WO1998037480A1 - Method for restricting access and navigation possibilities of an internet terminal - Google Patents

Method for restricting access and navigation possibilities of an internet terminal Download PDF

Info

Publication number
WO1998037480A1
WO1998037480A1 PCT/FR1998/000324 FR9800324W WO9837480A1 WO 1998037480 A1 WO1998037480 A1 WO 1998037480A1 FR 9800324 W FR9800324 W FR 9800324W WO 9837480 A1 WO9837480 A1 WO 9837480A1
Authority
WO
WIPO (PCT)
Prior art keywords
access
card
navigation
internet
internet resource
Prior art date
Application number
PCT/FR1998/000324
Other languages
French (fr)
Inventor
Joseph Haddad
Original Assignee
Netgem, Societe Anonyme
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Family has litigation
First worldwide family litigation filed litigation Critical https://patents.darts-ip.com/?family=9504009&utm_source=google_patent&utm_medium=platform_link&utm_campaign=public_patent_search&patent=WO1998037480(A1) "Global patent litigation dataset” by Darts-ip is licensed under a Creative Commons Attribution 4.0 International License.
Application filed by Netgem, Societe Anonyme filed Critical Netgem, Societe Anonyme
Priority to AU64064/98A priority Critical patent/AU6406498A/en
Priority to EP98909569A priority patent/EP0963575A1/en
Publication of WO1998037480A1 publication Critical patent/WO1998037480A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0853Network architectures or network communication protocols for network security for authentication of entities using an additional device, e.g. smartcard, SIM or a different communication terminal
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/102Entity profiles
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/02Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2149Restricted operating environment

Definitions

  • the invention relates to access to Internet resources. Since the generalization of the Internet, it has often appeared desirable to condition or control access to such and such a site, in particular to reserve access to authorized persons, to limit access under certain conditions, etc. .
  • One of the aims of the invention is to propose an access method which can meet these objectives, by allowing adaptation to very varied cases.
  • the invention is mainly based on the use of a microcircuit card, given to a user (anonymously or by name) and which the latter inserts into a card reader provided with his Internet terminal.
  • the Internet terminal may be a microcomputer equipped with appropriate navigation software on the Internet network as well as a microcircuit card reader, or, advantageously, a dedicated terminal, in the form of a connected box.
  • a television receiver and on the other hand to a telephone line, provided with means for entering commands, for example by means of an infrared remote control, and comprising a microcircuit card reader.
  • a configuration is not limiting, and various variants can be envisaged, such as: terminal with its own display (in place of the television), transmission by a channel other than a telephone line, such as cable network , cellular radiotelephony (GSM), local loop radiotelephony, reception of data by satellite, etc.
  • GSM cellular radiotelephony
  • the method of the invention comprises the steps consisting in: inserting into the terminal an access card storing access parameters to at least one Internet resource and access option indicators; modify the operating parameters of the navigation software according to the manual access option indicators re to include navigation restrictions defined by these indicators; and establish the connection to the Internet resource according to the access parameters of the card.
  • Browsing restrictions may notably include: conditioning the execution of certain functions to the presence of the access card in the reader; limiting browsing to certain predefined pages of the Internet resource; the Umitation of navigation to certain predefined Internet resources referenced in the access card and / or in a file of the Internet resource referenced in the access card.
  • an Internet terminal in the form of a box 10 connected to a television set 12 for displaying the various data returned by the Internet network, this box comprising, for the introduction of navigation commands.
  • a receiver 14 such as an infrared receiver controlled by a remote control 16 available to the user.
  • the Internet terminal 10 is provided with a mid-card reader 18 crocircuit, as is known per se, for example for reading a card 20 whose microcircuit includes the data for connection to the Internet service provider or ISP (Internet Service Provider) 22 via the switched telephone network 24.
  • ISP Internet Service Provider
  • connection data to the ISP are stored in the card, which is for example a card addressed to the user after subscription of the subscription to the ISP supplier, with the telephone number for access to the ISP and the various parameters. TCP / IP (Internet protocol) to establish communication with the latter.
  • TCP / IP Internet protocol
  • the method of the invention is based on the use of a microcircuit card 26 (which will be called hereinafter "access card”), distinct from the subscription card 20 to the ISP provider, and which is delivered to, or purchased by, a user.
  • This access card can be either a name card or an anonymous card, that is to say not linked to a particular user, and which can therefore be freely distributed or resold without the user having to justify his identity.
  • This card is for example a microcircuit card with synchronous wired logic of the Schlumberger "Eurochip” type. This type of card is particularly advantageous because of its low price, due to the wired logic.
  • the information contained in this card can be as follows: - frozen masked area, containing information specific to the manufacturer as well as an identifier of the application according to the invention (which allows to recognize that it is indeed an "access card” as defined here and not a card having another function);
  • sequence number typically on 48 bits, which is a card-specific number, different from one card to the next;
  • the access option indicators have the function, once the access card has been inserted in the reader of the terminal 10, to modify the operating parameters of the navigation software, and therefore the subsequent behavior of the terminal.
  • this modification is made at the time of the introduction of the access card and that it is advantageously maintained even if the access card is withdrawn from the terminal; to cancel this modification, it will therefore be necessary to reintroduce the access card and provide an appropriate command to the terminal to restore the navigation software to its initial state, without access restriction.
  • the restrictions imposed by the access option indicators can be of various kinds, depending on the particular situations sought.
  • a first restriction may consist in prohibiting the execution of certain functions if the access card is not present in the terminal. It is thus possible, for example, to prohibit access to personal messaging maintained by a website (or by the ISP provider). This preserves the confidentiality of the messaging service, by reserving its access only to the holder of the corresponding access card.
  • Another restriction may consist in limiting the browsing possibilities offered by the software. Thus, after inserting the access card, it is possible for example from:
  • Another advantageous form of limitation of navigation consists, after having introduced the access card, of allowing access only to Internet sites for which a specific card will be introduced.
  • This specific card is a third type of card, which is neither the ISP provider's card, nor the access card, but a card containing a website address with its various necessary connection parameters (password, etc. .).
  • One application of the latter mode of access restriction consists in using the access card to carry out a "parental lock" of the Internet terminal so that children can freely use the terminal by means of various specific cards corresponding to servers. individuals (eg game servers, cartoon servers, etc.) but will not be able to access other servers.
  • the software can only access the servers corresponding to these specific cards, the insertion of the specific card controlling access to the Internet resource referenced on this card and locking the terminal on this resource, without possibility of changing the server other than via another specific card.

