 31, 1991	Dec 21, 1999	International Business Machines Corporation	Method and system for automated payment within a computer integrated manufacturing system
US6023683	Aug 10, 1994	Feb 8, 2000	Fisher Scientific Company	Electronic sourcing system and method
US6041316	Jul 25, 1994	Mar 21, 2000	Lucent Technologies Inc.	Method and system for ensuring royalty payments for data delivered over a network
US6049785	Mar 2, 1998	Apr 11, 2000	Open Market, Inc.	Open network payment system for providing for authentication of payment orders based on a confirmation electronic mail message
US6134592	Aug 27, 1997	Oct 17, 2000	Netscape Communications Corporation	Persistant client state in a hypertext transfer protocol based client-server system
US6195649	Mar 2, 1998	Feb 27, 2001	Open Market, Inc.	Digital active advertising
US6199051	Mar 2, 1998	Mar 6, 2001	Open Market, Inc.	Digital active advertising
US6205437	Mar 2, 1998	Mar 20, 2001	Open Market, Inc.	Open network payment system for providing for real-time authorization of payment and purchase transactions
US6449599	May 4, 1999	Sep 10, 2002	Open Market, Inc.	Network sales system
US6708157	Feb 7, 2001	Mar 16, 2004	ContentGuard Holdings Inc.	System for controlling the distribution and use of digital works using digital tickets

Referenced by

Citing Patent	Filing date	Issue date	Original Assignee	Title
US7401115	Oct 23, 2000	Jul 15, 2008	AOL LLC	Processing selected browser requests
US7457850	Nov 22, 2000	Nov 25, 2008	Justsystem Corporation	Information server system
US7707628	Jan 24, 2005	Apr 27, 2010	Fuji Xerox Co., Ltd.	Network system, internal server, terminal device, storage medium and packet relay method
US7801054	Oct 2, 2006	Sep 21, 2010	AT&T Intellectual Property I, L.P.	Methods, systems, and computer program products for implementing network visualization services
US7860532	Oct 2, 2006	Dec 28, 2010	Nokia Corporation	Method and system for initiating a communication from an arbitrary document
US7890552	Oct 2, 2006	Feb 15, 2011	AT&T Intellectual Property I, L.P.	Methods, systems, and computer program products for implementing media content analysis, distribution, and re-allocation services
US7908200	May 10, 2002	Mar 15, 2011	Versata Development Group, Inc.	Method and apparatus for efficiently generating electronic requests for quote
US7970722	Nov 9, 2009	Jun 28, 2011	Aloft Media, LLC	System, method and computer program product for a collaborative decision platform
US7987211	Feb 29, 2008	Jul 26, 2011	Dell Products L.P.	System and method for automated deployment of an information handling system
US7996460	Jul 14, 2008	Aug 9, 2011	AOL Inc.	Processing selected browser requests
US8005777	Jul 27, 2010	Aug 23, 2011	Aloft Media, LLC	System, method and computer program product for a collaborative decision platform
US8042055	Mar 14, 2008	Oct 18, 2011	TeaLeaf Technology, Inc.	Replaying captured network interactions
US8051180	Oct 25, 2006	Nov 1, 2011	Citrix Systems, Inc.	Methods and servers for establishing a connection between a client system and a virtual machine executing in a terminal services session and hosting a requested computing environment
US8117314	Jan 18, 2007	Feb 14, 2012	Citrix Systems, Inc.	Methods and systems for providing remote access to a computing environment provided by a virtual machine
US8127000	Dec 27, 2006	Feb 28, 2012	TeaLeaf Technology, Inc.	Method and apparatus for monitoring and synchronizing user interface events with network data
US8156246	Sep 26, 2011	Apr 10, 2012	NOMADIX, Inc.	Systems and methods for providing content and services on a network system
US8160988	Jul 27, 2010	Apr 17, 2012	Aloft Media, LLC	System, method and computer program product for a collaborative decision platform
US8190708	Oct 20, 2000	May 29, 2012	NOMADIX, Inc.	Gateway device having an XML interface and associated method
US8223938	Oct 2, 2006	Jul 17, 2012	AT&T Intellectual Property I, L.P.	Methods, systems, and computer program products for providing caller identification services
US8244886	Sep 2, 2010	Aug 14, 2012	NOMADIX, Inc.	Systems and methods for providing content and services on a network system
USRE41903	Oct 7, 2005	Oct 26, 2010	SAP AG	Systems and methods for recording and visually recreating sessions in a client-server environment
USRE42892	Oct 17, 2002	Nov 1, 2011	Netscape Communications Corporation	Method and apparatus for maintaining state information on an HTTP client system in relation to server domain and path attributes

Claims

1. A method of processing service requests from a client to a server system through a network, said method comprising the steps of forwarding a service request from the client to the server system, wherein communications between the client and server system are according to hypertext transfer protocol;

returning a session identifier from the server system to the client, the client storing the session identifier for use in subsequent distinct requests to the server system; and

appending the stored session identifier to each of the subsequent distinct requests from the client to the server system.

