WO1998037480A1 - Method for restricting access and navigation possibilities of an internet terminal - Google Patents
Method for restricting access and navigation possibilities of an internet terminal Download PDFInfo
- Publication number
- WO1998037480A1 WO1998037480A1 PCT/FR1998/000324 FR9800324W WO9837480A1 WO 1998037480 A1 WO1998037480 A1 WO 1998037480A1 FR 9800324 W FR9800324 W FR 9800324W WO 9837480 A1 WO9837480 A1 WO 9837480A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- access
- card
- navigation
- internet
- internet resource
- Prior art date
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0853—Network architectures or network communication protocols for network security for authentication of entities using an additional device, e.g. smartcard, SIM or a different communication terminal
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/34—User authentication involving the use of external additional devices, e.g. dongles or smart cards
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/102—Entity profiles
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/02—Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2149—Restricted operating environment
Definitions
- the invention relates to access to Internet resources. Since the generalization of the Internet, it has often appeared desirable to condition or control access to such and such a site, in particular to reserve access to authorized persons, to limit access under certain conditions, etc. .
- One of the aims of the invention is to propose an access method which can meet these objectives, by allowing adaptation to very varied cases.
- the invention is mainly based on the use of a microcircuit card, given to a user (anonymously or by name) and which the latter inserts into a card reader provided with his Internet terminal.
- the Internet terminal may be a microcomputer equipped with appropriate navigation software on the Internet network as well as a microcircuit card reader, or, advantageously, a dedicated terminal, in the form of a connected box.
- a television receiver and on the other hand to a telephone line, provided with means for entering commands, for example by means of an infrared remote control, and comprising a microcircuit card reader.
- a configuration is not limiting, and various variants can be envisaged, such as: terminal with its own display (in place of the television), transmission by a channel other than a telephone line, such as cable network , cellular radiotelephony (GSM), local loop radiotelephony, reception of data by satellite, etc.
- GSM cellular radiotelephony
- the method of the invention comprises the steps consisting in: inserting into the terminal an access card storing access parameters to at least one Internet resource and access option indicators; modify the operating parameters of the navigation software according to the manual access option indicators re to include navigation restrictions defined by these indicators; and establish the connection to the Internet resource according to the access parameters of the card.
- Browsing restrictions may notably include: conditioning the execution of certain functions to the presence of the access card in the reader; limiting browsing to certain predefined pages of the Internet resource; the Umitation of navigation to certain predefined Internet resources referenced in the access card and / or in a file of the Internet resource referenced in the access card.
- an Internet terminal in the form of a box 10 connected to a television set 12 for displaying the various data returned by the Internet network, this box comprising, for the introduction of navigation commands.
- a receiver 14 such as an infrared receiver controlled by a remote control 16 available to the user.
- the Internet terminal 10 is provided with a mid-card reader 18 crocircuit, as is known per se, for example for reading a card 20 whose microcircuit includes the data for connection to the Internet service provider or ISP (Internet Service Provider) 22 via the switched telephone network 24.
- ISP Internet Service Provider
- connection data to the ISP are stored in the card, which is for example a card addressed to the user after subscription of the subscription to the ISP supplier, with the telephone number for access to the ISP and the various parameters. TCP / IP (Internet protocol) to establish communication with the latter.
- TCP / IP Internet protocol
- the method of the invention is based on the use of a microcircuit card 26 (which will be called hereinafter "access card”), distinct from the subscription card 20 to the ISP provider, and which is delivered to, or purchased by, a user.
- This access card can be either a name card or an anonymous card, that is to say not linked to a particular user, and which can therefore be freely distributed or resold without the user having to justify his identity.
- This card is for example a microcircuit card with synchronous wired logic of the Schlumberger "Eurochip” type. This type of card is particularly advantageous because of its low price, due to the wired logic.
- the information contained in this card can be as follows: - frozen masked area, containing information specific to the manufacturer as well as an identifier of the application according to the invention (which allows to recognize that it is indeed an "access card” as defined here and not a card having another function);
- sequence number typically on 48 bits, which is a card-specific number, different from one card to the next;
- the access option indicators have the function, once the access card has been inserted in the reader of the terminal 10, to modify the operating parameters of the navigation software, and therefore the subsequent behavior of the terminal.
