WO2001040908A2 - Secure content embedding into personalized web pages - Google Patents
Secure content embedding into personalized web pages Download PDFInfo
- Publication number
- WO2001040908A2 WO2001040908A2 PCT/EP2000/011790 EP0011790W WO0140908A2 WO 2001040908 A2 WO2001040908 A2 WO 2001040908A2 EP 0011790 W EP0011790 W EP 0011790W WO 0140908 A2 WO0140908 A2 WO 0140908A2
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- portal
- requestor
- browser
- applet
- document
- Prior art date
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6245—Protecting personal data, e.g. for financial or medical purposes
- G06F21/6263—Protecting personal data, e.g. for financial or medical purposes during internet communication, e.g. revealing personal data from cookies
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/16—Implementing security features at a particular protocol layer
- H04L63/168—Implementing security features at a particular protocol layer above the transport layer
Definitions
- the present invention relates to computer-based secure display of sensitive content from one data source in a second, potentially unsecure document.
- the present invention relates to systems, methods and computer program products for embedding sensitive data m a secure fashion in an otherwise unsecure document on a computer.
- the present invention finds particular, but not exclusive, application to the healthcare industry. It can be used in any application where sensitive or confidential data in a source file is to be made available through second access provider where the second access provider may not be secure. Internet-based systems particular benefit from the application of this invention.
- a problem encountered in healthcare systems is that medical information needs to be easily accessible to a patient. Notifications about lab results, prescription renewals, etc. can both reduce cost m health care and increase health of a person when delivered in a timely manner.
- a possible way of providing this information would be that of placing on the front page of a newspaper which the patient is known to read every day. This would however violate patient privacy concerns since the same newspaper may be delivered to millions of other persons as well.
- One solution, m this newspaper example would be to p ⁇ nt a personalized version of the newspaper which would only be delivered to that person. This is what portal sites like
- the present invention desc ⁇ bes a method of embedding information into a portal page without having to give the data to the portal.
- the data is securely transmitted between the patient and the medical content provider. No information is disclosed to a third party
- this invention relates to a method for creating secure access to data m a first secure file by way of an insecure portal in a distributed computing environment, the process comprising: accessing an insecure portal provider by a requestor using a browser, creating, by the requestor, a document unique to the requestor on that insecure portal, embedding, by said portal in said document, a reference to a java applet which can open a connection to the first secure file, causing the requestor's browser, while loading the insecure document, to see the java applet and request it from the secure file, transferring the requested java applet to the requestor's browser which starts it, thereby opening a connection to the secure file, causing the secure file to generate code which is transmitted to the requestor's browser, causing the applet on the requestor's browser to receive said code and insert it into the portal's document.
- this invention provides a means for accessing a secure file through an insecure portal on a dist ⁇ ubbed computing system, the process comprising activating a java applet embedded m the insecure portal document wherein the java applet which provides secure access to the secure file, wherein the embedded applet is created by: accessing an insecure portal provider by a requestor using a browser, creating, by the requestor, a document unique to the requestor on that insecure portal, embedding, by said portal in said document, a reference to a java applet which can open a connection to the first secure file, causing the requestor's browser, while loading the insecure document, to see the java applet and request it from the secure file, transferring the requested java applet to the requestor's browser which starts it, thereby opening a connection to the secure file, causing the secure file to generate code which is transmitted to the requestor's browser, causing the applet on the requestor's browser to receive said code and insert it into the portal's
- Figure 1 is a block diagram of content embedding in a web portal
- Figure 2 is a block diagram of content embedding with license Description of the Invention
- the present invention i ses facilities in HTML, Java and Javascript to enable the content delivery.
- the present invention does not require any special software to be installed on the user's machine other than a HTML browser like Internet Explorer or Netscape Communicator. It can be run on any personal computer and server.
- fictitious names are used for better readability:
- the scenario is started by Susan's logging on to the portal and asking it to generate a personal web page for her.
