WO2001054377A2 - Network server - Google Patents

Network server Download PDF

Info

Publication number
WO2001054377A2
WO2001054377A2 PCT/US2001/001840 US0101840W WO0154377A2 WO 2001054377 A2 WO2001054377 A2 WO 2001054377A2 US 0101840 W US0101840 W US 0101840W WO 0154377 A2 WO0154377 A2 WO 0154377A2
Authority
WO
WIPO (PCT)
Prior art keywords
network
server
message
secure
over
Prior art date
Application number
PCT/US2001/001840
Other languages
French (fr)
Other versions
WO2001054377A3 (en
WO2001054377A9 (en
Inventor
John C. Mcdonough
Suzanne K. Mcdonough
Erin D. O'brien
Original Assignee
Fmr Corporation
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Fmr Corporation filed Critical Fmr Corporation
Priority to CA002398783A priority Critical patent/CA2398783C/en
Publication of WO2001054377A2 publication Critical patent/WO2001054377A2/en
Publication of WO2001054377A3 publication Critical patent/WO2001054377A3/en
Publication of WO2001054377A9 publication Critical patent/WO2001054377A9/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/386Payment protocols; Details thereof using messaging services or messaging apps
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L51/00User-to-user messaging in packet-switching networks, transmitted according to store-and-forward or real-time protocols, e.g. e-mail
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L51/00User-to-user messaging in packet-switching networks, transmitted according to store-and-forward or real-time protocols, e.g. e-mail
    • H04L51/04Real-time or near real-time messaging, e.g. instant messaging [IM]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/40Network security protocols
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/16Implementing security features at a particular protocol layer
    • H04L63/168Implementing security features at a particular protocol layer above the transport layer

