Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Central trusted authority provides computer authentication
Reexamination Certificate
1999-12-15
2004-05-18
Peeso, Thomas R. (Department: 2132)
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Central trusted authority provides computer authentication
C713S161000, C713S165000, C713S168000, C713S172000
Reexamination Certificate
active
06738901
ABSTRACT:
BACKGROUND OF THE INVENTION
The present invention relates generally to an improvement in filtering internet access. Building a one to one relationship on the internet can also be provided by this invention. In other words, rules other then filtering can be applied to the user. In particular, the present invention provides a system that recognizes and customizes individual internet access within a network.
The issue of varying levels of internet access arises in connection with public libraries. Public libraries are not immune to the 1
st
Amendment of the United States Constitution. Adult patrons have the freedom to access and read whatever type of internet sites protected by the 1
st
Amendment they choose. The present invention allows public libraries to offer a system that protects this freedom and still protects children from unsuitable internet sites, as selected by their parents. A server is provided (located on the internet) to register a user with the system and store information on whether the user is authorized to access certain internet sites. A carding station is provided to generate a personal smart card for the user. The smart card includes a read only memory. The smart card may be any ISO Standard Smart Card that stores a serial number that correlates with information about the user stored in the server. An internet station allows the user to view the internet only by inserting the personal smart card into a card reader and confirming that he/she is using his/her own card. In cooperation with the server, the internet station controls the user's access to the internet sites based on whether the data in the server indicates that the user is authorized to access the sites. The internet connection provided at the internet station is over public lines and data that is transferred to authenticate the user is secured by a secure sockets layer (“SSL”) protocol.
While the Internet provides virtually unlimited access to a wide variety of information and services (both protected by the 1
st
amendment of the United States Constitution and unprotected due to federal, state and local laws), much of the information is unsuitable for certain age groups and is offensive to other groups or individuals. Therefore, public institutions, libraries and schools, are increasingly requiring an efficient and cost-effective infrastructure to administer and manage internet access according to the needs of different user groups. Some effort has been made to address this need by providing systems that restrict user access to particular internet sites. An example is shown in U.S. Pat. No. 5,937,404 to Csaszar et al.
While this system provides its patrons with access to only pre-approved internet sites and allows its patrons to search and review the approved sites with a reference card, it has the drawback of restricting the internet access of all of the patrons to a single set of approved sites that are stored on a server. For example, adults are only able to access the same set of approved sites that children are authorized to access. Further, adults that find certain internet sites offensive are unable to custom filter their internet access according to their interests. In order to provide customization of internet access, a plurality of servers must be provided and individual modules of software must be stored on different computers within the system.
Other types of internet filtering systems have been on the market, such as a system called GuardiaNet that was formerly sold by One Place, L.L.C., a predecessor of the assignee of the present application. The GuardiaNet system customized individual internet access by providing an encrypted “serial number” directly on the PC's hard disk drive and also had the ability to encrypt the serial number to a 3.5″ standard Floppy Disk as well as to a personalized card with a microprocessor chip. Each card included a processor that stored information on internet sites the user was authorized to access. The user was able to access the internet only with his or her card and a server controlled the internet sites displayed during the user's session based on the information stored on the user's card. Even though the GuardiaNet system provided customized internet access, the system was not economical because the cards used in the system were too expensive. More specifically, the cost of each card was approximately $7.00 because each card included a microprocessor. Thus, the cost of distributing cards to all members of the public who may use a public library may quickly become prohibitive, as would the cost of replacing the card each time it was lost or stolen. Further, the GuardiaNet filtering software used a very complex security system to protect data transferred during each internet connection. The GuardiaNet filtering software encrypted data on an application level to establish secure communication pathways between a secured network and a user on a public, unsecured network. The security system established gateways or firewalls between the internet and any party desiring protection, and encrypted all data transmitted across the internet connection. This robust security system led to undesirably slow connection due to the fact that it was encrypting all data, graphic, and applications traversing the internet connection.
Accordingly, there is a need in the art for a faster and more economical system to customize individual or group internet access without having to separate computers for different types of users within the system.
SUMMARY OF THE INVENTION
The present invention fulfills this need in the art by providing a system that customizes individual internet access comprising an internet server that registers a user with the system, stores information regarding internet sites the user is authorized to access, and controls the user's access to the internet sites based on the information stored in the server for the specific user.
The system further includes a carding station that generates a personal smart card for the user and an internet stations that allows the user to view the internet with the personal smart card. The personal smart stores information that identifies the user to enable the server to control the user's access to the internet sites and does not include a microprocessor. However, the card could have a processor for other purposes and still be within the scope of this invention. The term “not including a microprocessor should be so construed.
The user is registered with the system by entry of personal identification information about the user at the carding station. The user is also registered with the system by entry of a personal identification number, password, fingerprint and/or other biometric data that provides security for the personal smart card. Further, the user is registered with the system by entry of the information regarding the internet sites the user is authorized to access. In addition, by utilizing the authentication method of a portable smart card associated to a trusted password communicating to the internet server, the system operates in an IP independent state. This is to say that the cardholder is able to gain his approved access from any computer employing the internet station software and card reader.
The server controls the users access to the internet sites by granting or denying requests from the internet station to display the internet sites, based on the information stored in the server regarding the internet sites the user is authorized to access. That information includes an access level selected from the group consisting of an unfiltered internet access level, a filtered internet access level, and a restricted internet access level. The unfiltered access level gives the user full access to all internet sites. The filtered internet access level blocks the user's access to one or more predetermined internet sites. The restricted internet access level blocks the user's access to any internet site that is not included in a predetermined set of approved interne
Boyles Stephen L.
Fischer Jochen E.
Leinecker Richard C.
McConnell Troy
Moody, Jr. Clyde G.
3M Innovative Properties Company
Buss Melissa E.
Peeso Thomas R.
LandOfFree
Smart card controlled internet access does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Smart card controlled internet access, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Smart card controlled internet access will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3222378