- this modification is made at the time of the introduction of the access card and that it is advantageously maintained even if the access card is withdrawn from the terminal; to cancel this modification, it will therefore be necessary to reintroduce the access card and provide an appropriate command to the terminal to restore the navigation software to its initial state, without access restriction.
- the restrictions imposed by the access option indicators can be of various kinds, depending on the particular situations sought.
- a first restriction may consist in prohibiting the execution of certain functions if the access card is not present in the terminal. It is thus possible, for example, to prohibit access to personal messaging maintained by a website (or by the ISP provider). This preserves the confidentiality of the messaging service, by reserving its access only to the holder of the corresponding access card.
- Another restriction may consist in limiting the browsing possibilities offered by the software. Thus, after inserting the access card, it is possible for example from:
- Another advantageous form of limitation of navigation consists, after having introduced the access card, of allowing access only to Internet sites for which a specific card will be introduced.
- This specific card is a third type of card, which is neither the ISP provider's card, nor the access card, but a card containing a website address with its various necessary connection parameters (password, etc. .).
- One application of the latter mode of access restriction consists in using the access card to carry out a "parental lock" of the Internet terminal so that children can freely use the terminal by means of various specific cards corresponding to servers. individuals (eg game servers, cartoon servers, etc.) but will not be able to access other servers.
- the software can only access the servers corresponding to these specific cards, the insertion of the specific card controlling access to the Internet resource referenced on this card and locking the terminal on this resource, without possibility of changing the server other than via another specific card.
Abstract
Description
Claims
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
AU64064/98A AU6406498A (en) | 1997-02-21 | 1998-02-19 | Method for restricting access and navigation possibilities of an internet terminal |
EP98909569A EP0963575A1 (en) | 1997-02-21 | 1998-02-19 | Method for restricting access and navigation possibilities of an internet terminal |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
FR9702059A FR2760159B1 (en) | 1997-02-21 | 1997-02-21 | METHOD FOR LIMITING THE POSSIBILITIES OF ACCESS AND NAVIGATION OF AN INTERNET TERMINAL |
FR97/02059 | 1997-02-21 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO1998037480A1 true WO1998037480A1 (en) | 1998-08-27 |
Family
ID=9504009
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/FR1998/000324 WO1998037480A1 (en) | 1997-02-21 | 1998-02-19 | Method for restricting access and navigation possibilities of an internet terminal |
Country Status (4)
Country | Link |
---|---|
EP (1) | EP0963575A1 (en) |
AU (1) | AU6406498A (en) |
FR (1) | FR2760159B1 (en) |
WO (1) | WO1998037480A1 (en) |
Cited By (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
GB2340704A (en) * | 1998-07-28 | 2000-02-23 | Blackcoat Limited | Network communication |
DE19964077A1 (en) * | 1999-10-07 | 2001-04-12 | Dietz Gislinde | Non-erasable operating system extension for computers and Internet access devices |
GB2366888A (en) * | 2000-04-14 | 2002-03-20 | Ibm | Restricting data access to data in data processing systems |
US6476833B1 (en) | 1999-03-30 | 2002-11-05 | Koninklijke Philips Electronics N.V. | Method and apparatus for controlling browser functionality in the context of an application |
EP1346306A1 (en) * | 2000-11-30 | 2003-09-24 | Nokia Corporation | A method and system for distributing electronic content |
KR100750611B1 (en) | 1999-10-15 | 2007-08-20 | 톰슨 라이센싱 | A user interface for a bi-directional communication system |
US7363245B1 (en) * | 2000-03-31 | 2008-04-22 | Intel Corporation | Electronic product packaging and distribution for e-Commerce |