- the portal has ways and means to determine that the request comes from a "John Doe” source, which is how it characterizes Susan's request.
- Susan Prior to logging on to the personal web page generating portal, Susan has configured another portal to show her information from www.medrec.com.
- the portal generates "John Doe's" page and leaves space for the content from "www.medrec.com", a medical records provider on the web. In this space, the portal includes a reference to ajava applet of "www.medrec.com". Susan's browser, while loading the HTML page, sees the reference to the java applet and requests it from www.medrec.com.
- the applet is transferred and Susan's browser starts it.
- the applet opens a connection to www.medrec.com.
- Medrec uses a method (described below) to determine that the request came on behalf of "User 1772".
- medrec generates a piece of HTML code fragment, which is to be displayed on the browser.
- the applet receives the HTML code fragment and inserts it into the portal's page.
- Susan's browser shows a page where the information from www.medrec.com is listed integrated among the other news from www.portal.com. Details of the implementation of this are provided.
- a sequence diagram is given in Figure 1.
- the easiest method is to use the HTML cookie scheme. Susan is required to login once to www.medrec.com for "Userl772" with her password. Medrec then stores a cookie in Susan's browser. This cookie is later transmitted with the applets request and allows medrec to generate information for User 1772.
- the cookie scheme does not provide optimal security.
- Several browser's default configuration allow foreign sites to read Medrec 's cookie. Thus, other sites can "steal" the cookie and use them for their own request. This would give such a site access to Susan's information.
- the stolen cookie can carry a timestamp, so that it expires after a certain time. Assuming this time to be 7 days, this would require Susan to login at least every week to www.medrec.com.
- www.medrec.com can require that the applet is loaded m a secure connection. This will prevent anyone from faking or tampe ⁇ ng with the Java applet which is running on Susan's browser.
- cookie validation as desc ⁇ bed above can be used together with the certificate. Security would be enhanced in such a way that certificate theft can only be exploited for a number of days.
- the Java applet carries a list of licensed portal sites. When it is transferred and started on Susan's browser it finds the URL of the document where it should place the content. This would be "www.portal.com" herein. It then checks to see if this URL is in its list of licensees. If the URL is not listed it aborts execution with an error message.
- a sequence diagram for Content Embedding with Licensing is given in Figure 2.
- the code in the portal's HTML page will contain the following fragment:
- the applet initiates the connection to www.medrec.com when the method "getHTML" is called. It returns the HTML fragment in a string, which is then made part of the document from the portal.
- the applet can use the method "getDocumentBase" of the standard java applet class . This method returns the URL of the document, which can be used for confirmation of the license status.
Abstract
The present invention relates to systems, methods and computer program products for embedding sensitive data in a secure fashion in an otherwise unsecure document downloaded from internet. In the preferred embodiment, the invention describes a method of merging sensitive information (e.g. medical data) to a personalized portal page without having to give the data to the portal. The sensitive data is securely transmitted from a content provider directly to the user and transparently embedded into the personalized page.
Description
Secure Content Embedding Area of the Invention
The present invention relates to computer-based secure display of sensitive content from one data source in a second, potentially unsecure document. In particular, the present invention relates to systems, methods and computer program products for embedding sensitive data m a secure fashion in an otherwise unsecure document on a computer. The present invention finds particular, but not exclusive, application to the healthcare industry. It can be used in any application where sensitive or confidential data in a source file is to be made available through second access provider where the second access provider may not be secure. Internet-based systems particular benefit from the application of this invention.
As an example, a problem encountered in healthcare systems is that medical information needs to be easily accessible to a patient. Notifications about lab results, prescription renewals, etc. can both reduce cost m health care and increase health of a person when delivered in a timely manner. By way of example of the challenge, a possible way of providing this information would be that of placing on the front page of a newspaper which the patient is known to read every day. This would however violate patient privacy concerns since the same newspaper may be delivered to millions of other persons as well. One solution, m this newspaper example, would be to pπnt a personalized version of the newspaper which would only be delivered to that person. This is what portal sites like
Netscape, Yahoo and America OnLme on the Internet excel at. They deliver an up-to-the- minute, personal version of a newspaper digitally on a person's computer. However m order to place personal medical information on these pages, a content provider would have to transmit this information to the portal site first. The portal site would embed this into their page and transmit the page to the user. This is basically how Netscape's "Rich Site Summary" works.