Definitions

  • a variety of different security techniques enable users to "scramble” (i.e., encrypt) a message before it travels over the network and "unscramble” (i.e., decrypt) the message when it finally reaches its destination.
  • a user concerned about e-mail security can install PGP (Pretty Good Privacy) encryption/decryption software.
  • PGP Pretty Good Privacy
  • PGP provides a number of tools that enable users to manage security data (e.g., keys) used by the system.
  • security systems can require a substantial investment in time or money for software installation, maintenance, and/or user training.
  • the invention features a method of handling a message sent from a sender to a recipient via a network server.
  • the method includes receiving a message from the sender over a secure network connection, determining whether the message is addressed to a recipient having an account on the network server, and forwarding the message to the recipient over an unsecured network connection if the user does not have an account on the server.
  • the secure connection may be a secure sockets layer connection.
  • the message may be sent using a type of HTTP (HyperText Transfer Protocol) such as HTTPS (HyperText Transfer Protocol Secure).
  • HTTPS HyperText Transfer Protocol Secure
  • the message may be an HTML (HyperText Markup Language) message.
  • the network may be the Internet.
  • the invention features a computer program product, disposed on a computer readable medium, for handling a message sent from a sender to a recipient via a network server.
  • the computer program includes instructions for causing a server to receive a message from the sender over a secure network connection, determine whether the message is addressed to a recipient having an account on the network server, and forward the message to the recipient over an unsecured network connection if the user does not have an account on the server.
  • the invention features a method of instant messaging between a sender and a recipient via a server.
  • the method includes establishing a first secure network connection between the server and the sender, establishing a second secure network connection between the server and the recipient, receiving an instant message from the sender over the first secure network connection, and forwarding the instant message to the recipient over the second secure network connection.
  • the invention features a computer program, disposed on a computer readable medium, for handing instant messaging between a sender and a receiver.
  • the computer program includes instructions for causing a server to establish a first secure network connection between the server and the sender, establish a second secure network connection between the server and the receiver, receive an instant message over the first secure network connection, and forward the instant message over the second secure network connection.
  • the invention features a method of providing communication between first, second, and third network user clients via a network server.
  • the method includes establishing a first secure network connection between the server and the first network user client, establishing a second secure network connection between the server and the second network user client, establishing a third secure network connection between the server and the third network user client, receiving a message over the first secure network connection, and forwarding the message over the second and third secure network connections.
  • Embodiments may include one or more of the following features.
  • the first, second, and third secure network connections may be secure sockets layer connections.
  • the first, second, and third network users may be chat room participants.
  • the invention features a computer program, disposed on a computer readable medium, for providing communication between first, second, and third network user web-browsers.
  • the computer program may include instructions for causing a server to establish a first secure network connection between the server and the first network user web-browser, establish a second secure network connection between the server and the second network user web-browser, establish a third secure network connection between the server and the third network user web-browser, receive a message over the first secure network connection, and forward the message over the second and third secure network connections.
  • the invention features a method of e-commerce between network users having respective accounts on a network server. The method includes enabling the network users to use their accounts to place electronic orders over secure network connections, determining the net debits or credits over a period of time for one or more of the network user accounts, and billing the network users having accounts determined to have a net debit.
  • Embodiments may include one or more of the following features.
  • the period of time may be a billing cycle.
  • the billing may include automatically charging a credit card associated with an account having a net debit.
  • the method may further include crediting network users determined to have a net credit.
  • the invention features a method of e-commerce. The method includes receiving information describing characteristics of one or more network vendors, defining groups of network vendors based on the received information, receiving a message identifying one or more of the defined groups, based on the identified groups, determining one or more network vendors, and enabling a user to electronically purchase an item from one of the listed network vendors.
  • Embodiments may include one or more of the following features.
  • the characteristics may include vendor size, vendor location, and vendor industry.
  • the determining may include selecting network vendors in each of the identified groups.
  • FIGS. 1 -3 are diagrams of a system for securely handling messages.
  • FIG. 4 is a flowchart of a process for securely handling messages.
  • FIG. 5 and 8 are diagrams illustrating server groups.
  • FIG. 6 is a diagram of a server.
  • FIG. 7 is a diagram illustrating a transaction.
  • FIG. 9 is a screenshot of a dialog for finding vendors.
  • FIG. 10 is a screenshot of a dialog for making an order.
  • FIG. 11 is a screenshot of a dialog for entering a user profile.
  • FIG. 12 is a screenshot of a directory of user profiles.
  • FIG. 1 shows a system 100 that enables users 102a, 102b of familiar web-browsers 104a, 104b (e.g., Microsoft's® Internet Explorer®, Netscape's® Navigator, Opera, Mozilla, and other HTTP (HyperText Transfer Protocol) clients) to securely exchange messages 106 over a network 108.
  • the system 100 takes advantage of features offered by many web-browsers to provide security with little, if any, user configuration or maintenance.
  • Messages 106 between users 102a, 102b take a two-part journey: from the source 104a to a server 110, then from the server 110 to the destination 104b.
  • Each leg features a SSL (Secure Socket Layer) connection between server 110 and web-browser 104a, 104b.
  • SSL connections handle encryption of the message 106 before it travels across the network 108 and decryption at the end of each leg.
  • SSL is a network layer protocol that currently supports 128-bit encryption for United States version browsers.
  • a type of HTTP known as HTTPS engages SSL to secure web-browser communication with a web-server.
  • HTTPS engages SSL to secure web-browser communication with a web-server.
  • the server 110 can include a Global Server ID (not shown) that enables international browsers to "step up" to more powerful SSL encryption.
  • the system 100 uses the concept of user accounts to identify message senders and recipients.
  • a user 102a can log-on to a system 100 account, for example, by navigating a browser to the server's 110 URL (Universal Resource Locator) (e.g., www.server.com) and entering a user name and password in an HTML (HyperText Markup Language) form.
  • URL Universal Resource Locator
  • HTML HyperText Markup Language
  • Accounts enable users to receive messages at different clients (e.g., at home and office computers).
  • the server 110 can establish an SSL connection with the user's browser 104a for secure transmission of the message 106.
  • the server 110 may store the message 106 in a mailbox for the intended recipient 102b.
  • the server 110 establishes an SSL connection between the server 110 and recipient's browser 104b.
  • the server 110 can present a directory of messages in the users mailbox and, in response to user selection, securely deliver the message 106.
  • Each message 106 may be encoded as HTML. This enables the message to include formatting, colors, animation, sounds, and other elements familiar to web-pages such as instructions for JavaScript, Applets, and/or ActiveX controls.
  • FIG. 1 illustrated communication between two logged-on system users 102a, 102b. Users 102a, 102b, however, usually do not remain logged-on indefinitely.
  • the server 110 may store a message 106 for some time before delivering the message 106 to the recipient.
  • the system 100 can use a variety of notification mechanisms to alert system 100 users of waiting messages 106.
  • a notification message 116 e.g., "you have secure mail”
  • the server 110 may not secure both legs of a message's trip between sender 104a and recipient 118.
  • messages sent or received by a user 107 that does not have a system account 100 may be transmitted or received using SMTP (Simple Mail Transport Protocol). While this may not provide complete "door-to- door" security for the message 106, this feature enables a user to have a single account for communication with both registered and unregistered users. That is, a system user can send mail from a single account to registered users 102a, 102b having system 100 accounts and unregistered users 107 not having system 100 accounts. Similarly, a system 100 user can tell registered and unregistered users to send mail to the same address (e.g., UserA@server.com).
  • SMTP Simple Mail Transport Protocol
  • FIG. 4 shows a process 120 a server 110 can use to provide features illustrated by FIGs. 1 to 3.
  • the server 110 can determine 130 if the intended recipient has an account with the server 110, for example, by trying to find an entry for the recipient in the account 112 database. If the recipient does not have an account, the server 110 can forward 132 the message to the recipient via an unsecured network connection (e.g., SMTP). If, however, the message 106 is destined for a system 100 member, the server 110 can store 134 the message, notify 136, 138 the user of the message's arrival, and securely deliver 142 the message after the recipient logs-on 140.
