최소 단어 이상 선택하여야 합니다.
최대 10 단어까지만 선택 가능합니다.
다음과 같은 기능을 한번의 로그인으로 사용 할 수 있습니다.
NTIS 바로가기다음과 같은 기능을 한번의 로그인으로 사용 할 수 있습니다.
DataON 바로가기다음과 같은 기능을 한번의 로그인으로 사용 할 수 있습니다.
Edison 바로가기다음과 같은 기능을 한번의 로그인으로 사용 할 수 있습니다.
Kafe 바로가기국가/구분 | United States(US) Patent 등록 |
---|---|
국제특허분류(IPC7판) |
|
출원번호 | US-0549943 (2014-11-21) |
등록번호 | US-9369469 (2016-06-14) |
발명자 / 주소 |
|
출원인 / 주소 |
|
대리인 / 주소 |
|
인용정보 | 피인용 횟수 : 0 인용 특허 : 305 |
A system for securing and tracking usage of transaction services or computer resources by a client computer from a first server computer, which includes clearinghouse means for storing identity data of the first server computer and the client computer(s); server software means and client software me
A system for securing and tracking usage of transaction services or computer resources by a client computer from a first server computer, which includes clearinghouse means for storing identity data of the first server computer and the client computer(s); server software means and client software means adapted to forward its identity data and identity data of the client computer(s) to the clearinghouse means at the beginning of an operating session; and a hardware key connected to the client computer, the key being adapted to generate a digital identification as part of the identity data; wherein the hardware key is implemented using a hardware token access system, a magnetic card access system, a smart card access system, a biometric identification access system or a central processing unit with a unique embedded digital identification.
1. A method for controlling access, by at least one authentication server, to protected computer resources provided via an Internet Protocol network, the method comprising: receiving, at the at least one authentication server from at least one access server, identity data associated with at least on
1. A method for controlling access, by at least one authentication server, to protected computer resources provided via an Internet Protocol network, the method comprising: receiving, at the at least one authentication server from at least one access server, identity data associated with at least one client computer device;comparing, by the at least one authentication server, the identity data associated with the at least one client computer device to identity data stored in a database associated with the at least one authentication server;sending, by the at least one access server to the at least one client computer device, a challenge;receiving, at the at least one access server, a response from the at least one client computer device;comparing, at the at least one access server, the challenge and the response;receiving, by at least one server associated with the at least one authentication server, a request for the protected computer resources from the at least one client computer device;authorizing, by one of the at least one server associated with the at least one authentication server and another at least one server associated with the at least one authentication server, the at least one client computer device to receive at least a portion of the protected computer resources requested by the at least one client computer device based on data associated with the protected computer resources stored in at least one database associated with one of the at least one server associated with the at least one authentication server and the another at least one server associated with the at least one authentication server; andcontrolling access, by one of the at least one server associated with the at least one authentication server, the another at least one server associated with the at least one authentication server, and yet another at least one server associated with the at least one authentication server, to the at least a portion of the protected computer resources upon successfully comparing the identity data associated with the at least one client computer device and the identity data stored in the database associated with the at least one authentication server, and upon successful authorization of the at least one client computer device. 2. The method of claim 1, further comprising deriving the identity data associated with the at least one client computer device from one of an external device and an external object connected to the at least one client computer device. 3. The method of claim 2, wherein the one of an external device and an external object is a subscriber identity module. 4. The method of claim 1, wherein the identity data associated with the at least one client computer device is derived from a subscriber identity module. 5. The method of claim 1, wherein at least one of the functions of the at least one authentication server is performed by another server associated with the at least one authentication server. 6. The method of claim 1, further comprising storing at least one phone number in a database associated with the at least one server associated with the at least one authentication server. 7. The method of claim 1, further comprising storing at least one cellular phone number in a database associated with the at least one server associated with the at least one authentication server. 8. The method of claim 7, further comprising comparing, at the at least one server associated with the at least one authentication server, at least a portion of the identity data associated with the at least one client computer device to the at least one cellular phone number stored in the database associated with the at least one server associated with the at least one authentication server. 9. The method of claim 7, further comprising comparing, at the at least one server associated with the at least one authentication server, at least a portion of the identity data associated with the at least one client computer device to a number stored in the database associated with the at least one server associated with the at least one authentication server, the number comprising a portion of the at least one cellular phone number. 10. The method of claim 1, further comprising assigning one of a plurality of authorization levels to the at least a portion of the protected computer resources, assigning a particular authorization level to the identity data associated with the at least one client computer device, and only controlling access to particular protected computer resources by the at least one client computer device controlled by the particular authorization level. 