The present invention descπbes a method of embedding information into a portal page without having to give the data to the portal. The data is securely transmitted between the patient and the medical content provider. No information is disclosed to a third party
Summary of the Invention
In a first aspect this invention relates to a method for creating secure access to data m a first secure file by way of an insecure portal in a distributed computing environment, the process comprising: accessing an insecure portal provider by a requestor using a browser,
creating, by the requestor, a document unique to the requestor on that insecure portal, embedding, by said portal in said document, a reference to a java applet which can open a connection to the first secure file, causing the requestor's browser, while loading the insecure document, to see the java applet and request it from the secure file, transferring the requested java applet to the requestor's browser which starts it, thereby opening a connection to the secure file, causing the secure file to generate code which is transmitted to the requestor's browser, causing the applet on the requestor's browser to receive said code and insert it into the portal's document.
In a second aspect, this invention provides a means for accessing a secure file through an insecure portal on a distπbuted computing system, the process comprising activating a java applet embedded m the insecure portal document wherein the java applet which provides secure access to the secure file, wherein the embedded applet is created by: accessing an insecure portal provider by a requestor using a browser, creating, by the requestor, a document unique to the requestor on that insecure portal, embedding, by said portal in said document, a reference to a java applet which can open a connection to the first secure file, causing the requestor's browser, while loading the insecure document, to see the java applet and request it from the secure file, transferring the requested java applet to the requestor's browser which starts it, thereby opening a connection to the secure file, causing the secure file to generate code which is transmitted to the requestor's browser, causing the applet on the requestor's browser to receive said code and insert it into the portal's document.
Descπption of the Figures
Figure 1 is a block diagram of content embedding in a web portal Figure 2 is a block diagram of content embedding with license
Description of the Invention
The present invention i ses facilities in HTML, Java and Javascript to enable the content delivery. The present invention does not require any special software to be installed on the user's machine other than a HTML browser like Internet Explorer or Netscape Communicator. It can be run on any personal computer and server. In the description the fictitious names are used for better readability:
• User - Susan
• Portal - www.portal.com, knows Susan as "John Doe" • Content Provider - www.medrec.com, knows Susan as "User 1772"
The scenario is started by Susan's logging on to the portal and asking it to generate a personal web page for her. The portal has ways and means to determine that the request comes from a "John Doe" source, which is how it characterizes Susan's request. Prior to logging on to the personal web page generating portal, Susan has configured another portal to show her information from www.medrec.com. The portal generates "John Doe's" page and leaves space for the content from "www.medrec.com", a medical records provider on the web. In this space, the portal includes a reference to ajava applet of "www.medrec.com". Susan's browser, while loading the HTML page, sees the reference to the java applet and requests it from www.medrec.com. The applet is transferred and Susan's browser starts it. The applet opens a connection to www.medrec.com. Medrec uses a method (described below) to determine that the request came on behalf of "User 1772". medrec generates a piece of HTML code fragment, which is to be displayed on the browser. The applet receives the HTML code fragment and inserts it into the portal's page. Now Susan's browser shows a page where the information from www.medrec.com is listed integrated among the other news from www.portal.com. Details of the implementation of this are provided. A sequence diagram is given in Figure 1.
It is not relevant to the present invention how the portal leams that Susan's request is for "John Doe". However the content provider needs a way to identify that information is to be generated for User 1772 - the identity under which Susan is known to the content provider.