Abstract

The invention concerns a method conditioning access to an Internet resource (28, 30, 32) from an Internet terminal (10) incorporating navigation software and provided with a microcircuit card reader (18), comprising the following steps: inserting in the terminal an access card (26) storing parameters for accessing at least an Internet resource and access option indicators; modifying the parameters operating the navigation software according to the access option indicators so as to include therein navigation restrictions defined by these indicators; and establishing the connection to the Internet resource on the basis of the card access parameters. The navigation restrictions can comprise in particular: conditioning the execution of certain operations to the presence of the access card in the reader; limiting navigation to certain predetermined pages of the Internet resource; limiting navigation to certain predetermined Internet resources labelled in the access card and/or in an Internet resource file labelled in the access card.

Description

Procédé pour limiter les possibilités d'accès et de navigation d'un terminal Internet Method for limiting the possibilities of access and navigation of an Internet terminal
L'invention concerne l'accès aux ressources Internet. Depuis la généralisation du réseau Internet, il est souvent apparu souhaitable de conditionner ou de contrôler les accès à tel ou tel site, notamment pour en réserver l'accès à des personnes autorisées, à en li- miter l'accès selon certaines conditions, etc.The invention relates to access to Internet resources. Since the generalization of the Internet, it has often appeared desirable to condition or control access to such and such a site, in particular to reserve access to authorized persons, to limit access under certain conditions, etc. .
L'un des buts de l'invention est de proposer un procédé d'accès qui puisse répondre à ces objectifs, en permettant une adaptation à des cas de figures très variés.One of the aims of the invention is to propose an access method which can meet these objectives, by allowing adaptation to very varied cases.
L'invention se base principalement sur l'utilisation d'une carte à microcircuit, remise à un utilisateur (de façon anonyme ou bien nominative) et que celui-ci insère dans un lecteur de carte dont est pourvu son terminal Internet.The invention is mainly based on the use of a microcircuit card, given to a user (anonymously or by name) and which the latter inserts into a card reader provided with his Internet terminal.
Le terminal Internet peut être un micro-ordinateur doté d'un logiciel de navigation approprié sur le réseau Internet ainsi que d'un lec- teur de carte à microcircuit, ou bien, avantageusement, un terminal dédié, sous forme d'un boîtier relié d'une part à un récepteur de télévision et d'autre part à une ligne téléphonique, pourvu de moyens pour entrer des commandes, par exemple par l'intermédiaire d'une télécommande infrarouge, et comportant un lecteur de carte à microcircuit. Une telle configuration n'est cependant pas limitative, et diverses variantes peuvent être envisagées, telles que : terminal doté de son propre afficheur (en lieu et place du téléviseur), transmission par une voie autre qu'une ligne téléphonique, telle que réseau câblé, radiotéléphonie cellulaire (GSM), radiotéléphonie sur boucle locale, réception de données par satellite, etc.The Internet terminal may be a microcomputer equipped with appropriate navigation software on the Internet network as well as a microcircuit card reader, or, advantageously, a dedicated terminal, in the form of a connected box. on the one hand to a television receiver and on the other hand to a telephone line, provided with means for entering commands, for example by means of an infrared remote control, and comprising a microcircuit card reader. However, such a configuration is not limiting, and various variants can be envisaged, such as: terminal with its own display (in place of the television), transmission by a channel other than a telephone line, such as cable network , cellular radiotelephony (GSM), local loop radiotelephony, reception of data by satellite, etc.
Plus précisément, le procédé de l'invention comprend les étapes consistant à : insérer dans le terminal une carte d'accès mémorisant des paramètres d'accès à au moins une ressource Internet et des indicateurs d'option d'accès ; modifier les paramètres de fonctionnement du logiciel de navigation d'après les indicateurs d'option d'accès de manié- re à y inclure des restrictions de navigation définies par ces indicateurs ; et établir la connexion à la ressource Internet en fonction des paramètres d'accès de la carte.More specifically, the method of the invention comprises the steps consisting in: inserting into the terminal an access card storing access parameters to at least one Internet resource and access option indicators; modify the operating parameters of the navigation software according to the manual access option indicators re to include navigation restrictions defined by these indicators; and establish the connection to the Internet resource according to the access parameters of the card.