  • SMTP unsecured network connection
  • the server 110 handles messages sent and received by system users, the server 110 provides a convenient site to perform additional message processing tasks. For example, as shown in FIG. 4, the server can scan 126 received messages for viruses. Additionally, the server 110 can insert 128 advertisements into messages. For example, the server 110 can insert instructions in a message's HTML that specify a picture or URL for presentation in a browser frame. The URL may refer to a picture, banner-ad, and so forth. Such advertising can subsidize the cost of server functions. As shown in FIG. 5, different system users 102a-102e may belong to different groups 152a, 152b. As illustrated, users (e.g., 102a) may belong to more than one group. While FIG.
  • groups may be formed based on geography (e.g., by zip code, city, state, or country), interest, activity (e.g., college students of a particular university), services provided (e.g., software development), and so forth.
  • Such groups may be created by users or automatically created by the server (e.g., one for each city). Users may voluntarily join a group 152a, 152b, if allowed, or may be automatically granted membership based on user characteristics.
  • Services provided by the server 110 may be based on group membership.
  • the server may prevent secure communication between users 102d, 102b belonging to different groups 152a, 152b. This feature essentially provides a private messaging network for companies that may not want to invest time or money in maintaining a message server, security software, etc.
  • the server 110 can store data 176 for user accounts. Such data 178 can include encrypted passwords for authenticating users.
  • the server 110 may also store profiles 180. As shown, the profiles 180 can include billing, demographic information, group memberships, and other characteristics (see FIG. 11).
  • the server 110 may, optionally, make some profile information available to other system users in a searchable directory (see FIG. 12). Additionally, the profile information 180 may be used to target information (e.g., mass e-mailings) to potentially interested users.
  • the server 110 also can store messages 182 awaiting delivery. Each message may be assigned an index code. A separate area of data storage may correlate index codes with particular users. The indexing scheme permits storage of messages without identification of the message recipient and, thus, offers an additional measure of security should a hacker somehow gain access to the message database.
  • the server 110 includes software 162-174 for providing different services.
  • software may be programmed as CGI (Common Gateway Interface) scripts, Java Servlets, Server Side Java, Enterprise Java Beans, Assember, C, C++, or using other web-server programming techniques.
  • FIG. 6 shows the server software 162-174 as discrete modules, however, the software 162-174 may be a monolithic procedure or sliced-and-diced in any number of ways. Additionally, in different embodiments the server only provides a subset of features.
  • the server software includes instructions 162 for logging users onto the system. The log-on procedure 162 may authenticate users, for example, by comparing a user password with a password stored in a database 178.
  • Authentication may also include verifying user digital signatures.
  • a user can take advantage of different network services.
  • the server 110 can provide a variety of messaging services.
  • Such service can include instructions 164 for handling e-mail messages and attachments.
  • the server can also provide real-time messaging services 168, 172.
  • the system can use the scheme shown in FIG. 1 to securely receive and deliver instant messages between system users.
  • the instant messages may include HTML that instructs a receiving browser to immediately display the message in an "instant message" browser window.
  • the server 110 can use SSL connections to provide a secure chat 168 capability.
  • the chat 168 instructions enable system members in a chat room to broadcast messages to other chat room participants. That is, the system can establish a separate SSL connection to each of a potentially large number of chat room participants. Each chat room participant views the messages entered by the other chat room participants in real-time (e.g, in a chat room browser window or frame). Typically, a chat room message is annotated for display with an indication of the "speaking" party (e.g,. "John: That's right, Bob :)").
  • the security provided by the system 110 can make chat rooms a good option for internal or private business meetings.
  • the server 110 can act as a "one-stop" network communication/e-commerce store.
  • the server 110 can distribute 174 digital certificates and act as a certification authority.
  • the server 110 can include software 166 that permits system users to securely transact business with one.
  • the server 110 can store each transaction in a log 184 and may maintain member balances 185. If a user's profile 180 includes automatic billing information (e.g., a credit card number), the server 110 can automatically debit or credit a member for transactions as they occur or after the end of a billing period. Credits or debits may accrue to a group instead of a particular member. Information about members' or groups' credit worthiness may be provided 170 to other members.
  • automatic billing information e.g., a credit card number
  • FIG. 7 illustrates how the server 110 can handle transactions between members.
  • user A securely submits information describing an item for sale.
  • the server can create an HTML page for the item by parsing the submitted information.
  • an entity advertising an item for sale may create and submit their own HTML page or URL.
  • the web-pages can be made available to other system users, for example, in a web-based catalog (e.g., www.server.com/forsale.html).
  • the server can log the transaction and adjust the buyer and seller balances 192, 194. Such adjustment can occur immediately or after the end of the billing period (e.g., once a month). Periodically, system 100 users may be billed or credited based on their balances.
  • server 110 By turning the server 110 into a payment-center, many businesses can enjoy e-commerce capabilities, again, without the cost or hassle associated with maintaining an Internet server. Additionally, the costs of different sophisticated server functions may be spread over a number of different companies, reducing the financial burden of providing sophisticated network services.
  • FIG. 8 shows different groups 1 2a- 152c that can transact business using the server 110.
  • the groups 152a- 152c may overlap and may be organized using different criteria such as location, type of business, business size, and so forth. Again, this criteria may be user or system supplied.
  • a system user can interact with a browser display 200 to find different vendors and/or potential customers. For example, as shown, a user could view businesses 212 in user selected groups 210. This enables a user to quickly whittle down a potentially large number of potential vendors, for example, by limiting the search to large, local companies.
  • the user may also construct logical search expressions (e.g., vendors in industry A, but not in the Fortune 500) to search for vendors satisfying a particular criteria.
  • selecting a vendor causes the server to prepare a transaction browser screen 220.
  • the server 110 can assemble the screen 220 from different sources.
  • the server 110 can generate HTML instructions that include frames 214, 216 for displaying vendor-submitted information describing items for sale. Again, the information in these frames 214, 216 may be hosted by an entity other than the server 110.
  • the contents of frame 214 may be provided by a company's web-server instead of server 110.
  • the display 220 may also include a server hosted "total" frame that shows the amount a particular company will be debited when the transaction completes.
  • the description frames 212, 214 can notify the "total" frame of the web-page total via a hidden web-page field.
  • the screen 220 may also include a frame (not shown) for displaying other advertisements (e.g., banner ads) based on user characteristics and purchase history.
  • server duties may be distributed over a number of connected computers. Such computers may be networked behind a firewall. Services may be packaged in a variety of business plans. For example, member services may be segmented into different levels.
  • the techniques described here are not limited to any particular hardware or software configuration; they may find applicability in any computing or processing environment.
  • the techniques may be implemented in hardware or software, or a combination of the two.
  • the techniques are implemented in computer programs executing on programmable computers that each include a processor, a storage medium readable by the processor (including volatile and non-volatile memory and/or storage elements), at least one input device, and one or more output devices.
  • Program code is applied to data entered using the input device to perform the functions described and to generate output information.
  • the output information is applied to one or more output devices.
  • Each program is preferably implemented in a high level procedural or object oriented programming language to communicate with a computer system.
  • the programs can be implemented in assembly or machine language, if desired. In any case, the language may be a compiled or interpreted language.
  • Each such computer program is preferable stored on a storage medium or device (e.g., CD-ROM, hard disk or magnetic diskette) that is readable by a general or special purpose programmable computer for configuring and operating the computer when the storage medium or device is read by the computer to perform the procedures described in this document.
  • a storage medium or device e.g., CD-ROM, hard disk or magnetic diskette
  • the system may also be considered to be implemented as a computer-readable storage medium, configured with a computer program, where the storage medium so configured causes a computer to operate in a specific and predefined manner.