The easiest method is to use the HTML cookie scheme. Susan is required to login once to www.medrec.com for "Userl772" with her password. Medrec then stores a cookie in Susan's browser. This cookie is later transmitted with the applets request and allows
medrec to generate information for User 1772. The cookie scheme does not provide optimal security. Several browser's default configuration allow foreign sites to read Medrec 's cookie. Thus, other sites can "steal" the cookie and use them for their own request. This would give such a site access to Susan's information. The stolen cookie can carry a timestamp, so that it expires after a certain time. Assuming this time to be 7 days, this would require Susan to login at least every week to www.medrec.com. The advantage is that a stolen cookie could only be used m this time window. This is an improved security A preferred security scheme is descπbed below. Note however, that the basic scheme is of interest to content providers with less confidential information, who nevertheless do not want to disclose it too easily to portals.
Secure Content Embedding
In order to secure the method of "Basic Content Merging" it is preferred that the employs more secure technology like a certificate (x.509) which was issued by a trusted party (like VeπSign) or the vendor, www.medrec.com, itself. The certificate of the user "Userl772" is known by Medrec. This can be done when the user signs up
When the applet sends its request, this is done over an SSLv3/TLS connection. This is one example of a secure connectton used in e-commerce. The content provider asks for client certification and Susan's browser proves to the server that it is a valid owner of the certificate (e.g. that it has the pπvate key). Thus, www.medrec.com can make sure that-
• the request is coming on behalf of Userl 772, e.g. Susan.
• the data is transmitted in a secure fashion via SSL/TLS.
Furthermore, www.medrec.com can require that the applet is loaded m a secure connection. This will prevent anyone from faking or tampeπng with the Java applet which is running on Susan's browser.
Note that the cookie validation as descπbed above can be used together with the certificate. Security would be enhanced in such a way that certificate theft can only be exploited for a number of days.
Secure Content Embedding with Licensing
The last addition to content merging introduces a method which allows the content provider to license the use of content merging to portals. This is important to veπfy that content is only merged to pages which are authoπzed by the content provider. This can be important m order to enforce and protect commercial agreements (exclusive πghts, etc )
The Java applet carries a list of licensed portal sites. When it is transferred and started on Susan's browser it finds the URL of the document where it should place the content. This would be "www.portal.com" herein. It then checks to see if this URL is in its list of licensees. If the URL is not listed it aborts execution with an error message. A sequence diagram for Content Embedding with Licensing is given in Figure 2.
Implementation Details
The code in the portal's HTML page will contain the following fragment:
<div id="medrec" name="medrec">
<APPLET code="Portal.class" height=0 name="Applet" codebase- 'https ://www.medrec .com/" width=0 VTEWASTEXT MAYSCRIPT id=Applet> <PARAM NAME=" foreground" VALUE="FFFFFF"> <PARAM NAME="background" VALUE="008000">
</APPLET>
All this will be replaced.<br> </div>
For browsers which support DHTML, the following Javascript function is added to the page:
<script language="javascript"> function replaceO { var app = document.applets[" Applet"]; feld.innerHTML = app.getHTML();
} </script>
For browsers without DHTML, the following function is added to the page:
<script language="javascript"> applet = document.applets["Applet2"]; s = applet.getHTML(); document, writeln(s) ; </script>
The applet initiates the connection to www.medrec.com when the method "getHTML" is called. It returns the HTML fragment in a string, which is then made part of the document from the portal.
As for the licensing method, the applet can use the method "getDocumentBase" of the standard java applet class . This method returns the URL of the document, which can be used for confirmation of the license status.
Claims
1. A method for creating secure access to data m a first secure file by way of an insecure portal in a distπbuted computing environment, the process compπsmg: accessing an insecure portal provider by a requestor using a browser, creating, by the requestor, a document unique to the requestor on that insecure portal, embedding, by said portal in said document, a reference to ajava applet which can open a connection to the first secure file, causing the requestor's browser, while loading the insecure document, to see the java applet and request it from the secure file, transferring the requested java applet to the requestor's browser which starts it, thereby opening a connection to the secure file, causing the secure file to generate code which is transmitted to the requestor's browser, causing the applet on the requestor's browser to receive said code and insert it into the portal's document.