Les restrictions de navigation peuvent notamment comprendre : le conditionnement de l'exécution de certaines fonctions à la présence de la carte d'accès dans le lecteur ; la limitation de la navigation à certaines pages prédéfinies de la ressource Internet ; la Umitation de la navigation à certaines ressources Internet prédéfinies référencées dans la carte d'accès et/ou dans un fichier de la ressource Internet référencée dans la carte d'accès.Browsing restrictions may notably include: conditioning the execution of certain functions to the presence of the access card in the reader; limiting browsing to certain predefined pages of the Internet resource; the Umitation of navigation to certain predefined Internet resources referenced in the access card and / or in a file of the Internet resource referenced in the access card.
00
D'autres caractéristiques et avantages de l'invention apparaîtront à la lecture de la description détaillée ci-dessous d'un mode de mise en oeuvre du procédé de l'invention, en référence à la figure unique annexée, qui illustre les différents moyens et ressources indiqués dans la mise en oeuvre du procédé.Other characteristics and advantages of the invention will appear on reading the detailed description below of an embodiment of the method of the invention, with reference to the single appended figure, which illustrates the various means and resources indicated in the implementation of the method.
00
Dans l'exemple ci-dessous, on considérera un terminal Internet sous forme d'un boîtier 10 relié à un téléviseur 12 pour l'affichage des différentes données retournées par le réseau Internet, ce boîtier comportant, pour l'introduction de commandes de navigation, un récepteur 14 tel qu'un récepteur infrarouge piloté par une télécommande 16 à la disposition de l'utilisateur.In the example below, we will consider an Internet terminal in the form of a box 10 connected to a television set 12 for displaying the various data returned by the Internet network, this box comprising, for the introduction of navigation commands. , a receiver 14 such as an infrared receiver controlled by a remote control 16 available to the user.
Ces boîtiers sont en eux-mêmes connus et ne seront pas décrits plus en détail ; leur fonctionnement propre est simplement modifié par ajout d'une couche logicielle spécifique pour la mise en oeuvre du procédé de l'invention. L'application à un boîtier dédié n'est pas limitative, et l'on pourrait aussi bien envisager, comme indiqué plus haut, d'utiliser un micro-ordinateur pourvu d'un logiciel de navigation approprié, avec lequel les données seraient affichées sur l'écran de visualisation et les commandes seraient introduites par un clavier. Le terminal Internet 10 est pourvu d'un lecteur 18 de carte à mi- crocircuit, comme cela est connu en soi, par exemple pour lire une carte 20 dont le microcircuit comprend les données de connexion au fournisseur d'accès Internet ou ISP {Internet Service Provider) 22 via le réseau téléphonique commuté 24. Cet ISP, une fois la communication établie avec le terminal, gérera l'accès à divers sites Internet 28, 30, 32, ... de manière transparente pour l'utilisateur, qui pourra se connecter à tel ou tel site, naviguer d'une page à l'autre de la ressource Internet, ou encore d'un site à l'autre, en fonction de commandes appliquées au logiciel de navigation incorporé au terminal. Les données de connexion à l'ISP sont mémorisées dans la carte, qui est par exemple une carte adressée à l'utilisateur après souscription de l'abonnement au fournisseur ISP, avec le numéro téléphonique d'accès à l'ISP et les différents paramètres TCP/IP (protocole Internet) pour établir la communication avec ce dernier. Ces différents paramè- très mémorisés dans la carte sont chargés dans une mémoire temporaire du boîtier 10 à la première introduction de la carte 20, de manière à rendre ce boîtier autonome, pour qu'il puisse se connecter au fournisseur ISP après retrait de la carte (on verra qu'il est nécessaire d'introduire par la suite une autre carte et donc de libérer le lecteur à cet effet).These boxes are known per se and will not be described in more detail; their proper functioning is simply modified by adding a specific software layer for implementing the method of the invention. The application to a dedicated box is not limiting, and one might as well consider, as indicated above, using a microcomputer provided with appropriate