Data processing: financial – business practice – management – or co – Business processing using cryptography – Usage protection of distributed data files
Reexamination Certificate
1998-06-01
2001-04-17
Trammell, James P. (Department: 2162)
Data processing: financial, business practice, management, or co
Business processing using cryptography
Usage protection of distributed data files
C713S152000
Reexamination Certificate
active
06219652
ABSTRACT:
FIELD OF THE INVENTION
The present invention relates to authentication of rights over a network, and specifically to a mechanism for electronically authenticating that a purchaser has a license to use certain resources.
BACKGROUND OF THE INVENTION
The use of the Internet as a sales medium is greatly increasing. If a product is in an electronic format, such as a software program, or digitized music, the entire transaction from payment to shipment of the product can be handled without human interaction through software running on the vendor's World Wide Web (Web) site. Where the product cannot be electronically downloaded, the Internet can be used as a mechanism for selection of and payment for the product. The product can then be shipped to the consumer through conventional channels.
From a consumer standpoint, purchasing a product over the Internet reduces costs associated with traveling to a merchant, and substantially reduces the amount of time it would otherwise take to purchase the product. From a vendor's standpoint, use of the Internet as a sales medium greatly reduces overhead. Leases, buildings, and furnishings necessary for a physical presence are eliminated. The fabulous success of some of the first Internet-based “virtual” stores lends credibility to the estimates of the magnitude of future Internet-based sales.
Mechanisms for purchasing goods over the Internet are well known. A vendor implements a Web site which allows a consumer, through the use of a browser, to select the desired goods. After the goods are selected, the consumer typically enters a credit card number to complete the sale. The credit card number is typically encrypted at the browser and decrypted at the vendor's Web site, to reduce or eliminate the possibility of a third party intercepting the credit card number.
Many vendors use the Internet for post-sale support as well. It is not uncommon for a purchaser of software to be directed to the vendor's Web site to download recent patches, upgrades, or to seek support. Even where the initial purchase was not consummated over the Internet, consumers are often directed to a vendor's Web site for such post-sale support. Such support can include the ability to search databases of known problems and suggested resolutions, the ability to access in-depth technical information about a product, or the ability to communicate via e-mail with a support representative, for example. Post-sale support interaction with the consumer will become an increasingly important distinguishing feature of Internet-based vendors, since such vendors frequently offer goods at nearly identical prices.
Currently, providing post-sale support can be very expensive for a vendor. Before support is provided, it is typically desirable to authenticate that the individual seeking support is a customer of the vendor. Where support requests are initiated by telephone, a customer representative typically requires the caller to provide a unique identifier, such as a serial number which accompanied the product, before support will be provided. A product serial number is also frequently required when the consumer seeks support over the Internet. One problem with using a serial number for authentication purposes is that a valid customer can share the serial number with other individuals who can then use the serial number to access the vendor's support services, even though those individuals never purchased a product. For example, after copying a bona fide purchaser's licensed software, and serial number, such individuals can use the serial number to obtain free upgrades to products which they illegally copied in the first place.
Providing support services to unauthorized users results in loss of revenue and requires larger support resources than would otherwise be required. Because vendors are not compensated for such unauthorized use of post-sale services, it will become increasingly important for Internet-based businesses to ensure that the entity seeking support is a valid customer. Ideally, the complete process from purchase of a product over the Internet to subsequent post-sale access of a vendor's Web site could be handled automatically, without human intervention, and yet in an extremely secure fashion such that unauthorized individuals cannot utilize the vendor's post-sale resources. Moreover, the ability to detect a request from an unauthorized, or unlicensed user allows the vendor to offer the user the opportunity to purchase a licensed product.
U.S. Pat. No. 5,715,314 to Payne et al. discloses a network-based sales system relating to an initial purchase of a product over a network. The system includes a buyer computer, a merchant computer and a payment computer. The buyer computer sends an access message that includes a product identifier and an access message authenticator based on a cryptographic key to the merchant computer. The merchant computer verifies that the access message authenticator was created using the cryptographic key, and then causes the product to be sent to the user.
U.S. Pat. Nos. 5,138,712; 5,553,143; 5,553,139; and 4,924,378 relate to distribution or management of software licenses during installation or execution of software on a computer. None of the references appear to disclose electronic mechanisms for authenticating customers for post-sale support.
It is apparent that a method and system that electronically and automatically validates that a requestor of a resource, such as a post-sale service, is a valid purchaser of the vendor's product would be highly beneficial, and would reduce costs associated with providing post-sale support services.
SUMMARY OF THE INVENTION
It is one object of the present invention to provide a method and system for greatly reducing costs associated with providing network-based post-sale support services.
It is another object of the present invention to provide a method and system for reducing or eliminating human involvement in granting a license to use a product.
It is yet another object of the present invention to provide a method and system for reducing human involvement in verifying the authenticity of a customer.
It is still another object of the present invention to provide a method and system for eliminating unauthorized access to a vendor's support resources.
Additional objects, advantages and novel features of the invention will be set forth in part in the description which follows, and in part will become apparent to those skilled in the art upon examination of the following or may be learned by practice of the invention. The objects and advantages of the invention may be realized and attained by means of the instrumentalities and combinations particularly pointed out in the appended claims. To achieve the foregoing and other objects and in accordance with the purpose of the present invention, a method and system are provided for authenticating a license over a network. The method includes receiving a digital certificate that includes a public key associated with a requestor, and a digital signature associated with the requestor. A license packet is generated that includes a unique serial number. A record that includes the digital certificate associated with the requestor is stored in a memory. A digital signature is generated and included in the license packet. The license packet is encrypted with the public key associated with the requestor, and the license packet is forwarded to the requestor. The requestor subsequently issues a request for a service, such as post-sale support services, the request including the digital signature associated with the requestor. The memory is accessed and the request is authenticated, and if the request is authentic, the request is fulfilled.
According to one embodiment of this invention, public/private key encryption is used to authenticate the requestor. There are two stages in the authentication process according to this invention. A first stage involves a purchaser providing certain identifying information, such as a digital cert
Carter Stephen R.
Jensen Delos C.
LaVange, Jr. Donald H.
Dinsmore & Shohl LLP
Novell Inc.
Trammell James P.
Young John Leonard
LandOfFree
Network license authentication does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Network license authentication, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Network license authentication will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2505361