11. The method of claim 1, wherein the Internet Protocol network comprises the Internet. 12. The method of claim 1, further comprising generating the identity data associated with the at least one client computer device from at least one internal hardware component of the at least one client computer device. 13. The method of claim 1, wherein the identity data associated with the at least one client computer device is unique to the at least one client computer device. 14. The method of claim 1, further comprising providing, by at least one of a plurality of multiple servers associated with the at least one access server, the at least the portion of the requested protected computer resources to the at least one client computer device upon the at least one authentication server controlling access to the at least the portion of protected computer resources. 15. The method of claim 1, wherein the at least one client computer device is adapted to authenticate the at least one access server. 16. The method of claim 1, wherein the at least one server associated with the authentication server is adapted to assign one of a plurality of authorization levels to the at least a portion of the protected computer resources, is adapted to assign a particular authorization level to the identity data associated with the at least one client computer device, and is adapted to only control access to particular protected computer resources by the at least one client computer device controlled by the particular authorization level. 17. The method of claim 1, further comprising assigning, by one of the at least one server associated with the at least one authentication server, the another at least one server associated with the at least one authentication server, and the yet another at least one server associated with the at least one authentication server, one of a plurality of authorization levels to the at least a portion of the protected computer resources, and a particular authorization level to the identity data associated with the at least one client computer device, and only controlling access, by one of the at least one server associated with the authentication server, the another at least one server associated with the at least one authentication server, and the yet another at least one server associated with the at least one authentication server, to particular protected computer resources by the at least one client computer device according to the particular authorization level. 18. The method of claim 1, wherein at least one of the at least one access server and a server associated with the at least one authentication server is adapted to acquire, for billing purposes, usage data of the at least a portion of the protected computer resources provided to the at least one client computer device. 19. The method of claim 1, wherein the at least one access server is adapted to receive the identity data associated with the at least one client computer device via a network utilizing at least one Internet Protocol. 20. The method of claim 1, wherein the at least the portion of the protected computer resources are provided via a network utilizing at least one Internet Protocol to the at least one client computer device by at least one server computer associated with the at least one access server upon the at least one authentication server controlling access to the at least the portion of the protected computer resources. 21. The method of claim 1, wherein the authorization function is performed by another server associated with the at least one authentication server. 22. A method for controlling access, by at least one authentication server, to protected computer resources provided via an Internet Protocol network, the method comprising: receiving, at the at least one authentication server from at least one access server, identity data associated with the at least one access server;comparing, by the at least one authentication server, the identity data associated with the at least one access server to identity data stored in a database associated with the at least one authentication server;receiving, at the at least one authentication server from the at least one access server, identity data associated with at least one client computer device;comparing, by the at least one authentication server, the identity data associated with the at least one client computer device to identity data stored in another database associated with the at least one authentication server;sending, by the at least one access server to the at least one client computer device, a challenge;receiving, at the at least one access server, a response from the at least one client computer device;comparing, at the at least one access server, the challenge and the response;receiving, by at least one server associated with the at least one authentication server, a request for the protected computer resources from the at least one client computer device;authorizing, by one of the at least one server associated with the at least one authentication server and another at least one server associated with the at least one authentication server, the at least one client computer device to receive at least a portion of the protected computer resources requested by the at least one client computer device based on data associated with the protected computer resources stored in at least one database associated with one of the at least one server associated with the at least one authentication server and the another at least one server associated with the at least one authentication server; andcontrolling access, by one of the at least one server associated with the at least one authentication server, the another at least one server associated with the at least one authentication server, and yet another at least one server associated with the at least one authentication server, to the at least a portion of the protected computer resources upon successfully comparing the identity data associated with the at least one client computer device and the identity data stored in the another database associated with the at least one authentication server, and upon successful authorization of the at least one client computer device. 