This invention relates generally to networking and, in particular, to content and application security, traceability and accounting.
As is well known, the Internet is a huge collection of computers networks that are interconnected around the world. These computers are devices that can be switches, gateways, servers or routers. The computers networks are interconnected by the router that routes traffic from a source device (e.g., Web switch) to a destination device (e.g., Web server) passing through some number of intervening networks. The Internet devices have computing abilities and utilize protocols conforming to the open system interconnection (OSI) model of which the transmission control protocol over Internet protocol (TCP/IP) is a widespread implementation. All information transported over the Internet is parcelled into TCP/IP packets, which are routed to an intended destination.
The key technological advance of the Internet is that it allows information, or ‘content’ and applications to be shared among authorised devices coupled to the network. For the purposes of this application, content and applications that are accessed or provided over the Internet in any business transaction are referred to as electronic business (e-business) content and applications. Examples of e-business content and applications include Internet telephony and facsimile, electronic-mail, electronic-commerce, and electronic-mobile, video-on-demand, data transfer, remote access to business services, and any kind of digitized information for Business-to-Business (B2B), Business-to-Consumer (B2C), Consumer-to-Business (C2B), and Consumer-to-Consumer (C2C).
As Internet use grows, e-business contents and applications increase rapidly for businesses and consumers. Content providers vary in sizes from a single content provider to large organisation; and Content accounting and billing take also various forms, from free downloading, pay per service, pay per access, or others. Due to the size differences and attributes of each of the content providers, there are often a number of different methods by which users must interface with the different providers to obtain content.
For example, one large organisation that provides content may be a publishing company that provides content, such as text or music, for a fee. Subscribers are typically required to register for access to the application prior to accessing the content. The registration would require that the subscriber enter a user identifier and password. When the subscriber registers with the application, data including the subscriber's identifier, address and billing information may be collected so that the subscriber's access can be tracked, and the subscriber can be billed accordingly.
One problem for a subscriber in obtaining e-business content or using e-business applications arises because the security hooks (i.e., user registration and verification) are implemented at the application layer, at the content provider. Different e-business applications often require different format for user identifiers and passwords. In addition, a common e-business content and application provider may have different registration methods for their different applications, thereby adding to the confusion. For example, a bank may require the subscriber to log in separately for access to a bank account or access to a stock trading/investment services. In a worst-case scenario, each application or content request could require a different password or registration procedure. As the number of applications and content made available on the Internet increases, the task of maintaining registration information for each such application is becoming onerous.
A further problem arises for the individual content provider who seeks to furnish content on the Internet, but lacks the tools necessary to provide secure access and accountability over who accesses the content. For example, an individual photographer may seek to publish photographs on the web, but may not have the ability to track all those who download the content. Such individuals are discouraged from using the Internet as their e-commerce tools because they lack the ability to ensure that they are getting adequately compensated for their content.
An additional issue arises with uncontrolled content, where uncontrolled content will mean, for the purposes of this application, content that is not typically accessed using a user identifier and a password. It may be desirable for a provider of uncontrolled content to monitor who is accessing the content for various reasons. The typical tools that have been in place, however, generally trace only for security purposes, and therefore there is no simple way to obtain information regarding the client who accesses your content.
It would be desirable to identify a technique for managing secure, traceable access to Internet content and applications. Such a technique would enable individual, enterprise or small to large Businesses for B2B, B2C, C2B, and C2C services to flourish.