2. A means for accessing a secure file through an insecure portal on a distπbuted computing system, the process compπsing: activating ajava applet embedded m the insecure portal document wherein the java applet which provides secure access to the secure file, wherein the embedded applet is created by: accessing an insecure portal provider by a requestor using a browser, creating, by the requestor, a document unique to the requestor on that insecure portal, embedding, by said portal m said document, a reference to ajava applet which can open a connection to the first secure file, causing the requestor's browser, while loading the insecure document, to see the java applet and request it from the secure file, transferring the requested java applet to the requestor's browser which starts it, thereby opening a connection to the secure file, causing the secure file to generate code which is transmitted to the requestor's browser, causing the applet on the requestor's browser to receive said code and insert it into the portal's document.
3. A means for providing secure access via the internet to a secure file via an insecure portal, as described herein.
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
GB9928208.9 | 1999-11-29 | ||
GB9928208A GB9928208D0 (en) | 1999-11-29 | 1999-11-29 | Method |
Publications (2)
Publication Number | Publication Date |
---|---|
WO2001040908A2 true WO2001040908A2 (en) | 2001-06-07 |
WO2001040908A3 WO2001040908A3 (en) | 2002-05-02 |
Family
ID=10865372
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/EP2000/011790 WO2001040908A2 (en) | 1999-11-29 | 2000-11-24 | Secure content embedding into personalized web pages |
Country Status (2)
Country | Link |
---|---|
GB (1) | GB9928208D0 (en) |
WO (1) | WO2001040908A2 (en) |
Cited By (14)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP1293857A1 (en) * | 2001-09-17 | 2003-03-19 | Caplin Systems Limited | Server access control |
US7653602B2 (en) | 2003-11-06 | 2010-01-26 | Visa U.S.A. Inc. | Centralized electronic commerce card transactions |
US7725369B2 (en) | 2003-05-02 | 2010-05-25 | Visa U.S.A. Inc. | Method and server for management of electronic receipts |
WO2010122678A1 (en) * | 2009-04-23 | 2010-10-28 | Hitachi,Ltd. | Online storage service system and its data control method |
US7857216B2 (en) | 2003-09-12 | 2010-12-28 | Visa U.S.A. Inc. | Method and system for providing interactive cardholder rewards image replacement |
US8005763B2 (en) | 2003-09-30 | 2011-08-23 | Visa U.S.A. Inc. | Method and system for providing a distributed adaptive rules based dynamic pricing system |
US8010405B1 (en) | 2002-07-26 | 2011-08-30 | Visa Usa Inc. | Multi-application smart card device software solution for smart cardholder reward selection and redemption |
US8015060B2 (en) | 2002-09-13 | 2011-09-06 | Visa Usa, Inc. | Method and system for managing limited use coupon and coupon prioritization |
US8407083B2 (en) | 2003-09-30 | 2013-03-26 | Visa U.S.A., Inc. | Method and system for managing reward reversal after posting |
US8429048B2 (en) | 2009-12-28 | 2013-04-23 | Visa International Service Association | System and method for processing payment transaction receipts |
US8554610B1 (en) | 2003-08-29 | 2013-10-08 | Visa U.S.A. Inc. | Method and system for providing reward status |
US8626577B2 (en) | 2002-09-13 | 2014-01-07 | Visa U.S.A | Network centric loyalty system |
US9852437B2 (en) | 2002-09-13 | 2017-12-26 | Visa U.S.A. Inc. | Opt-in/opt-out in loyalty system |
US11132691B2 (en) | 2009-12-16 | 2021-09-28 | Visa International Service Association | Merchant alerts incorporating receipt data |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP0848338A1 (en) * | 1996-12-12 | 1998-06-17 | SONY DEUTSCHLAND GmbH | Server providing documents according to user profiles |