23. The method of claim 22, further comprising deriving the identity data associated with the at least one client computer device from one of an external device and an external object connected to the at least one client computer device. 24. The method of claim 22, further comprising deriving the identity data associated with the at least one client computer device from one of an external device and an external object inserted into a reader. 25. The method of claim 23, wherein the one of an external device and an external object is a subscriber identity module. 26. The method of claim 22, wherein at least one of the functions of the at least one authentication server is performed by another server associated with the at least one authentication server. 27. The method of claim 22, further comprising assigning one of a plurality of authorization levels to the at least a portion of the protected computer resources, assigning a particular authorization level to the identity data associated with the at least one client computer device, and only controlling access to particular protected computer resources by the at least one client computer device controlled by the particular authorization level. 28. The method of claim 22, wherein the Internet Protocol network comprises the Internet. 29. The method of claim 22, further comprising generating the identity data associated with the at least one client computer device from at least one internal hardware component of the at least one client computer device. 30. The method of claim 22, wherein the identity data associated with the at least one client computer device is unique to the at least one client computer device. 31. The method of claim 22, further comprising providing, by at least one of a plurality of multiple servers associated with the at least one access server, the at least the portion of the requested protected computer resources to the at least one client computer device upon the at least one authentication server controlling access to the at least the portion of protected computer resources. 32. The method of claim 22, wherein the at least one client computer device is adapted to authenticate the at least one access server. 33. The method of claim 22, wherein one of the at least one server associated with the at least one authentication server, the another at least one server associated with the at least one authentication server, and the yet another at least one server associated with the at least one authentication server is adapted to assign one of a plurality of authorization levels to the at least a portion of the protected computer resources, is adapted to assign a particular authorization level to the identity data associated with the at least one client computer device, and is adapted to only control access to particular protected computer resources by the at least one client computer device controlled by the particular authorization level. 34. The method of claim 22, further comprising assigning, by one of the at least one server associated with the at least one authentication server, the another at least one server associated with the at least one authentication server, and the yet another at least one server associated with the at least one authentication server, one of a plurality of authorization levels to the at least a portion of the protected computer resources, and a particular authorization level to the identity data associated with the at least one client computer device, and only controlling access, by one of the at least one server associated with the authentication server, the another at least one server associated with the at least one authentication server, and the yet another at least one server associated with the at least one authentication server, to particular protected computer resources by the at least one client computer device according to the particular authorization level. 35. The method of claim 22, wherein at least one of the at least one access server and a server associated with the at least one authentication server is adapted to acquire, for billing purposes, usage data of the at least a portion of the protected computer resources provided to the at least one client computer device. 36. The method of claim 22, wherein the at least one access server is adapted to receive the identity data associated with the at least one client computer device via a network utilizing at least one Internet Protocol. 37. The method of claim 22, wherein the at least the portion of the protected computer resources are provided via a network utilizing at least one Internet Protocol to the at least one client computer device by at least one server computer associated with the at least one access server upon the at least one authentication server controlling access to the at least the portion of the protected computer resources. 38. The method of claim 22 wherein the authorization function is performed by another server associated with the at least one authentication server. 39. A method for controlling access, by at least one authentication server, to protected computer resources provided via an Internet Protocol network, the method comprising: receiving, at the at least one authentication server from at least one access server, identity data associated with the at least one access server;comparing, by the at least one authentication server, the identity data associated with the at least one access server to identity data stored in a database associated with the at least one authentication server;receiving, at the at least one authentication server from the at least one access server, identity data associated with at least one client computer device;comparing, by the at least one authentication server, the identity data associated with the at least one client computer device to identity data stored in another database associated with the at least one authentication server;sending, by the at least one access server to the at least one client computer device, a challenge;receiving, at the at least one access server, a response from the at least one client computer device;comparing, at