Families Citing this family (14)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
FR2782435B1 (en) * | 1998-08-13 | 2000-09-15 | Bull Cp8 | COMMUNICATION METHOD BETWEEN A USER STATION AND A NETWORK, PARTICULARLY AN INTERNET TYPE, AND IMPLEMENTATION ARCHITECTURE |
EP1142254A1 (en) * | 1999-01-15 | 2001-10-10 | Johannes Gerardus Hendricus Terwindt | System for providing a connection between two or more computers |
US20020055847A1 (en) * | 1999-01-20 | 2002-05-09 | Masahiro Nakano | Method and apparatus of providing secure transactions on a network |
JP4503143B2 (en) | 1999-07-14 | 2010-07-14 | パナソニック株式会社 | Electronic ticket system, service server and mobile terminal |
MXPA02003710A (en) * | 1999-10-15 | 2002-08-30 | Thomson Licensing Sa | A user interface for a bi-directional communication system. |
WO2001047210A2 (en) * | 1999-12-20 | 2001-06-28 | Nokia Corporation | Improvements in or relating to communication devices |
US7111051B2 (en) * | 2000-01-26 | 2006-09-19 | Viaclix, Inc. | Smart card for accessing a target internet site |
FR2805107B1 (en) * | 2000-02-10 | 2002-04-05 | Bull Cp8 | METHOD FOR MANAGING MULTIMEDIA DATA TRANSMISSIONS VIA AN INTERNET-TYPE NETWORK, ESPECIALLY TELEPHONE DATA, AND CHIP CARD FOR IMPLEMENTING THE METHOD |
DE10017033A1 (en) * | 2000-04-05 | 2001-10-18 | Ci4 Net Ag | Information and communication system |
FR2809206A1 (en) * | 2000-05-16 | 2001-11-23 | France Telecom | Method of access to multimedia content available on data network with payment collection, uses value unit purchased by user from distributor who reveals hidden number to access multimedia content |
KR20010107572A (en) * | 2000-05-24 | 2001-12-07 | 포만 제프리 엘 | Trust-based link access control |
DE60336373D1 (en) * | 2003-01-17 | 2011-04-28 | Sony Dadc Austria Ag | Secure web access via an original CD |
WO2006069622A1 (en) * | 2004-12-30 | 2006-07-06 | Koninklijke Kpn N.V. | Method and system for restricted service access |
EP1798659A1 (en) * | 2005-12-19 | 2007-06-20 | Axalto SA | Personal token with parental control |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5191611A (en) * | 1989-04-03 | 1993-03-02 | Lang Gerald S | Method and apparatus for protecting material on storage media and for transferring material on storage media to various recipients |
US5590197A (en) * | 1995-04-04 | 1996-12-31 | V-One Corporation | Electronic payment system and method |
-
1997
- 1997-02-21 FR FR9702059A patent/FR2760159B1/en not_active Expired - Lifetime
-
1998
- 1998-02-19 EP EP98909569A patent/EP0963575A1/en not_active Withdrawn
- 1998-02-19 AU AU64064/98A patent/AU6406498A/en not_active Abandoned
- 1998-02-19 WO PCT/FR1998/000324 patent/WO1998037480A1/en not_active Application Discontinuation
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5191611A (en) * | 1989-04-03 | 1993-03-02 | Lang Gerald S | Method and apparatus for protecting material on storage media and for transferring material on storage media to various recipients |
US5590197A (en) * | 1995-04-04 | 1996-12-31 | V-One Corporation | Electronic payment system and method |
Cited By (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
GB2340704A (en) * | 1998-07-28 | 2000-02-23 | Blackcoat Limited | Network communication |
US6476833B1 (en) | 1999-03-30 | 2002-11-05 | Koninklijke Philips Electronics N.V. | Method and apparatus for controlling browser functionality in the context of an application |
DE19964077A1 (en) * | 1999-10-07 | 2001-04-12 | Dietz Gislinde | Non-erasable operating system extension for computers and Internet access devices |
KR100750611B1 (en) | 1999-10-15 | 2007-08-20 | 톰슨 라이센싱 | A user interface for a bi-directional communication system |
US7363245B1 (en) * | 2000-03-31 | 2008-04-22 | Intel Corporation | Electronic product packaging and distribution for e-Commerce |
GB2366888A (en) * | 2000-04-14 | 2002-03-20 | Ibm | Restricting data access to data in data processing systems |
EP1346306A1 (en) * | 2000-11-30 | 2003-09-24 | Nokia Corporation | A method and system for distributing electronic content |
Also Published As
Publication number | Publication date |
---|---|
