The present invention generally relates to security systems for use with computer networks and more particularly to a subscription access system that is particularly adapted for use with untrusted networks, such as the Internet.
There are many information providers which are connected to the Internet or some other untrusted network. Such information providers may provide information without charge for certain information that can be accessed by any user that has access to the network. However, the same information provider may want to generate revenue from subscription services and also to protect its information assets. In order to generate revenue, there must be control over user access, rights management, billings, usage tracking and even demographic data. For an information provider to publish content on an untrusted network such as the web, it must have access to a web server which connects to the Internet. Any user with a web browser can then access the web site and view its contents. If an organization is a private corporate network and wants to display parts of its corporate data on its web site, the organization can make the private network available to the web server through a firewall computer. This enables the corporate data that is desired to be displayed without the private network being accessible to the rest of the web.
To implement a subscription access system for use over the web, information providers need to implement authentication and usage tracking. Authentication involves providing restricted access to the contents that are made available and this is typically implemented through traditional user name-password schemes. Such schemes are vulnerable to password fraud because subscribers can share their user names and password by word of mouth or through Internet news groups, which obviously is conducive to fraudulent access and loss of revenue. Usage tracking involves collecting information on how subscribers are using a particular subscription web site, which typically now involves web server access logs which tell what web resources were accessed by particular addresses. This information is often inadequate to link web site usage and a particular subscriber who used the web site. There is also no generic transaction model that defines a web transaction, which contributes to the difficulty in implementing a subscription model based upon usage.
Accordingly, it is a primary object of the present invention to provide an improved subscription access system for use in an untrusted network, such as the Internet, which system provides effective authentication and usage tracking, among other features.
Another object of the present invention is to provide such an improved subscription access system which provides additional features that combine elements of subscriber authentication, subscriber authorization, demographics capture and rights management to effectively protect the assets of an online information provider.
More particularly, it is an object of the present invention to provide such an improved subscription access system that provides secure access through either a one factor (conventional user name and password) or two factor authentication (using an optional hardware access key with a unique digital ID), thus enabling a superior and effective subscriber authentication which only allows registered subscribers to access protected contents and subscriber authorization which determines the subscriber""s access level within a protected site.
Yet another object of the present invention is to provide such a system that has usage tracking capability for collecting all of the subscriber""s usage data and storing it in a structured query language (SQL) database under a generic transaction model.
Another object of the present invention is to provide such a system which enables demographic capture to store a subscriber""s network usage history.
Still another object of the present invention is to provide such a system that has the capability of preventing content from being copied by controlling the functionality of a client application, such as a web browser, while displaying protected contents. More particularly, the functionality is controlled in a manner whereby copyrighted content, for example, can be identified and the client application can be controlled to preclude such functionality as cut and paste, copy or print. Such functionality can be controlled on a hierarchical basis.
Still another object of the present invention is to provide such a system that easily administers subscriptions and subscribers through a graphical user interface client/server application.
Other objects and advantages will become apparent upon reading the following detailed description, while referring to the attached drawings.