The present invention relates to electronic commerce and user authentication. More particularly, the invention relates to methods for enabling users of a Web site or other information system to efficiently and securely access private Web pages and other types of restricted resources.
In the field of Internet commerce, it is common for businesses to provide customers restricted access to data, server functionality, and other types of resources via a Web site. For example, a user of an online merchant""s Web site may be given restricted access to a database record which contains the user""s account information, or to a Web page which allows the user to place an order with the merchant.
To prevent unauthorized users from accessing restricted resources, the user is typically required to initially specify, and thereafter enter, some type of authentication information. The authentication information may include, for example, a user ID, a password, an email address, or a combination thereof. Requiring the user to enter and keep track of such information, however, can be burdensome to the user. In addition, the level of security provided by such methods depends heavily on the length and predictability of the identifiers selected by the users.
There is therefore a need for an improved method for allowing users of Web sites to securely access private data and other resources.
The present invention addresses the above and other limitations by providing a system and method in which users access private Web pages, data records and/or other restricted resources using automatically-generated private URLs (Uniform Resource Locators). The private URLs allow authorized users to access the private resources without the need to enter a username, password, or other authentication information, and without the need to download special authentication software or data to the user""s computer. The system and method are particularly useful for providing users with secure access to data records and functionality associated with a personal account, but may be used in a wide range of other practical applications.
In accordance the invention, each xe2x80x9cprivate resourcexe2x80x9d (a resource to which remote access by a particular user or group of users is desired) of a set of private resources is automatically assigned a private URL which includes a fixed character string and a unique token. For example, a private Web page for a particular user may be assigned the private URL
http://www.amazon.com/private_resources/A9HBJ1E55G0ML,
where the character string A9HBJ1E55G0ML is the token. The private URLs are conveyed to the corresponding users by email (preferably within a user-selectable hyperlink) or another communication method, and may be used to access the corresponding resource over the Internet.
To protect against the identification of valid private URLs, such as through trial-and-error, the range of allowable token values (xe2x80x9ctoken spacexe2x80x9d) is selected to be sufficiently large relative to the expected number of valid tokens so that the probability that a random guess within the token space will produce a valid token is very low (e.g., less than 1 in 1000). For example, if no more than 220 (about one million) tokens are expected to be valid at any given time, and 64-bit tokens are used (providing a token space of 0 to 264xe2x88x921), the likelihood that a random guess within this range will produce a valid token will be no more than one in 264/220=244≅1.78xc3x971013. The token space may, but need not be, continuous. To further protect against the unauthorized identification of valid tokens, the tokens are generated using an algorithm which tends to distribute the issued tokens randomly within the token space. Any of a variety of known algorithms, or combinations of algorithms, may be used for this purpose. The use of such a random distribution reduces the likelihood that an unauthorized user will be able to identify a valid token through modification or observation of other valid tokens.
When the user selects the hyperlink or otherwise requests a private URL, a server application running on the Web site determines whether the token is valid. If the token is found to be valid, the server application permits the user to access the resource. Access to the resource may, for example, involve the generation of a private Web page that is transmitted to the user. The private Web page may include information from one or more private database records, and/or may include a confirmation that a particular transaction associated with the private URL was performed. The server application may be configured to invalidate the tokens (and thus the private URLs) after a single use, or after a predetermined period of time.
One benefit of the above-described URL generation/validation method is that it provides a very simple and efficient mechanism for allowing users to access private resources, such as Web pages which contain personal account information. Another benefit is that the private URLs can be generated and issued to a user (and subsequently validated) even if very little information is known about the user. For example, the method can be used where the only information known about the user is the user""s email address, as in the email-based recommendation service described below. Different levels of security can therefore be used for different types of transmissions. Another benefit is that the level of security can be controlled by adjusting the size of the token space, such as by adjusting the number of bits used to represent token values. Another benefit is that the method does not require the user to download any special authentication program, or to consistently use the same computer.
In one embodiment, the method is used to allow users to securely access and update a subscription profile for an automated email-based product recommendation service. Other practical applications for the method include automated order confirmation, electronic gift certificate and coupon redemption, access to gift registries, electronic voting, and access to electronic greeting cards.