FR2760159B1 (en) | 1999-05-14 |
FR2760159A1 (en) | 1998-08-28 |
AU6406498A (en) | 1998-09-09 |
EP0963575A1 (en) | 1999-12-15 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO1998037480A1 (en) | Method for restricting access and navigation possibilities of an internet terminal | |
EP1044436B1 (en) | Method for communication between a user station and a network, in particular such as internet, and implementing architecture | |
WO2006084960A1 (en) | System for automatic selection of authentication | |
WO2006053958A9 (en) | Portable personal mass storage medium and computer system with secure access to a user space via a network | |
EP1537718B1 (en) | Automatic authentication selection server | |
EP0803790A1 (en) | Method of concealing a secret code in a computer authentication device | |
EP1637989A1 (en) | Method and system for the separation of accounts of personal data | |
EP0928445B1 (en) | Method for conditionally accessing an internet resource from a terminal equipped with a microcircuit reader card | |
CA2414469A1 (en) | Container access control process and container access control system | |
EP1051009A1 (en) | Virtual server providing security services | |
EP0996300B1 (en) | Method for accessing server services from a mobile station subscriber identity module and terminal for carrying out the method | |
EP1139637A2 (en) | Method and system to have privileges granted by an access manager in a communications network | |
WO2017207894A1 (en) | Method for providing personal information of a user requested by a given online service | |
EP1326399B1 (en) | Method for securing the download of active data to a terminal | |
EP1503563A1 (en) | Security method for requesting access to services, terminal and software module to implement the method | |
FR2811494A1 (en) | Data access management system for internet uses user and site characteristics to prevent access | |
EP1894407B1 (en) | Method and device for making secure access to multimedia contents | |
EP1168844B1 (en) | Method for secure transaction between a user and a provider | |
FR2795582A1 (en) | DEVICE AND METHOD FOR CONTROLLING ACCESS TO AT LEAST ONE SERVICE AVAILABLE FROM A TELECOMMUNICATIONS TERMINAL CONNECTED TO A TELECOMMUNICATIONS NETWORK | |
FR3114714A1 (en) | A method of accessing a set of user data. | |
FR3102327A1 (en) | Method for managing the contents of a computer interface for a vehicle | |
Miller et al. | Regulation of the Internet: A Technological Perspective | |
FR2941835A1 (en) | Information source surveillance method for information network i.e. internet, involves receiving information from information source followed by one of subscriptions of list, and returning received information by navigator | |
FR3030820A1 (en) | METHOD FOR ACCESSING DIGITAL CONTENT IN A COMMUNICATION NETWORK USING TERMINAL EQUIPMENT CONNECTED WITH THE COMMUNICATION NETWORK | |
FR2780586A1 (en) | AUTHENTICATION METHOD FOR PROTECTED ACCESS IN A NETWORKED COMPUTER SYSTEM |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AK | Designated states |
Kind code of ref document: A1 Designated state(s): AL AM AT AU AZ BA BB BG BR BY CA CH CN CU CZ DE DK EE ES FI GB GE GH HU IL IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MD MG MK MN MW MX NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT UA UG US UZ VN YU ZW |
|
AL | Designated countries for regional patents |
Kind code of ref document: A1 Designated state(s): GH GM KE LS MW SD SZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH DE DK ES FI FR GB GR IE IT LU MC NL PT SE BF BJ CF CG CI CM GA GN ML MR NE SN TD TG |
|
WWE | Wipo information: entry into national phase |
Ref document number: 1998909569 Country of ref document: EP |
|
121 | Ep: the epo has been informed by wipo that ep was designated in this application | ||
REG | Reference to national code |
Ref country code: DE Ref legal event code: 8642 |
|
NENP | Non-entry into the national phase |
Ref country code: CA |
|
WWP | Wipo information: published in national office |
Ref document number: 1998909569 Country of ref document: EP |
|
WWW | Wipo information: withdrawn in national office |
Ref document number: 1998909569 Country of ref document: EP |