Abstract

Techniques for securely providing network services such as e-mail, chat, instant messaging, and e-commerce.

Description

Network Server
Background Computer networks enable widely separated users to exchange electronic messages. Many networks, such as the Internet, depend on the cooperation of differently owned network computers to pass messages along to their destination. Unfortunately, this approach can raise security concerns because each computer handling a message can, potentially, examine the message's contents.
A variety of different security techniques enable users to "scramble" (i.e., encrypt) a message before it travels over the network and "unscramble" (i.e., decrypt) the message when it finally reaches its destination. For example, a user concerned about e-mail security can install PGP (Pretty Good Privacy) encryption/decryption software. PGP provides a number of tools that enable users to manage security data (e.g., keys) used by the system. Often security systems can require a substantial investment in time or money for software installation, maintenance, and/or user training.
Summary
In general, in one aspect, the invention features a method of handling a message sent from a sender to a recipient via a network server. The method includes receiving a message from the sender over a secure network connection, determining whether the message is addressed to a recipient having an account on the network server, and forwarding the message to the recipient over an unsecured network connection if the user does not have an account on the server.
Embodiments may include one or more of the following features. The secure connection may be a secure sockets layer connection. The message may be sent using a type of HTTP (HyperText Transfer Protocol) such as HTTPS (HyperText Transfer Protocol Secure). The message may be an HTML (HyperText Markup Language) message. The network may be the Internet.
In general, in another aspect, the invention features a computer program product, disposed on a computer readable medium, for handling a message sent from a sender to a recipient via a network server. The computer program includes instructions for causing a server to receive a message from the sender over a secure network connection, determine whether the message is addressed to a recipient having an account on the network server, and forward the message to the recipient over an unsecured network connection if the user does not have an account on the server. In general, in another aspect, the invention features a method of instant messaging between a sender and a recipient via a server. The method includes establishing a first secure network connection between the server and the sender, establishing a second secure network connection between the server and the recipient, receiving an instant message from the sender over the first secure network connection, and forwarding the instant message to the recipient over the second secure network connection.
In general, in another aspect, the invention features a computer program, disposed on a computer readable medium, for handing instant messaging between a sender and a receiver. The computer program includes instructions for causing a server to establish a first secure network connection between the server and the sender, establish a second secure network connection between the server and the receiver, receive an instant message over the first secure network connection, and forward the instant message over the second secure network connection.
In general, in another aspect, the invention features a method of providing communication between first, second, and third network user clients via a network server. The method includes establishing a first secure network connection between the server and the first network user client, establishing a second secure network connection between the server and the second network user client, establishing a third secure network connection between the server and the third network user client, receiving a message over the first secure network connection, and forwarding the message over the second and third secure network connections.
Embodiments may include one or more of the following features. The first, second, and third secure network connections may be secure sockets layer connections. The first, second, and third network users may be chat room participants.
In general, in another aspect, the invention features a computer program, disposed on a computer readable medium, for providing communication between first, second, and third network user web-browsers. The computer program may include instructions for causing a server to establish a first secure network connection between the server and the first network user web-browser, establish a second secure network connection between the server and the second network user web-browser, establish a third secure network connection between the server and the third network user web-browser, receive a message over the first secure network connection, and forward the message over the second and third secure network connections. In general, in another aspect, the invention features a method of e-commerce between network users having respective accounts on a network server. The method includes enabling the network users to use their accounts to place electronic orders over secure network connections, determining the net debits or credits over a period of time for one or more of the network user accounts, and billing the network users having accounts determined to have a net debit.
Embodiments may include one or more of the following features. The period of time may be a billing cycle. The billing may include automatically charging a credit card associated with an account having a net debit. The method may further include crediting network users determined to have a net credit. In general, in another aspect, the invention features a method of e-commerce. The method includes receiving information describing characteristics of one or more network vendors, defining groups of network vendors based on the received information, receiving a message identifying one or more of the defined groups, based on the identified groups, determining one or more network vendors, and enabling a user to electronically purchase an item from one of the listed network vendors.
Embodiments may include one or more of the following features. The characteristics may include vendor size, vendor location, and vendor industry. The determining may include selecting network vendors in each of the identified groups.
Advantages of the invention will become apparent in view of the following description, including the figures, and the claims.
Brief Description of the Drawings FIGS. 1 -3 are diagrams of a system for securely handling messages.
FIG. 4 is a flowchart of a process for securely handling messages.
FIG. 5 and 8 are diagrams illustrating server groups.
FIG. 6 is a diagram of a server.
FIG. 7 is a diagram illustrating a transaction. FIG. 9 is a screenshot of a dialog for finding vendors.
FIG. 10 is a screenshot of a dialog for making an order.
FIG. 11 is a screenshot of a dialog for entering a user profile.
FIG. 12 is a screenshot of a directory of user profiles.
Detailed Description
FIG. 1 shows a system 100 that enables users 102a, 102b of familiar web-browsers 104a, 104b (e.g., Microsoft's® Internet Explorer®, Netscape's® Navigator, Opera, Mozilla, and other HTTP (HyperText Transfer Protocol) clients) to securely exchange messages 106 over a network 108. The system 100 takes advantage of features offered by many web-browsers to provide security with little, if any, user configuration or maintenance.
Messages 106 between users 102a, 102b take a two-part journey: from the source 104a to a server 110, then from the server 110 to the destination 104b. Each leg features a SSL (Secure Socket Layer) connection between server 110 and web-browser 104a, 104b. The SSL connections handle encryption of the message 106 before it travels across the network 108 and decryption at the end of each leg.
SSL is a network layer protocol that currently supports 128-bit encryption for United States version browsers. A type of HTTP known as HTTPS engages SSL to secure web-browser communication with a web-server. Though the U.S. government restricts export of ciphers that support 128-bit SSL, the server 110 can include a Global Server ID (not shown) that enables international browsers to "step up" to more powerful SSL encryption.
The system 100 uses the concept of user accounts to identify message senders and recipients. To securely send or receive messages 106, a user 102a can log-on to a system 100 account, for example, by navigating a browser to the server's 110 URL (Universal Resource Locator) (e.g., www.server.com) and entering a user name and password in an HTML (HyperText Markup Language) form. Accounts enable users to receive messages at different clients (e.g., at home and office computers). After the user has logged on and prepared a message (e.g., in a browser window text field), the server 110 can establish an SSL connection with the user's browser 104a for secure transmission of the message 106. The server 110 may store the message 106 in a mailbox for the intended recipient 102b. When the recipient 102b logs onto the system 100, the server 110 establishes an SSL connection between the server 110 and recipient's browser 104b. The server 110 can present a directory of messages in the users mailbox and, in response to user selection, securely deliver the message 106. Each message 106 may be encoded as HTML. This enables the message to include formatting, colors, animation, sounds, and other elements familiar to web-pages such as instructions for JavaScript, Applets, and/or ActiveX controls. FIG. 1 illustrated communication between two logged-on system users 102a, 102b. Users 102a, 102b, however, usually do not remain logged-on indefinitely. That is, the users may visit other web-sites or turn off their computers entirely. Thus, the server 110 may store a message 106 for some time before delivering the message 106 to the recipient. To reduce the time between message 106 transmission to the server 110 and the message's 106 ultimate delivery to the recipient, the system 100 can use a variety of notification mechanisms to alert system 100 users of waiting messages 106.
As shown in FIG. 2, the server 110 can store 112 information describing how to notify a user of messages. For example, a user may designate a pager 114, cellular device, another e-mail account, and so forth for receipt of notification messages. As shown, the server 110 transmits a notification message 116 (e.g., "you have secure mail") to a user's 102b pager 114, for example, by sending the message to a pager-forwarding web-site (e.g., www.pager.com/forward.bin? number=555-1212&message=you+have+secure+mail"). After seeing the pager 114 display of the message 116, the user 102b can log-on and securely retrieve waiting messages.
As shown in FIG. 3, the server 110 may not secure both legs of a message's trip between sender 104a and recipient 118. For example, messages sent or received by a user 107 that does not have a system account 100 may be transmitted or received using SMTP (Simple Mail Transport Protocol). While this may not provide complete "door-to- door" security for the message 106, this feature enables a user to have a single account for communication with both registered and unregistered users. That is, a system user can send mail from a single account to registered users 102a, 102b having system 100 accounts and unregistered users 107 not having system 100 accounts. Similarly, a system 100 user can tell registered and unregistered users to send mail to the same address (e.g., UserA@server.com).
