Electrical computers and digital processing systems: multicomput – Computer-to-computer session/connection establishing – Network resources access controlling
Reexamination Certificate
1999-11-09
2001-03-06
Meky, Moustafa M. (Department: 2153)
Electrical computers and digital processing systems: multicomput
Computer-to-computer session/connection establishing
Network resources access controlling
C709S203000, C709S217000, C709S218000, C709S219000
Reexamination Certificate
active
06199114
ABSTRACT:
BACKGROUND OF THE INVENTION
1. The Field of the Invention
The invention relates generally to the field of client-server computer networking. More particularly, the invention relates to a method and apparatus for providing physical security for a user account and supplying access to the environment and preferences associated with a particular user.
2. The Prior State of the Art
The number of people using the Internet and the World Wide Web (the Web) has increased substantially in recent years. Some Internet users gain access to the services of the Internet and the Web through user accounts provided by their employer or an educational institution. Others access the internet from their home computers through accounts supplied by commercial Internet access providers such as America Online™, CompuServe™ or the like. In any event, these accounts provide only a minimal amount of security against intrusion. Typical account security includes merely a username and a password, typically both chosen by the user.
One of the disadvantages of these typical Internet access accounts is the vulnerability to invasion as a result of the poor security. For example, passwords can be cracked by password crack programs employing password cracking dictionaries or by brute force password guessing programs. Further, users are sometimes tricked into disclosing their account passwords. For example, individuals purporting to be support staff for a particular online service were able to convince subscribers to reveal their passwords.
Internet access providers generally charge an hourly or monthly fee for a user account. Due, at least in part, to the cost of such an account, many people are still without access to the Internet and the Web. In fact, these costs may be incentive enough for some people to break into user accounts to gain access to the Internet services such as chat and electronic mail (e-mail). Others apparently find pleasure in gaining access to another's account.
Based on the foregoing, it is desirable to provide more security for user accounts. Specifically, it is desirable to provide a mobile mechanism of physical security. Also, it would be desirable for the host system to associate user preferences and environment with the physical security mechanism, thereby making the preferences and environment available to the user upon establishing a user session by way of the physical security device.
SUMMARY OF THE INVENTION
A method and apparatus for providing physical security for a user account and supplying access to the environment and preferences associated with a particular user are described. An internet terminal is coupled to a server system. The internet terminal determines whether or not a smart card is present, if so, the internet terminal reads identification information from a memory in the smart card and requests initiation of a user session by transmitting the identification information to a server. Otherwise, if a smart card is not present, the internet terminal requests initiation of a user session by transmitting an identifier that identifies the internet terminal. In this manner, a user that is not associated with an internet terminal may bypass the normal log-in processing of the internet terminal and request initiation of a user session with his/her smart card.
According to another aspect of the present invention an internet terminal can be configured by a server. The server receives identification information from an internet terminal. The identification information uniquely identifies a smart card from which it was read. The server locates configuration information associated with a particular user of the server based upon the identification information. After locating the configuration information, the server downloads the configuration information to the internet terminal. Advantageously, by employing the smart card, the particular user's preferences are made available to the user upon establishing a user session from another's internet terminal.
REFERENCES:
patent: 5590197 (1996-12-01), Chen et al.
patent: 5602905 (1997-02-01), Mettke
patent: 5602918 (1997-02-01), Chen et al.
patent: 5671279 (1997-09-01), Elgamal
patent: 5710887 (1998-01-01), Chelliah et al.
patent: 5719938 (1998-02-01), Haas et al.
patent: 5727156 (1998-03-01), Herr-Hoyman et al.
patent: 5729594 (1998-03-01), Klingman
patent: 5737419 (1998-04-01), Ganesan
patent: 5742845 (1998-04-01), Wagner
patent: 5748735 (1998-05-01), Ganesan
patent: 5754939 (1998-05-01), Herz et al.
patent: 5778173 (1998-07-01), Apte
patent: 5812765 (1998-09-01), Curtis
patent: 5815665 (1998-09-01), Teper et al.
patent: 5825881 (1998-10-01), Colvin, Sr.
patent: 5983273 (1999-11-01), White et al.
PC Magazine Apr. 8, 1997, pp. 10, 30.
“Consumer Systems”, downloaded from website http://www.verifone.com, 1997.
Bonnaure Patrick P.
Matheny John
Perlman Stephen G.
White Christopher M.
Meky Moustafa M.
WebTV Networks Inc.
Workman & Nydegger & Seeley
LandOfFree
Initiating a user session at an internet terminal using a... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Initiating a user session at an internet terminal using a..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Initiating a user session at an internet terminal using a... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2502173