Data processing: database and file management or data structures – Database design – Data structure types
Reexamination Certificate
2002-02-15
2004-06-29
Choules, Jack (Department: 2177)
Data processing: database and file management or data structures
Database design
Data structure types
C707S793000
Reexamination Certificate
active
06757685
ABSTRACT:
TECHNICAL FIELD OF THE INVENTION
The invention relates to communication systems and more particularly to a process for executing a downloadable service receiving restrictive access rights to at least one profile file.
BACKGROUND ART
The constant progress of the Information Handling System (I.H.S.) technology and that of the communication systems, particularly with the explosion of the Internet and intranet networks, have resulted in the development of an era of information and services. With a single personal device, a user can get a connection to the Internet network, and have direct access to a wide range of information and services, including electronic business applications
Solutions were developed in the art for rendering easier the access to these huge amounts of resources and for improving the possibilities of negotiation and new services. For this purpose, agents were developed for allowing the customers to delegate some specific tasks to automatic modules in order to simplify part of the searching process.
U.S. Pat. No. 5,877,759 assigned to Netscape Communications Corp. and entitled Interface for user/agent interaction shows a first example of a user interface which provides assistance to the client user and an interface that is centred on autonomous processing of whole tasks rather than sequences of commands.
International application number WO 981472/50 assigned to IBM Corp. and entitled Apparatus and method for communicating between an intelligent agent and client computer process using disguised messages illustrates an agent for the communication with a client and which uses a selector known by both parties to generate and interpret messages and thereby to effectively disguise confidential information transmitted in the message from third parties.
International application number WO 98/43146 assigned to IBM Corp., and entitled Intelligent agent with negotiation capability and method of negotiation therewith is another example of an improvement brought to a so-called intelligent agent.
In addition to the development of agents, the use of one or more profile files located within the user's machine, is clearly a very promising field of development. A profile file is usually more easily updated since the customer feels more concerned about the information that he loads into his own profile file(s). Further this information continuously remains under his/her own control. When the customer permits it, the use of the information loaded into that or those profiles shows to be a material of the highest interest for service providers since it clearly enhances the personalization and the possibilities of negotiation with the customer. Practically, the profile files can be used by product/service providers who wish to propose an offer well tailored to the customers needs.
Unpublished European patent application n
o
0041004.6 entitled “process and apparatus for allowing transaction between an user and a remote server” by G. Brebner, filed on Jan. 21, 2000 and assigned to the Assignee of the present application, shows a profile file which is used for improving the possibilities of negotiation between a customer and a product or accessories provider. Basically, there is disclosed a process which receives an abstract request expressed by the user. The request is subject to contextual analysis for the purpose of preparing an aggregate request based on the abstract formulation of the client, which can then be completed with additional technical information which is extracted from a local profile Since the products/service providers are automatically given direct access to the internal configuration of the machine, of which the user may even not be aware, they can propose offers which are correctly tailored to the users, even when those are not versed in the field of computers.
While the use of one or more profiles substantially enhances the personalization of the access to the web, as well as the possibilities of negotiation between the customer and the service/product providers, it can be seen that the customers feel more and more concerned with the question of the privacy of their private data, and the risk of any misuse of that information.
Mechanisms have been developed for minimising the exposure of sensitive data on the Internet and particularly the highly confidential information that is contained within such profile files. Unpublished European patent application n
o
00410005.3 (HP50001003) entitled “method for a personalised access to the Internet network” by G. Brebner et al, filed on Jan. 21, 2000 and also assigned to the Assignee of the present application brings a first solution to the problem of privacy. There is disclosed a process, still based on an agent, which avoids the dissemination of the users personal data over the web. For that purpose, an agent located on the user's machine generates a Hyper Text Markup Language (HTML) page for the user and which takes into account private data contained into at least one profile file. At different predetermined intervals, the Agent module polls one or more predetermined service provider(s), and downloads a file that simultaneously contains both data representative of products or services, and rules for stating the conditions for the attribution of the data. By comparing the rules with the private data contained within said at least one profile, a local data mining process is achieved and the Agent can construct a personalised HTML page which contains an offer well tailored to the customer's needs. This can be finally displayed into the web browser of the client machine Since the HTML page is locally generated with the private data that is contained in the profile(s), and which belongs to the user, the service provider does not need to create and maintain any kind of centralised database, and the user profile remains in the user's machine.
The present invention extends the possibilities of exploitation of the profile files, which substantially increases the security of the access to the important information therein contained.
SUMMARY OF THE INVENTION
It is an object of the present invention to enhance the flexibility and the use of profile files containing highly sensitive information, while ensuring a high degree of security in respect of that information.
This object is achieved by the present invention which provides a process for executing a downloadable service within the client machine which receives very restricted access rights to the user's profile file(s).
Basically, there is provided a process which involves the step of accessing a server on the Internet or a intranet network through a web browser which is assigned a first port and socket for the communication with the web server. When the user requests the downloading of an executable service from a web server, the web browser launches confined run time environment which is assigned a second port and socket for receiving the downloadable service. The confined run time environment is arranged to provide restrictive access rights to at least one profile file(s), so that the executable service may only access the profile file(s) through the methods and access rights which are defined by the confined run time environment. This substantially minimize the risk of any misuse of the valuable information contained with the user's profile.
Preferably the confined run time environment corresponds to an extended sandbox in the context of the Java programming. The personal service is received under the form of set of data (remote information, sorting code, requested data) which reference is contained within an Hyper Text Mark-up Language (H.T.M.L.) page accessed by the web browser. The service is received in an archive file, such as a jar file for instance, which is signed and which contains a class structure of java code. The lava code may also be received from a File Transfer Protocol (FTP) server.
In one embodiment, the process validates the archive file and in accordance with the signature existing within the determined archive file, use
Brebner Gavin
Raffaele Eric
Choules Jack
Hewlett--Packard Development Company, L.P.
LandOfFree
Process for executing a downloadable service receiving... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Process for executing a downloadable service receiving..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Process for executing a downloadable service receiving... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3341971