FIG. 4 shows a process 120 a server 110 can use to provide features illustrated by FIGs. 1 to 3. After securely receiving a message 124 from a logged-on user 122, the server 110 can determine 130 if the intended recipient has an account with the server 110, for example, by trying to find an entry for the recipient in the account 112 database. If the recipient does not have an account, the server 110 can forward 132 the message to the recipient via an unsecured network connection (e.g., SMTP). If, however, the message 106 is destined for a system 100 member, the server 110 can store 134 the message, notify 136, 138 the user of the message's arrival, and securely deliver 142 the message after the recipient logs-on 140.
Because the server 110 handles messages sent and received by system users, the server 110 provides a convenient site to perform additional message processing tasks. For example, as shown in FIG. 4, the server can scan 126 received messages for viruses. Additionally, the server 110 can insert 128 advertisements into messages. For example, the server 110 can insert instructions in a message's HTML that specify a picture or URL for presentation in a browser frame. The URL may refer to a picture, banner-ad, and so forth. Such advertising can subsidize the cost of server functions. As shown in FIG. 5, different system users 102a-102e may belong to different groups 152a, 152b. As illustrated, users (e.g., 102a) may belong to more than one group. While FIG. 5 shov/s the users as belonging to groups for different companies, groups may be formed based on geography (e.g., by zip code, city, state, or country), interest, activity (e.g., college students of a particular university), services provided (e.g., software development), and so forth. Such groups may be created by users or automatically created by the server (e.g., one for each city). Users may voluntarily join a group 152a, 152b, if allowed, or may be automatically granted membership based on user characteristics.
Services provided by the server 110 may be based on group membership. For example, the server may prevent secure communication between users 102d, 102b belonging to different groups 152a, 152b. This feature essentially provides a private messaging network for companies that may not want to invest time or money in maintaining a message server, security software, etc.
As shown in FIG. 6, the server 110 can store data 176 for user accounts. Such data 178 can include encrypted passwords for authenticating users. The server 110 may also store profiles 180. As shown, the profiles 180 can include billing, demographic information, group memberships, and other characteristics (see FIG. 11). The server 110 may, optionally, make some profile information available to other system users in a searchable directory (see FIG. 12). Additionally, the profile information 180 may be used to target information (e.g., mass e-mailings) to potentially interested users.
The server 110 also can store messages 182 awaiting delivery. Each message may be assigned an index code. A separate area of data storage may correlate index codes with particular users. The indexing scheme permits storage of messages without identification of the message recipient and, thus, offers an additional measure of security should a hacker somehow gain access to the message database.
In addition to storing data, the server 110 includes software 162-174 for providing different services. Such software may be programmed as CGI (Common Gateway Interface) scripts, Java Servlets, Server Side Java, Enterprise Java Beans, Assember, C, C++, or using other web-server programming techniques. FIG. 6 shows the server software 162-174 as discrete modules, however, the software 162-174 may be a monolithic procedure or sliced-and-diced in any number of ways. Additionally, in different embodiments the server only provides a subset of features. As shown, the server software includes instructions 162 for logging users onto the system. The log-on procedure 162 may authenticate users, for example, by comparing a user password with a password stored in a database 178. Authentication may also include verifying user digital signatures. Once logged-on, a user can take advantage of different network services. As shown, the server 110 can provide a variety of messaging services. Such service can include instructions 164 for handling e-mail messages and attachments. In addition to e-mail, the server can also provide real-time messaging services 168, 172. For example, the system can use the scheme shown in FIG. 1 to securely receive and deliver instant messages between system users. The instant messages may include HTML that instructs a receiving browser to immediately display the message in an "instant message" browser window.
Similarly, the server 110 can use SSL connections to provide a secure chat 168 capability. The chat 168 instructions enable system members in a chat room to broadcast messages to other chat room participants. That is, the system can establish a separate SSL connection to each of a potentially large number of chat room participants. Each chat room participant views the messages entered by the other chat room participants in real-time (e.g, in a chat room browser window or frame). Typically, a chat room message is annotated for display with an indication of the "speaking" party (e.g,. "John: That's right, Bob :)"). The security provided by the system 110 can make chat rooms a good option for internal or private business meetings.
In addition to message handling, the server 110 can act as a "one-stop" network communication/e-commerce store. For example, the server 110 can distribute 174 digital certificates and act as a certification authority. Additionally, the server 110 can include software 166 that permits system users to securely transact business with one. The server 110 can store each transaction in a log 184 and may maintain member balances 185. If a user's profile 180 includes automatic billing information (e.g., a credit card number), the server 110 can automatically debit or credit a member for transactions as they occur or after the end of a billing period. Credits or debits may accrue to a group instead of a particular member. Information about members' or groups' credit worthiness may be provided 170 to other members.
FIG. 7 illustrates how the server 110 can handle transactions between members. As shown, user A securely submits information describing an item for sale. The server can create an HTML page for the item by parsing the submitted information. Alternatively, an entity advertising an item for sale may create and submit their own HTML page or URL. The web-pages can be made available to other system users, for example, in a web-based catalog (e.g., www.server.com/forsale.html).
As shown, when user B securely orders the item (see FIG. 10), the server can log the transaction and adjust the buyer and seller balances 192, 194. Such adjustment can occur immediately or after the end of the billing period (e.g., once a month). Periodically, system 100 users may be billed or credited based on their balances.
By turning the server 110 into a payment-center, many businesses can enjoy e-commerce capabilities, again, without the cost or hassle associated with maintaining an Internet server. Additionally, the costs of different sophisticated server functions may be spread over a number of different companies, reducing the financial burden of providing sophisticated network services.
In addition to providing computing resources for e-commerce, the system can help buyers and sellers find each other. FIG. 8 shows different groups 1 2a- 152c that can transact business using the server 110. As shown, the groups 152a- 152c may overlap and may be organized using different criteria such as location, type of business, business size, and so forth. Again, this criteria may be user or system supplied.
As shown in FIG. 9, a system user can interact with a browser display 200 to find different vendors and/or potential customers. For example, as shown, a user could view businesses 212 in user selected groups 210. This enables a user to quickly whittle down a potentially large number of potential vendors, for example, by limiting the search to large, local companies. The user may also construct logical search expressions (e.g., vendors in industry A, but not in the Fortune 500) to search for vendors satisfying a particular criteria. As shown in FIG. 10, selecting a vendor causes the server to prepare a transaction browser screen 220. The server 110 can assemble the screen 220 from different sources. For example, the server 110 can generate HTML instructions that include frames 214, 216 for displaying vendor-submitted information describing items for sale. Again, the information in these frames 214, 216 may be hosted by an entity other than the server 110. For example, the contents of frame 214 may be provided by a company's web-server instead of server 110.
The display 220 may also include a server hosted "total" frame that shows the amount a particular company will be debited when the transaction completes. The description frames 212, 214 can notify the "total" frame of the web-page total via a hidden web-page field. The screen 220 may also include a frame (not shown) for displaying other advertisements (e.g., banner ads) based on user characteristics and purchase history. Embodiments While the description above referred to "a server", server duties may be distributed over a number of connected computers. Such computers may be networked behind a firewall. Services may be packaged in a variety of business plans. For example, member services may be segmented into different levels. That is, members willing to have advertisements automatically appended to their messages may be able to enjoy server service for free. Additionally, members may pay for different amounts of space for message storage. The techniques described here are not limited to any particular hardware or software configuration; they may find applicability in any computing or processing environment. The techniques may be implemented in hardware or software, or a combination of the two. Preferably, the techniques are implemented in computer programs executing on programmable computers that each include a processor, a storage medium readable by the processor (including volatile and non-volatile memory and/or storage elements), at least one input device, and one or more output devices. Program code is applied to data entered using the input device to perform the functions described and to generate output information. The output information is applied to one or more output devices. Each program is preferably implemented in a high level procedural or object oriented programming language to communicate with a computer system. However, the programs can be implemented in assembly or machine language, if desired. In any case, the language may be a compiled or interpreted language.
Each such computer program is preferable stored on a storage medium or device (e.g., CD-ROM, hard disk or magnetic diskette) that is readable by a general or special purpose programmable computer for configuring and operating the computer when the storage medium or device is read by the computer to perform the procedures described in this document. The system may also be considered to be implemented as a computer-readable storage medium, configured with a computer program, where the storage medium so configured causes a computer to operate in a specific and predefined manner.
Other embodiments are within the scope of the following claims.
What is claimed is:

Claims

1. A method of handling a message sent from a sender to a recipient via a network server, the method comprising receiving a message from the sender over a secure network connection; determining whether the message is addressed to a recipient having an account on the network server; forwarding the message to the recipient over an unsecured network connection if the user does not have an account on the server.
2. The method of claim 1, wherein the secure connection comprises a connection that encrypts the message prior to transmission over the network.
3. The method of claim 2, wherein the secure connection comprises a secure sockets layer connection.
4. The method of claim 1, wherein receiving the message comprises receiving the message via a type of HTTP (HyperText Transfer Protocol).
5. The method of claim 4, wherein the type of HTTP comprises HTTPS (HyperText Transfer Protocol Secure).
6. The method of claim 4, wherein the receiving the message via a type of HTTP comprises receiving the message from a web-browser.
7. The method of claim 1, wherein the message comprises an HTML (HyperText
Markup Language) message.
8. The method of claim 1, wherein the network comprises the Internet.
9. A method of handling an e-mail message sent from a sender to a recipient over a network via a network server, the method comprising: receiving an HTML (HyperText Markup Language) e-mail message over a first secure sockets layer connection with the sender, the HTML message being transmitted by the sender using a web-browser invoking HTTPS (HyperText Transfer Protocol Secure); determining whether the message is addressed to a recipient having an account on the network server; forwarding the message to the recipient over an unsecured network connection if the user does not have an account on the network server; and forwarding the message to the recipient over a second secure sockets layer connection with the recipient if the user has an account on the network server.
10. A computer program product, disposed on a computer readable medium, for handling a message sent from a sender to a recipient via a network server, the computer program comprising instructions for causing a server to: receive a message from the sender over a secure network connection; determine whether the message is addressed to a recipient having an account on the network server; and forward the message to the recipient over an unsecured network connection if the user does not have an account on the server.
11. A method of instant messaging between a sender and a recipient via a server, the method comprising: establishing a first secure network connection between the server and the sender; establishing a second secure network connection between the server and the recipient; receiving an instant message from the sender over the first secure network connection; and forwarding the instant message to the recipient over the second secure network connection.
12. The method of claim 11, wherein the instant message comprises an HTML (HyperText Markup Language) message.
13. The method of claim 11, wherein the first and second secure network connections comprise connections that encrypt the message prior to transmission over the network.
14. The method of claim 13, wherein the first and second secure network connections comprise secure sockets layer connections.
15. The method of claim 11 , wherein the sender and recipient comprise web-browsers.
16. A computer program, disposed on a computer readable medium, for handing instant messaging between a sender and a receiver, the computer program including instructions for causing a server to: establish a first secure network connection between the server and the sender; establish a second secure network connection between the server and the receiver; receive an instant message over the first secure network connection; and forward the instant message over the second secure network connection.
17. A method of providing communication between first, second, and third network user clients via a network server, the method comprising: establishing a first secure network connection between the server and the first network user client; establishing a second secure network connection between the server and the second network user client; establishing a third secure network connection between the server and the third network user client; receiving a message over the first secure network connection; and forwarding the message over the second and third secure network connections.
18. The method of claim 17, wherein the first, second, and third secure network connections comprise secure sockets layer connections.
19. The method of claim 17, wherein the first, second, and third network users comprise chat room participants.
20. The method of claim 17, wherein the first, second, and third network user clients comprise web-browsers.
21. A computer program, disposed on a computer readable medium, for providing communication between first, second, and third network user web-browsers, the computer program including instructions for causing a server to: establish a first secure network connection between the server and the first network user web-browser; establish a second secure network connection between the server and the second network user web-browser; establish a third secure network connection between the server and the third network user web-browser; receive a message over the first secure network connection; and forward the message over the second and third secure network connections.
22. A method of e-commerce between network users having respective accounts on a network server, the method comprising: enabling the network users to use their accounts to place electronic orders over secure network connections; determining the net debits or credits over a period of time for one or more of the network user accounts; and billing the network users having accounts determined to have a net debit.
23. The method of claim 22, wherein the period of time comprises a billing cycle.
24. The method of claim 22, wherein the billing comprises automatically charging a credit card associated with an account having a net debit.
25. The method of claim 22, further comprises crediting network users determined to have a net credit.
26. The method of claim 25, wherein crediting comprises automatically crediting a credit card associated with an account having a net credit.
27. A method of e-commerce, the method comprising: receiving information describing characteristics of one or more network vendors; defining groups of network vendors based on the received information; receiving a message identifying one or more of the defined groups; based on the identified groups, determining one or more network vendors; and enabling a user to electronically purchase an item from one of the listed network vendors.
28. The method of claim 27, wherein the characteristics comprise at least one of the following: vendor size, vendor location, and vendor industry.
29. The method of claim 27, wherein determining comprises selecting network vendors in each of the identified groups.
30. The method of claim 27, further comprising receiving information describing a logical expression using the defined groups; and wherein determining comprises selecting network vendors that satisfy the logical expression.
31. One or more computer programs, disposed on a computer readable medium, for execution on a web-server, the method comprising instructions for causing the web-server to:
(a) handle an e-mail message sent over a secure Internet connection from a sender's web-browser by (1) determining whether the message is addressed to a recipient having an account on the network server;
(2) forwarding the message to the recipient over an unsecured Internet connection if the user does not have an account on the server; and
(3) forwarding the message to the recipient over a secure Internet connection if the user has an account on the server; and
(b) handle a instant message between an instant message sender and an instant message recipient by
(1) establishing a first secure network connection between the server and the instant message sender; (2) establishing a second secure network connection between the server and the instant message recipient; and
(3) receiving an instant message over the first secure network connection; and (4) forwarding the instant message over the second secure network connection;
(c) enable network users to find network vendors by
(1) receiving information describing characteristics of one or more network vendors;
(2) defining groups of network vendors based on the received information;
(3) receiving a message identifying one or more of the defined groups;
(4) based on the identified groups, determining one or more network vendors; and (5) enabling a user to electronically purchase an item from one of the listed network vendors; and
(c) handle e-commerce by network users having respective accounts on a network server by
(1) enabling network users to use their accounts to place electronic orders with network vendors over secure network connections;
(2) determining the net debit or credit for a period of time for one or more of the network users; and
(3) billing the network users determined to have a net debit.
PCT/US2001/001840 2000-01-19 2001-01-19 Network server WO2001054377A2 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CA002398783A CA2398783C (en) 2000-01-19 2001-01-19 Network server

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US09/487,958 US6714982B1 (en) 2000-01-19 2000-01-19 Message passing over secure connections using a network server
US09/487,958 2000-01-19

Publications (3)

Publication Number Publication Date
WO2001054377A2 true WO2001054377A2 (en) 2001-07-26
WO2001054377A3 WO2001054377A3 (en) 2002-02-14
WO2001054377A9 WO2001054377A9 (en) 2002-10-31

Family

ID=23937799

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2001/001840 WO2001054377A2 (en) 2000-01-19 2001-01-19 Network server

Country Status (3)

Country Link
US (1) US6714982B1 (en)
CA (1) CA2398783C (en)
WO (1) WO2001054377A2 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2004045144A1 (en) 2002-11-06 2004-05-27 Imlogic, Inc. System and method for add-on services, secondary authentication, authorization and/or secure communication for dialog based protocols and systems