2. A method as claimed in claim 1 wherein the session identifier includes a user identifier.

3. A method as claimed in claim 1 wherein the session identifier includes an expiration time for the session.

4. A method as claimed in claim 1 wherein the server system records information from the session identifier in a transaction log in the server system.

5. A method as claimed in claim 4 wherein the server system tracks the access history of sequences of service requests within a session of requests.

6. A method as claimed in claim 5 wherein the server system tracks the access history to determine service requests leading to a purchase made within the session of requests.

7. A method as claimed in claim 4 wherein the server system counts requests to particular services exclusive of repeated requests from a common client.

8. A method as claimed in claim 4 wherein the server system maintains a data base relating customer information to access patterns.

9. A method as claimed in claim 8 wherein the information includes customer demographics.

10. A method as claimed in claim 1 wherein the server system assigns the session identifier to an initial service request to the server system.

11. A method as claimed in claim 1 wherein the server system subjects the client to an authorization routine prior to issuing the session identifier and the session identifier is protected from forgery.

12. A method as claimed in claim 1 wherein the server system comprises plural servers including an authentication server which provides session identifiers for service requests to multiple servers.

13. A method as claimed in claim 12 wherein:

a client directs a service request to a first server which is to provide the requested service;

the first server checks the service request for a session identifier and only services a service request having a valid session identifier, and where the service request has no valid identifier:

the first server returns a response to the client, the response redirecting the service request from the client to the authentication server;

the authentication server subjects the client to an authorization routine and issues the session identifier to be appended to the service request to the first server;

the client forwards the service request appended with the session identifier to the first server; and

the first server recognizes the session identifier and services the service request to the client; and

the client appends the session identifier to subsequent service requests to the server system and is serviced without further authorization.

14. A method as claimed in claim 13 wherein the session identifier includes a user identifier.

15. A method as claimed in claim 13 wherein the session identifier includes an expiration time for the session.

16. A method as claimed in claim 13 wherein the session identifier provides access to a protected domain to which the session has access authorization.

17. A method as claimed in claim 16 wherein the session identifier is modified for access to a different protected domain.

18. A method as claimed in claim 13 wherein the session identifier provides a key identifier for key management.

19. A method as claimed in claim 13 wherein the server system records information from the session identifier in a transaction log in the server system.

20. The method of claim 1 wherein the access rights of the client are fully contained within the session identifier.

21. A method as claimed in claim 1 wherein a service request is for a document and the session identifier includes a user identification, further comprising:

returning the requested document wherein the document is customized for a particular user based on the user identification of the session identifier.

22. A method as claimed in claim 1 wherein a service request is for a document which has been purchased by a user, the session identifier comprises an authorization identifier, and further comprising:

returning the requested document if the authorization identifier indicates that the user is authorized to access the document.

23. A method as claimed in claim 1 wherein a service request is for a document wherein the session identifier comprises a user identifier, and further comprising:

returning the requested document to the client; and

charging the user identified in the identifier for access to the document.

24. The method of claim 1, wherein at least one service request comprises a request for a document which has been purchased by a user, and wherein the session identifier comprises an authorization identifier, the method further comprising:

returning the requested document if the authorization identifier indicates that the user is authorized to access the document.

25. A method as claimed in claim 24, wherein the authorization identifier is encoded within a session identifier which is appended to the request.

26. The method of claim 24 wherein the authorization identifier is provided by authentication server.

27. The method of claim 24, further comprising:

identifying the user from the authorization identifier; and

automatically charging the identified user for the document.

28. The method of claim 24, wherein the document is returned electronically.

29. The method of claim 24, wherein a physical copy of the document is sent.

30. The method of claim 24, wherein the authorization identifier in appended to uniform resource locator.

31. The method of claim 1, wherein at least one service request comprises a request for a document, wherein the session identifier is designated by the server system, said method further comprising the steps of:

returning the requested document to the client; and

charging the user identified in the session identifier for access to the document.

32. A method as claimed in claim 31, wherein a user identifier is encoded within a session identifier which is appended to the request.

33. The method of claim 1 wherein the session identifier is cryptographically generated.

34. The method of claim 1 further comprising:

returning a response to the client, the response redirecting an initial service request to an authentication server, the authentication server providing the session identifier.

35. The method of claim 1, wherein the session identifier is appended to at least one path name in a document returned by the server system.

36. The method of claim 35, wherein the at least one path name is in a link in the returned document.

37. The method of claim 36 wherein the link is an absolute link.

38. The method of claim 36 wherein the link comprises a uniform resource locator.

39. The method of claim 35 wherein the step of appending the session identifier comprises filtering the requested document.