US5870544A (en) * | 1997-10-20 | 1999-02-09 | International Business Machines Corporation | Method and apparatus for creating a secure connection between a java applet and a web server |
WO1999016003A1 (en) * | 1997-09-22 | 1999-04-01 | Belarc, Inc. | System and method for providing client side personalization of content of web pages and the like |
-
1999
- 1999-11-29 GB GB9928208A patent/GB9928208D0/en not_active Ceased
-
2000
- 2000-11-24 WO PCT/EP2000/011790 patent/WO2001040908A2/en active Application Filing
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP0848338A1 (en) * | 1996-12-12 | 1998-06-17 | SONY DEUTSCHLAND GmbH | Server providing documents according to user profiles |
WO1999016003A1 (en) * | 1997-09-22 | 1999-04-01 | Belarc, Inc. | System and method for providing client side personalization of content of web pages and the like |
US5870544A (en) * | 1997-10-20 | 1999-02-09 | International Business Machines Corporation | Method and apparatus for creating a secure connection between a java applet and a web server |
Non-Patent Citations (1)
Title |
---|
KOHDA Y ET AL: "UBIQUITOUS ADVERTISING ON THE WWW: MERGING ADVERTISEMENT ON THE BROWSER" COMPUTER NETWORKS AND ISDN SYSTEMS,NL,NORTH HOLLAND PUBLISHING. AMSTERDAM, vol. 28, 1 May 1996 (1996-05-01), pages 1493-1499, XP002037594 ISSN: 0169-7552 * |
Cited By (27)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2003025717A1 (en) * | 2001-09-17 | 2003-03-27 | Caplin Systems Limited | Server access control |
EP1293857A1 (en) * | 2001-09-17 | 2003-03-19 | Caplin Systems Limited | Server access control |
US8010405B1 (en) | 2002-07-26 | 2011-08-30 | Visa Usa Inc. | Multi-application smart card device software solution for smart cardholder reward selection and redemption |
US8626577B2 (en) | 2002-09-13 | 2014-01-07 | Visa U.S.A | Network centric loyalty system |
US10460338B2 (en) | 2002-09-13 | 2019-10-29 | Visa U.S.A. Inc. | Network centric loyalty system |
US9852437B2 (en) | 2002-09-13 | 2017-12-26 | Visa U.S.A. Inc. | Opt-in/opt-out in loyalty system |
US8239261B2 (en) | 2002-09-13 | 2012-08-07 | Liane Redford | Method and system for managing limited use coupon and coupon prioritization |
US8015060B2 (en) | 2002-09-13 | 2011-09-06 | Visa Usa, Inc. | Method and system for managing limited use coupon and coupon prioritization |
US7725369B2 (en) | 2003-05-02 | 2010-05-25 | Visa U.S.A. Inc. | Method and server for management of electronic receipts |
US7987120B2 (en) | 2003-05-02 | 2011-07-26 | Visa U.S.A. Inc. | Method and portable device for management of electronic receipts |
US7827077B2 (en) | 2003-05-02 | 2010-11-02 | Visa U.S.A. Inc. | Method and apparatus for management of electronic receipts on portable devices |
US8386343B2 (en) | 2003-05-02 | 2013-02-26 | Visa U.S.A. Inc. | Method and user device for management of electronic receipts |
US9087426B2 (en) | 2003-05-02 | 2015-07-21 | Visa U.S.A. Inc. | Method and administration system for management of electronic receipts |
US8554610B1 (en) | 2003-08-29 | 2013-10-08 | Visa U.S.A. Inc. | Method and system for providing reward status |
US8793156B2 (en) | 2003-08-29 | 2014-07-29 | Visa U.S.A. Inc. | Method and system for providing reward status |
US7857215B2 (en) | 2003-09-12 | 2010-12-28 | Visa U.S.A. Inc. | Method and system including phone with rewards image |
US7857216B2 (en) | 2003-09-12 | 2010-12-28 | Visa U.S.A. Inc. | Method and system for providing interactive cardholder rewards image replacement |
US8005763B2 (en) | 2003-09-30 | 2011-08-23 | Visa U.S.A. Inc. | Method and system for providing a distributed adaptive rules based dynamic pricing system |
US8407083B2 (en) | 2003-09-30 | 2013-03-26 | Visa U.S.A., Inc. | Method and system for managing reward reversal after posting |