Families Citing this family (46)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8793374B2 (en) 1999-12-02 2014-07-29 Western Digital Technologies, Inc. Managed peer-to-peer applications, systems and methods for distributed data access and storage
WO2001040887A1 (en) * 1999-12-02 2001-06-07 Senvid, Inc. Method, system and service model for remote recording of television programs
US8688797B2 (en) * 1999-12-02 2014-04-01 Western Digital Technologies, Inc. Managed peer-to-peer applications, systems and methods for distributed data access and storage
US7120692B2 (en) 1999-12-02 2006-10-10 Senvid, Inc. Access and control system for network-enabled devices
US6651086B1 (en) * 2000-02-22 2003-11-18 Yahoo! Inc. Systems and methods for matching participants to a conversation
US7571234B2 (en) 2000-06-08 2009-08-04 Aol Llc Authentication of electronic data
US7076653B1 (en) * 2000-06-27 2006-07-11 Intel Corporation System and method for supporting multiple encryption or authentication schemes over a connection on a network
US7441270B1 (en) * 2000-07-06 2008-10-21 Intel Corporation Connectivity in the presence of barriers
US7251695B2 (en) * 2000-08-17 2007-07-31 Aspen Technology, Inc. Computer network communication method and apparatus
US7194759B1 (en) * 2000-09-15 2007-03-20 International Business Machines Corporation Used trusted co-servers to enhance security of web interaction
US7519667B1 (en) * 2001-04-23 2009-04-14 Microsoft Corporation Method and system for integrating instant messaging, streaming audio and audio playback
US7325249B2 (en) 2001-04-30 2008-01-29 Aol Llc Identifying unwanted electronic messages
US20020178365A1 (en) * 2001-05-24 2002-11-28 Shingo Yamaguchi Method and system for controlling access to network resources based on connection security
EP1282087A1 (en) * 2001-08-02 2003-02-05 Alcatel Method for executing electronic money transactions between terminals of participants in a communication network; associated transaction server and program module
US20030204741A1 (en) * 2002-04-26 2003-10-30 Isadore Schoen Secure PKI proxy and method for instant messaging clients
AUPS281802A0 (en) * 2002-06-06 2002-06-27 Arc-E-Mail Ltd A storage process and system
US20040216139A1 (en) * 2002-08-21 2004-10-28 Rhoda Merlin A. System controlling test/measurement devices on a network using markup language documents and methods thereof
US7412481B2 (en) 2002-09-16 2008-08-12 Oracle International Corporation Method and apparatus for distributed rule evaluation in a near real-time business intelligence system
US8165993B2 (en) * 2002-09-06 2012-04-24 Oracle International Corporation Business intelligence system with interface that provides for immediate user action
US8255454B2 (en) * 2002-09-06 2012-08-28 Oracle International Corporation Method and apparatus for a multiplexed active data window in a near real-time business intelligence system
US7945846B2 (en) * 2002-09-06 2011-05-17 Oracle International Corporation Application-specific personalization for data display
US7899879B2 (en) * 2002-09-06 2011-03-01 Oracle International Corporation Method and apparatus for a report cache in a near real-time business intelligence system
US7941542B2 (en) * 2002-09-06 2011-05-10 Oracle International Corporation Methods and apparatus for maintaining application execution over an intermittent network connection
US7912899B2 (en) * 2002-09-06 2011-03-22 Oracle International Corporation Method for selectively sending a notification to an instant messaging device
US7401158B2 (en) * 2002-09-16 2008-07-15 Oracle International Corporation Apparatus and method for instant messaging collaboration
US7668917B2 (en) * 2002-09-16 2010-02-23 Oracle International Corporation Method and apparatus for ensuring accountability in the examination of a set of data elements by a user
US7908324B2 (en) * 2002-10-02 2011-03-15 Disney Enterprises, Inc. Multi-user interactive communication network environment
US7904823B2 (en) * 2003-03-17 2011-03-08 Oracle International Corporation Transparent windows methods and apparatus therefor
US7590695B2 (en) 2003-05-09 2009-09-15 Aol Llc Managing electronic messages
US7739602B2 (en) 2003-06-24 2010-06-15 Aol Inc. System and method for community centric resource sharing based on a publishing subscription model
US7519559B1 (en) 2003-10-30 2009-04-14 Aol Llc Messaging stamp authority
US7742581B2 (en) 2004-11-24 2010-06-22 Value-Added Communications, Inc. Electronic messaging exchange
US9876915B2 (en) 2005-01-28 2018-01-23 Value-Added Communications, Inc. Message exchange
US9282188B2 (en) 2005-01-28 2016-03-08 Value-Added Communications, Inc. Voice message exchange
US20060248575A1 (en) * 2005-05-02 2006-11-02 Zachary Levow Divided encryption connections to provide network traffic security
US20070016641A1 (en) * 2005-07-12 2007-01-18 International Business Machines Corporation Identifying and blocking instant message spam
US8015404B2 (en) * 2005-09-16 2011-09-06 Gm Global Technology Operations, Llc System and method for collecting traffic data using probe vehicles
CA2590387A1 (en) * 2007-05-29 2008-11-29 Sal Khan A system and method for creating a virtual private network (vpn) over a computer network using multi-layered permissions-based access control
US20100037050A1 (en) * 2008-08-06 2010-02-11 Cuneyt Karul Method and apparatus for an encrypted message exchange
US9621714B2 (en) 2009-01-27 2017-04-11 Value-Added Communications, Inc. System and method for electronic notification in institutional communication
US20120023158A1 (en) * 2009-04-14 2012-01-26 Ashwin Kashyap Method for secure transfer of multiple small messages
US20110022540A1 (en) * 2009-07-23 2011-01-27 Fmr Llc Location-Based Address Determination and Real Estate Valuation
US20110022312A1 (en) * 2009-07-23 2011-01-27 Fmr Llc Generating and Tracking Activity Patterns for Mobile Devices
CA2718696C (en) 2010-06-08 2018-06-12 Merge Healthcare, Inc. Remote control of medical devices using instant messaging infrastructure
US9124419B2 (en) * 2012-05-08 2015-09-01 Discretix Technologies Ltd. Method, device, and system of secure entry and handling of passwords
US10749827B2 (en) 2017-05-11 2020-08-18 Global Tel*Link Corporation System and method for inmate notification and training in a controlled environment facility

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO1998005011A2 (en) * 1996-07-31 1998-02-05 Verifone, Inc. A system, method and article of manufacture for secure, stored value transactions over an open communication network utilizing an extensible, flexible architecture
US5790790A (en) * 1996-10-24 1998-08-04 Tumbleweed Software Corporation Electronic document delivery system in which notification of said electronic document is sent to a recipient thereof
WO1999040527A1 (en) * 1998-02-05 1999-08-12 A Pty. Ltd. System for handling electronic mail
WO2000002348A2 (en) * 1998-07-02 2000-01-13 Mail.Com, Inc. Secure web-based mail