40. The method of claim 35 wherein the session identifier is cryptographically generated.

41. The method of claim 35 wherein the session identifier is directed to an accessible domain.

42. The method of claim 35 wherein the session identifier comprises an expiration time.

43. The method of claim 35 wherein the session identifier comprises a date.

44. The method of claim 35 wherein the session identifier comprises a key identifier.

45. The method of claim 35 wherein the session identifier comprises an address of the client.

46. The method of claim 35 wherein the session identifier comprises a digital signature.

47. The method of claim 1, wherein the session identifier is designated by the server system, furthers comprising the steps of:

validating, at the server system, the appended session identifier; and

returning a controlled document if the appended session identifier is valid.

48. The method of claim 47 wherein the session identifier is cryptographically generated.

49. The method of claim 47 wherein the session identifier is directed to an accessible domain.

50. The method of claim 47 wherein the session identifier comprises an expiration time.

51. The method of claim 47 wherein the session identifier comprises a date.

52. The method of claim 47 wherein the session identifier comprises a key identifier.

53. The method of claim 47 wherein the session identifier comprises an address of the client.

54. The method of claim 47 wherein the session identifier comprises an unforgeable digital signature.

55. The method of claim 47 wherein the session identifier facilitates authenticated accesses across multiple content servers.

56. The method of claim 47 wherein the document is customized for a particular user based on a user identification of the session identifier.

57. The method of claim 47, wherein the session identifier is appended to at least one path name in a document returned by the server system.

58. The method of claim 57 wherein the step of appending the session identifier comprises filtering the requested document.

59. The method of claim 1, further comprising:

servicing a request; and

automatically charging a user identified by the session identifier for the service provided.

60. The method of claim 1, wherein at least one service request comprises a purchase request, the purchase request including an associated user identifier, the method further comprising:

accessing, upon receipt of the purchase request at the server system, user information associated with the user identifier sufficient to charge to an account associated with the user, the purchase price of the product identified by the purchase request;

charging the user for the product identified by the purchase request according to the user information; and

fulfilling the purchase request based on the user information.

61. The method of claim 60, wherein the client includes the user identifier in a session identifier appended to the purchase request.

62. The method of claim 1, further comprising:

under control of a client system, displaying information identifying a product; and

in response to a user selection of a hyperlink associated with a product desired to be purchased, sending a request to purchase the item along with an identifier of a purchaser of the item to a server system; and

under control of the server system, upon receiving the request, retrieving additional information previously stored for the purchaser identified by the identifier in the received request;

charging the user the purchase price of the product; and

fulfilling the request for the product.

63. The method of claim 1, wherein the session identifier is appended by the client.

64. The method of claim 63, wherein the session identifier is cryptographically generated.

65. The method of claim 1, wherein a service request comprises a request to purchase a product.

66. The method of claim 65, wherein the product is transmitted over the network.

67. The method of claim 66, wherein the product is a newspaper/newsletter article.

68. The method of claim 65, wherein the product is a durable product.

69. An information system on a network, comprising:

means for receiving service requests from a client and for determining whether a service request includes a session identifier, wherein communications to and from the client are according to hypertext transfer protocol;

means for providing the session identifier in response to an initial service request from the client in a session of requests;

means for storing, at the client, the session identifier for use in each communication to the server system;

means for appending the stored session identifier to each of subsequent communications from the client to the server system; and

means for servicing the subsequent service requests.

70. The information system of claim 69 wherein access rights of the client are fully contained within the session identifier.

71. An information system as claimed in claim 69 wherein the means for providing the session identifier is in a server system which services the requests.

72. An information system as claimed in claim 69 further comprising an authorization routine for authorizing the client prior to issuing the session identifier and means for protecting the session identifier from forgery.

73. An information server system as claimed in claim 69 further comprising a transaction log for recording information from the session identifier.

74. An information system as claimed in claim 69 further comprising means for tracking access history of sequences of service requests within the session of requests.

75. An information system as claimed in claim 69 further comprising means for counting requests to particular services exclusive of repeated requests from a common client.

76. An information system as claimed in claim 69 further comprising a data base relating customer information to access patterns.

77. An information system as claimed in claim 76 wherein the information includes customer demographics.

78. A method of processing, in a server system, service requests from a client to the server system through a network, said method comprising the steps of:

receiving, from the client, a service request to which a session identifier stored at the client has been appended by the client, wherein communications between the client and server system are according to hypertext transfer protocol;

validating the session identifier appended to the service request; and servicing the service request if the appended session identifier is valid.

79. The method of claim 78, further comprising, in the server system:

receiving an initial service request from the client;

creating, responsive to the initial service request, the session identifier; and

returning the session identifier to the client for storage by the client for use in subsequent distinct requests to the server system.

Drawings

Patents

Internet server access control and monitoring systems

Citations

Referenced by

Claims

Drawings