the at least one access server, the challenge and the response;receiving, by at least one server associated with the at least one authentication server, a request for the protected computer resources from the at least one client computer device;authorizing, by the at least one server associated with the at least one authentication server, the at least one client computer device to receive at least a portion of the protected computer resources requested by the at least one client computer device; andcontrolling access, by the at least one server associated with the at least one authentication server, to the at least a portion of the protected computer resources upon successfully comparing the identity data associated with the at least one client computer device and the identity data stored in the database associated with the at least one authentication server, and upon successful authorization of the at least one client computer device. 40. The method of claim 39, wherein the authorizing is based on data associated with the protected computer resources stored in at least one database associated with the at least one server associated with the at least one authentication server. 41. The method of claim 39, further comprising assigning one of a plurality of authorization levels to the at least a portion of the protected computer resources, assigning a particular authorization level to the identity data associated with the at least one client computer device, and only controlling access to particular protected computer resources by the at least one client computer device controlled by the particular authorization level. 42. The method of claim 39, wherein the at least one client computer device is adapted to authenticate the at least one access server. 43. A method for controlling access, by at least one authentication server, to protected computer resources provided via an Internet Protocol network, the method comprising: receiving, at the at least one authentication server from at least one access server, identity data associated with at least one client computer device;comparing, by the at least one authentication server, the identity data associated with the at least one client computer device to identity data stored in a database associated with the at least one authentication server;sending, by the at least one access server to the at least one client computer device, a challenge;receiving, at the at least one access server, a response from the at least one client computer device;comparing, at the at least one access server, the challenge and the response;receiving, by at least one server associated with the at least one authentication server, a request for the protected computer resources from the at least one client computer device;authorizing, by the at least one server associated with the at least one authentication server, the at least one client computer device to receive at least a portion of the protected computer resources requested by the at least one client computer device; andcontrolling access, by the at least one server associated with the at least one authentication server, to the at least a portion of the protected computer resources upon successful comparison of the identity data associated with the at least one client computer device and the identity data stored in the database associated with the at least one authentication server, and upon successful authorization of the at least one client computer device. 44. The method of claim 43, wherein the identity data associated with the at least one client computer device is derived from a subscriber identity module. 45. The method of claim 43, wherein the identity data associated with the at least one client computer device is derived from at least one internal hardware component of the at least one client computer device. 46. The method of claim 43, further comprising receiving, at the at least one server associated with the at least one authentication server, the identity data associated with the at least one client computer device that is derived from a subscriber identity module. 47. The method of claim 43, further comprising comparing, at the at least one server associated with the at least one authentication server, at least a portion of the identity data associated with the at least one client computer device to a number stored in a database associated with the at least one server associated with the at least one authentication server, the number comprising a portion of at least one cellular phone number. 48. The method of claim 43, wherein the at least one client computer device is adapted to authenticate the at least one access server. 49. The method of claim 43 wherein the authorizing is performed by another server associated with the at least one authentication server. 50. The method of claim 43, wherein the controlling access is performed by another server associated with the at least one authentication server. 51. The method of claim 43, wherein the controlling access is performed by another server associated with the at least one server associated the at least one authentication server. 52. The method of claim 43, wherein at least one of the functions of the at least one authentication server is performed by another server associated with the at least one authentication server. 53. The method of claim 43, wherein at least one of the functions of the at least one access server is performed by another server associated with the at least one access server. 54. The method of claim 43, further comprising assigning one of a plurality of authorization levels to the at least a portion of the protected computer resources, assigning a particular authorization level to the identity data associated with the at least one client computer device, and only controlling access to particular protected computer resources by the at least one client computer device controlled by the particular authorization level. 55. The method of claim 43, wherein the authorizing is based on data associated with the protected computer resources stored in at least one database associated with the at least one server associated with the at least one authentication server.
Copyright KISTI. All Rights Reserved.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.