Family Cites Families (24)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6742022B1 (en) 1995-12-11 2004-05-25 Openwave Systems Inc. Centralized service management system for two-way interactive communication devices in data networks
US5987517A (en) 1996-03-27 1999-11-16 Microsoft Corporation System having a library of protocol independent reentrant network interface functions for providing common calling interface for communication and application protocols
US5848161A (en) * 1996-05-16 1998-12-08 Luneau; Greg Method for providing secured commerical transactions via a networked communications system
US5862339A (en) * 1996-07-09 1999-01-19 Webtv Networks, Inc. Client connects to an internet access provider using algorithm downloaded from a central server based upon client's desired criteria after disconnected from the server
EP0869657A4 (en) 1996-10-23 1998-11-25 Citizen Watch Co Ltd Document/image data reader
US5978140A (en) 1996-10-24 1999-11-02 Asahi Kogaku Kogyo Kabushiki Kaisha Method for designing diffractive lenses
US5778174A (en) * 1996-12-10 1998-07-07 U S West, Inc. Method and system for providing secured access to a server connected to a private computer network
US5915087A (en) * 1996-12-12 1999-06-22 Secure Computing Corporation Transparent security proxy for unreliable message exchange protocols
US5896499A (en) * 1997-02-21 1999-04-20 International Business Machines Corporation Embedded security processor
US5922074A (en) 1997-02-28 1999-07-13 Xcert Software, Inc. Method of and apparatus for providing secure distributed directory services and public key infrastructure
US5884312A (en) 1997-02-28 1999-03-16 Electronic Data Systems Corporation System and method for securely accessing information from disparate data sources through a network
US6275941B1 (en) * 1997-03-28 2001-08-14 Hiatchi, Ltd. Security management method for network system
EP1021917A4 (en) * 1997-03-31 2002-05-15 Broadband Associates Method and system for providing a presentation on a network
US6014688A (en) 1997-04-25 2000-01-11 Postx Corporation E-mail program capable of transmitting, opening and presenting a container having digital content using embedded executable software
US5805803A (en) * 1997-05-13 1998-09-08 Digital Equipment Corporation Secure web tunnel
JPH1115759A (en) 1997-06-16 1999-01-22 Digital Equip Corp <Dec> Full text index type mail preserving device
US6185551B1 (en) 1997-06-16 2001-02-06 Digital Equipment Corporation Web-based electronic mail service apparatus and method using full text and label indexing
US5935212A (en) 1997-08-07 1999-08-10 I-Planet, Inc. Connection-oriented session emulation
EP0907120A3 (en) 1997-10-02 2004-03-24 Tumbleweed Software Corporation Method amd apparatus for delivering documents over an electronic network
US6233577B1 (en) 1998-02-17 2001-05-15 Phone.Com, Inc. Centralized certificate management system for two-way interactive communication devices in data networks
US6138158A (en) 1998-04-30 2000-10-24 Phone.Com, Inc. Method and system for pushing and pulling data using wideband and narrowband transport systems
US6477647B1 (en) 1999-02-08 2002-11-05 Postx Corporation System and method for providing trade confirmations
US6081900A (en) * 1999-03-16 2000-06-27 Novell, Inc. Secure intranet access
US6643701B1 (en) * 1999-11-17 2003-11-04 Sun Microsystems, Inc. Method and apparatus for providing secure communication with a relay in a network

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO1998005011A2 (en) * 1996-07-31 1998-02-05 Verifone, Inc. A system, method and article of manufacture for secure, stored value transactions over an open communication network utilizing an extensible, flexible architecture
US5790790A (en) * 1996-10-24 1998-08-04 Tumbleweed Software Corporation Electronic document delivery system in which notification of said electronic document is sent to a recipient thereof
WO1999040527A1 (en) * 1998-02-05 1999-08-12 A Pty. Ltd. System for handling electronic mail
WO2000002348A2 (en) * 1998-07-02 2000-01-13 Mail.Com, Inc. Secure web-based mail

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2004045144A1 (en) 2002-11-06 2004-05-27 Imlogic, Inc. System and method for add-on services, secondary authentication, authorization and/or secure communication for dialog based protocols and systems
US7475240B2 (en) 2002-11-06 2009-01-06 Symantec Corporation System and method for add-on services, secondary authentication, authorization and/or secure communication for dialog based protocols and systems
US7971060B2 (en) 2002-11-06 2011-06-28 Symantec Corporation System and method for add-on services, secondary authentication, authorization and/or secure communication for dialog based protocols and systems

Also Published As

Publication number Publication date
CA2398783C (en) 2009-04-07
WO2001054377A3 (en) 2002-02-14
WO2001054377A9 (en) 2002-10-31
US6714982B1 (en) 2004-03-30
CA2398783A1 (en) 2001-07-26

Similar Documents

Publication Publication Date Title
CA2398783C (en) Network server
US7240212B2 (en) Method and system for secure alert messaging
US6954799B2 (en) Method and apparatus for integrating distributed shared services system
US10454907B2 (en) Tiered key communication system and method in support of controlled vendor message processing
US7120927B1 (en) System and method for e-mail alias registration
US6684248B1 (en) Method of transferring data from a sender to a recipient during which a unique account for the recipient is automatically created if the account does not previously exist
US6463418B1 (en) Secure and stateful electronic business transaction system
US7774719B2 (en) System and method for conducting online visual identification of a person
US7469340B2 (en) Selective encryption of electronic messages and data
US20090077649A1 (en) Secure messaging system and method
US20020120581A1 (en) Reply based electronic mail transactions
EP1449130A2 (en) Methods and apparatus for the interoperablility and manipulation of data in a computer network
WO2002073364A2 (en) System and method for providing secure transactions
US20060015619A1 (en) Access and synchronization with enterprise applications using remote hosted solution
CA2347834A1 (en) Secure messaging system and method
US20040030916A1 (en) Preemptive and interactive data solicitation for electronic messaging
US20070050371A1 (en) Interacting with an online database through a variety of communications media
US8762529B1 (en) Household registration, customer residency and identity verification in a mail service
WO2000046952A1 (en) Method for sending secure email via standard browser
JP4429489B2 (en) Multiple auction management method and system using network
Houser et al. EDI Meets the Internet Frequently Asked Questions about Electronic Data Interchange (EDI) on the Internet
US20070136426A1 (en) Process of Decentralized Distribution of E-mail Messages
Houser et al. RFC1865: EDI Meets the Internet Frequently Asked Questions about Electronic Data Interchange (EDI) on the Internet
WO2002013484A1 (en) Data exchange system for e-commerce
Mapeka An incremental approach to a secure e-commerce environment

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A2

Designated state(s): CA IN JP RU US

AL Designated countries for regional patents

Kind code of ref document: A2

Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR

121 Ep: the epo has been informed by wipo that ep was designated in this application
DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
AK Designated states

Kind code of ref document: A3

Designated state(s): CA IN JP RU US

AL Designated countries for regional patents

Kind code of ref document: A3

Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR

WWE Wipo information: entry into national phase

Ref document number: 2398783

Country of ref document: CA

AK Designated states

Kind code of ref document: C2

Designated state(s): CA IN JP RU US

AL Designated countries for regional patents

Kind code of ref document: C2

Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR

COP Corrected version of pamphlet

Free format text: PAGES 1/12-12/12, DRAWINGS, REPLACED BY NEW PAGES 1/12-12/12; DUE TO LATE TRANSMITTAL BY THE RECEIVING OFFICE

122 Ep: pct application non-entry in european phase
NENP Non-entry into the national phase

Ref country code: JP