Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Protection at a particular protocol layer
Reexamination Certificate
1998-12-23
2003-05-13
Wright, Norman M. (Department: 2134)
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Protection at a particular protocol layer
C380S029000
Reexamination Certificate
active
06564327
ABSTRACT:
FIELD OF THE INVENTION
The present invention relates generally to computer networks, and more particularly to a method of and system for controlling access to the Internet or the world wide web by providing a filtering proxy server that accesses a policy provider for judgments as to the suitability of a particular resource for a particular user.
DESCRIPTION OF THE PRIOR ART
The Internet and the world wide web have experienced explosive growth. Everyday, more content is added to the Internet and more users gain access to the Internet. The Internet enables more people to gain access to more information more quickly than ever before.
Almost everyone sees the tremendous educational, research, and entertainment value of the Internet. Children and other inquisitive people can explore new areas in ways that were not possible before. Similarly, employees and business professionals can explore industry trends, obtain information on competitors and their products, and generally expand their knowledge base. Accordingly, a substantial number of parents, educators, and business leaders provide Internet access to their children, students and employees and encourage them to use the Internet.
For all the information on the Internet that most people consider to be good and valuable, there is a substantial amount of information that some people find objectionable and or inappropriate. Many sites contain adult material such as nudity, violence, and intolerance all disclosed in various degrees of explicitness. While it is unlikely that anyone would want to prevent entirely their child or student from accessing information on the Internet, it is equally unlikely that anyone would want a young child to access scenes of explicit vulgarity or sites advocating violent or hateful action toward members of various groups. Less controversially, while there is nothing objectionable about Internet versions of mainstream newspapers and magazines, most businesses would prefer their employees not to spend their working time reading sports reports and or comics.
Presently, the on-line services market is divided into quite separate camps. On one side are the on-line environments such as AMERICA ONLINE, COMPUSERVE AND PRODIGY. Initially, these services provided their own content. Accordingly, on-line environments had virtually complete control over what was available. The other side of the on-line market is occupied by access providers, which provide little more than access to the Internet without an appreciable amount of their own content. Recently, on-line environments have begun to move toward the access provider side by providing gateways to the Internet. Increasingly, customers of on-line environments are using their service to access the public Internet rather than to obtain content created by the on-line environment provider.
The controversy about limiting access to objectionable material on the Internet, and particularly the world wide web, has put the spotlight squarely on the vacuum between these two service models. On-line environments claim to be “kid-safe”, but they cannot guarantee it, especially insofar as they provide gateways to the whole Internet. Access providers try to avoid any perception that they can control the content or applications their services deliver. Instead, access providers place the burden on parents to install and configure content filtering software, which may be complex or simplistic, on their own.
The platform for content selection (PICS) provides an infrastructure for controlling access to the Internet. PICS allows Internet sites, pages, or other resources to be classified with PICS labels. Each PICS label associated with an Internet site or page classifies the site or page according to the rating specified in the label. A rating provider assigns objective values to the PICS label for a resource. PICS products filter web content according to the PICS labels.
There are a number of shortcomings in presently available PICS products and services. Primarily, current products and services fail to personalize their filtering. Today's firewalls and proxy servers filter everyone's request against a single set of criteria. Thus, currently existing products and services do not recognize the differences in maturity level and sensitivities of different members of an organizations such as a family. Furthermore, the filtering criteria are either simplistic black lists or overly complex multi-dimensional content ratings. In the black list schemes, a binary approach is used to block or not block access by everyone to a particular resource based upon a rater's judgment. Examples of multi-dimensional systems are RSACi, which describes various levels of sex, nudity, violence, and harsh language, and SafeSurf, which provides twelve themes and nine levels within each theme.
The multi-dimensional systems provide great flexibility by which parents can tailor their filtering based upon their values and their children's maturity and sensitivity. However, the multi-dimensional systems tend to be too complex for the average parent to use. Moreover, multi-dimensional systems measure content against several categories but they do not necessarily evaluate the resource as a whole.
SUMMARY OF THE INVENTION
The present invention provides a method of and system for controlling access to the Internet by members of an organization that includes at least one supervisor and at least one non-supervisor for which limited Internet access is desired. The organization may be any commercial or non-commercial organization. In one of its aspects, the organization may be a family, with the supervisor being a parent and the non-supervisor being a child. In another of its aspects the organization may be a school, with the supervisor being a teacher and the non-supervisor being a student. The organization may also be a business, with the supervisor being a manager or a system administrator and the non-supervisor being a regular employee.
The system maintains a user session identifier for each member of the organization. Each user session identifier includes an access level field, which contains an access level set for the organization member, and a supervisor field, which indicates whether or not the organization member is a supervisor. The user session identifier may also include a field that specifies whether not unrated sites or resources are to be blocked. Where the non-supervisor members of the organization are children, the access level is preferably is an age level.
When the system establishes an Internet session between a member of the organization and the Internet, the system initially sets a user session identifier for the session to a default user session identifier. The default user session identifier is the session identifier for the lowest access level member of the organization. When the member requests a resource, the system determines if the requested resource is suitable for an individual with the access level of the current user session identifier. Preferably, in the embodiment in which non-supervisory members are children, the access level is an age rating. The system determines if the access level rating for requested resource is greater than the value of the access level field of the user session identifier. If so, the system blocks the resource and presents the member with choices of logging on to the system as a specific member of the organization with a higher access level, or appealing the blocking to a supervisor.
If the member chooses to appeal the blocking, the locator for the blocked resource is placed in a list of sites awaiting supervisor review. If the member chooses to logon as a specific member of the organization, the system authenticates the logon and sets an updated user session identifier to the session identifier for the specific member of the organization. If the updated user session identifier indicates that the member is a supervisor, the system presents the supervisor with the list of sites awaiting supervisor review. If the supervisor believes that a blocked
Khare Rohit
Klensin John
WorldCom, Inc.
Wright Norman M.
LandOfFree
Method of and system for controlling internet access does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Method of and system for controlling internet access, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Method of and system for controlling internet access will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3027758