US9141967B2 (en) | 2003-09-30 | 2015-09-22 | Visa U.S.A. Inc. | Method and system for managing reward reversal after posting |
US8244648B2 (en) | 2003-09-30 | 2012-08-14 | Visa U.S.A. Inc. | Method and system for providing a distributed adaptive rules based dynamic pricing system |
US7653602B2 (en) | 2003-11-06 | 2010-01-26 | Visa U.S.A. Inc. | Centralized electronic commerce card transactions |
US9710811B2 (en) | 2003-11-06 | 2017-07-18 | Visa U.S.A. Inc. | Centralized electronic commerce card transactions |
WO2010122678A1 (en) * | 2009-04-23 | 2010-10-28 | Hitachi,Ltd. | Online storage service system and its data control method |
US11132691B2 (en) | 2009-12-16 | 2021-09-28 | Visa International Service Association | Merchant alerts incorporating receipt data |
US8650124B2 (en) | 2009-12-28 | 2014-02-11 | Visa International Service Association | System and method for processing payment transaction receipts |
US8429048B2 (en) | 2009-12-28 | 2013-04-23 | Visa International Service Association | System and method for processing payment transaction receipts |
Also Published As
Publication number | Publication date |
---|---|
WO2001040908A3 (en) | 2002-05-02 |
GB9928208D0 (en) | 2000-01-26 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US6167522A (en) | Method and apparatus for providing security for servers executing application programs received via a network | |
US8261087B2 (en) | Digipass for web-functional description | |
EP2314046B1 (en) | Credential management system and method | |
WO2001040908A2 (en) | Secure content embedding into personalized web pages | |
US6826696B1 (en) | System and method for enabling single sign-on for networked applications | |
US6393420B1 (en) | Securing Web server source documents and executables | |
KR100920871B1 (en) | Methods and systems for authentication of a user for sub-locations of a network location | |
EP3005209B1 (en) | Web application protection | |
US20070226783A1 (en) | User-administered single sign-on with automatic password management for web server authentication | |
US20120036569A1 (en) | Securing portable executable modules | |
JP5644770B2 (en) | Access control system, server, and access control method | |
WO2012023050A2 (en) | Secure cloud computing system and method | |
KR20030093305A (en) | Method and apparatus for serving content from a semi-trusted server | |
WO2002077819A1 (en) | Access system interface | |
JP2009514050A (en) | System and method for authenticating a client in a client-server environment | |
US7594107B1 (en) | Method and apparatus for updating web certificates | |
Halamka et al. | A WWW implementation of national recommendations for protecting electronic health information | |
WO2000046681A1 (en) | Content certification | |
US7206803B1 (en) | Method and apparatus for controlling access to the contents of web pages by using a mobile security module | |
US20060047662A1 (en) | Capability support for web transactions | |
EP1293857A1 (en) | Server access control | |
Spence et al. | Shibgrid: Shibboleth access for the uk national grid service | |
CN111404946B (en) | Account authentication method based on browser and server | |
WO2014191965A1 (en) | Digital content execution control mechanism | |
JP2004185286A (en) | Web access controller |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AK | Designated states |
Kind code of ref document: A2 Designated state(s): US |
|
AL | Designated countries for regional patents |
Kind code of ref document: A2 Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR |
|
121 | Ep: the epo has been informed by wipo that ep was designated in this application | ||
DFPE | Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101) | ||
122 | Ep: pct application non-entry in european phase |