The present invention relates generally to the field of computer networks and more particularly to a method and system for providing status indication and control to a user of a secure network connection, such as a secure Internet connection.
Currently, there can be an element of user uncertainty in the status of a connection to an Internet site or service. When a user signs onto a secure session with a service provider on the Internet by providing a user identification (ID) and password, the actual security status of the user""s connection at any given time is not always immediately clear to the user. This situation is distinguished, for example, from the situation in which one uses an automatic teller machine (ATM). In the case of an ATM, when a cardholder approaches the ATM and inserts a transaction card and enters a personal identification number (PIN), the cardholder can expect that the ATM will accept instructions and deliver confidential information. The ATM generally has a xe2x80x9cgood-byexe2x80x9d screen, and when the session is over, the card is returned to the cardholder in those machines that have a transport reader. The cardholder can also expect that when the cardholder leaves the particular machine, the particular secure session is over and no one else can walk up and take advantage of the privileges provided by the cardholder""s signing on with the his or her PIN.
On the other hand, with a connection to a web site, the security status of the session, the period of time in which the secure session is in effect, and exactly what capabilities are authorized is not as clear. Current web browsers for personal computers provide a graphical indication that the connection with the host system is secure, i.e., that communication between the computers is encrypted and the source of data received can be verified, but these icons do not provide any indication of whether the user is xe2x80x9csigned onxe2x80x9d with transactional capabilities. Most secure Internet services operate on a time-out basis in which the entitlements granted by signing on are available for a fixed period of time after the user authentication takes place and may be extended for a similar period each time the user interacts with the service. In some applications, this method is used to conserve system resources as well as to enforce security. Some services employ a warning mechanism that alerts the user to the imminent expiry of this period, while others time out passively, simply declining transactions which are received after the prescribed amount of time. In some cases the time-out period remains valid even after the user directs his or her browser to other sites, resuming the trusted session when and if the user returns. In other cases, the session is canceled if a specific window is closed or redirected.
Typically, the user signs onto a secure web site, and from that point, the server at the other end provides the user with information which is perhaps confidential and accepts instructions, for example, to move money, pay money to others, and the like. However, there is not necessarily a clear indication of when that secure session ends. It is possible to have a sign-off link on the user""s screen that can be clicked on, and then the machine verifies that the session is over. However, the nature of connecting to a site on the worldwide web (WWW) is slightly different from many other transactional interactions. For example, the user can visit another site on the WWW and/or visit another site and perform an entirely different transaction, and there is no clear indication of the state of the secure session when the user returns to the original web site. For another example, if the user visits another site on the WWW and does not return to the original web site, there is no clear indication of how long the secure session on the original site will remain in effect, what transactions will be allowed, and what information will be provided.
Those questions become a little broader in terms of the uncertainty when consideration is given to web sites that have some type of single sign-on capability, such as provided by the invention described in U.S. patent application Ser. No. 09/668,112 filed Sep. 22, 2000, entitled, xe2x80x9cMethod and System for Single Sign-On User Access to Multiple Web Servers,xe2x80x9d incorporated herein by this reference. With such capability, for example, upon signing on by a user to perform a specific transactional service, the web site offers as a convenience to the user the automatic authorization to perform one of many different services, perhaps with many different servers. For example, in logging on by the user to check the user""s checking balance, as a convenience to the user, a web site may also imply that the user now has the privilege to make a stock trade or perform any one or more of several other different types of transactions, without having to provide all of the user""s information to log on again. Again, it is not necessarily always clear exactly what entitlements are enabled, for what period of time they are enabled, and when they will be revoked in terms of a system time-out or some action by the user.
It is a feature and advantage of the present invention to provide a method and system for status indication and control to a user of a secure network connection that gives the user a consistent indicator of the user""s connection status with a service showing what entitlements are presently enabled and the remaining time for which they are available.
It is another feature and advantage of the present invention to provide a method and system for status indication and control to a user of a secure network connection that enables the user to extend the secure session at any time without having to move between functions or otherwise perform unnecessary actions to keep the session active.
It is an additional feature and advantage of the present invention to provide a method and system for status indication and control to a user of a secure network connection that enables the user to terminate the secure session simply and canceling the secure entitlements on all of the functions and systems of the service at once.
To achieve the stated and other features, advantages and objects, an embodiment of the present invention makes use of computer hardware and software to provide a user with a control panel displayed on the user""s computer screen which allows the user to sign on and sign off independently of any specific secure function, utilizing both graphics and text to clearly indicate the current status of the secure connection. If the particular status allows any privileged actions to be performed by the user, the control panel shows a count down of the remaining period of time during which that status will remain in effect. Depending on the capabilities of the user""s computer operating system, the control panel interface has the necessary attributes to be visible at all times, appearing in front of any program window.
In an embodiment of the present invention, the user at a computing device, such as the user""s personal computer with a browser, is allowed to establish a secure network connection between the computing device and a website server via a network, such as the Internet, using public key certificates to assure that the computing device is correctly identified to the website server. In a single sign-on aspect for an embodiment of the present invention, the website server can be one of a number of servers in a federation of web servers. An application for an embodiment of the present embodiment, running on the user""s computing device, provides a graphical user interface displaying a control panel at the computing device with a current status of the secure network connection to the website server. The control panel displays, for example, an icon that indicates to the user that the secure network connection to the website server is established. The control panel is continuously displayed at all times the computing device is activated and can be provided with an attribute that causes the control panel to be continuously visible on the front of the computing device display screen.
The control panel for an embodiment of the present invention displays a time out period during which the current status will remain in effect. Further, if a user privilege is associated with the current status, the control panel displays the time out period during which the user privilege will remain in effect, for example, in the form of a count-down timer. In addition, the control panel displays options for the user which enables the user to extend the time out period and/or view information about the user privilege. In a sign off aspect for an embodiment of the present invention, the user is allowed to simultaneously cancel the secure network connection, sign off independently of a specific function and revoke any privileges associated with the secure network connection by clicking on a sign off option displayed on the control panel.
The application that provides the graphical user interface for an embodiment of the present invention can be downloaded to the computing device via a host system and/or the website server. For example, the application can be downloaded to the computing device via the website server when the secure network connection is established, and the application can be downloaded automatically when the secure network connection is established. Alternatively, the application is a stand-alone utility that can be downloaded to the computing device and which adopts formal protocols and works on or more secure servers in addition to the website server.
Additional objects, advantages and novel features of the invention will be set forth in part in the description which follows, and in part will become more apparent to those skilled in the art upon examination of the following, or may be learned by practice of the invention.