navigation software, with which the data would be displayed on the display screen and the commands would be entered by a keyboard. The Internet terminal 10 is provided with a mid-card reader 18 crocircuit, as is known per se, for example for reading a card 20 whose microcircuit includes the data for connection to the Internet service provider or ISP (Internet Service Provider) 22 via the switched telephone network 24. This ISP, once the communication established with the terminal, will manage access to various websites 28, 30, 32, ... transparently for the user, who will be able to connect to such and such a site, navigate from one page to the another from the Internet resource, or from one site to another, depending on commands applied to the navigation software incorporated into the terminal. The connection data to the ISP are stored in the card, which is for example a card addressed to the user after subscription of the subscription to the ISP supplier, with the telephone number for access to the ISP and the various parameters. TCP / IP (Internet protocol) to establish communication with the latter. These various parameters, which are very memorized in the card, are loaded into a temporary memory of the unit 10 when the card 20 is first inserted, so as to make this unit autonomous, so that it can connect to the ISP provider after removing the card. (we will see that it is necessary to introduce another card later and therefore free up the reader for this purpose).
Le procédé de l'invention repose sur l'utilisation d'une carte à microcircuit 26 (que l'on appellera par la suite "carte d'accès"), distincte de la carte 20 d'abonnement au fournisseur ISP, et qui est remise à un utilisateur, ou achetée par celui-ci. Cette carte d'accès peut être indiffé- remment une carte nominative ou une carte anonyme, c'est-à-dire non liée à un utilisateur particulier, et qui peut donc être librement distribuée ou revendue sans que l'utilisateur ait à justifier de son identité.The method of the invention is based on the use of a microcircuit card 26 (which will be called hereinafter "access card"), distinct from the subscription card 20 to the ISP provider, and which is delivered to, or purchased by, a user. This access card can be either a name card or an anonymous card, that is to say not linked to a particular user, and which can therefore be freely distributed or resold without the user having to justify his identity.
Cette carte est par exemple une carte à microcircuit à logique câblée synchrone du type Schlumberger "Eurochip". Ce type de carte est particulièrement avantageux en raison de son faible prix, du fait de la logique câblée.This card is for example a microcircuit card with synchronous wired logic of the Schlumberger "Eurochip" type. This type of card is particularly advantageous because of its low price, due to the wired logic.
Les informations contenues dans cette carte peuvent être les suivantes : — zone masquée figée, contenant des informations propres au fa- bricant ainsi qu'un identifiant de l'application selon l'invention (qui permet de reconnaître qu'il s'agit bien d'une "carte d'accès" telle que définie ici et non d'une carte ayant une autre fonction) ;The information contained in this card can be as follows: - frozen masked area, containing information specific to the manufacturer as well as an identifier of the application according to the invention (which allows to recognize that it is indeed an "access card" as defined here and not a card having another function);
— identifiant de carte ou "numéro de séquence", typiquement sur 48 bits, qui est un numéro propre à la carte, différent d'une carte à la suivante ;- card identifier or "sequence number", typically on 48 bits, which is a card-specific number, different from one card to the next;
— une ou plusieurs adresses Internet (adresse URL) d'un site Internet associé à la carte en question, avec mot de passe et numéro de compte ("login") pour l'accès à ce site, ou bien "cookie", c'est-à-dire mot de passe non secret, permanent, autorisant l'accès à ce site ; — de façon caractéristique de l'invention, un ou plusieurs indicateurs, ci-après dénommés "indicateurs d'option d'accès", dont on va expliciter le rôle.- one or more Internet addresses (URL address) of a website associated with the card in question, with password and account number ("login") for access to this site, or else "cookie", c is to say non-secret, permanent password authorizing access to this site; - Characteristically of the invention, one or more indicators, hereinafter called "access option indicators", the role of which will be explained.
Les indicateurs d'option d'accès ont pour fonction, une fois la carte d'accès introduite dans le lecteur du terminal 10, de modifier les para- mètres de fonctionnement du logiciel de navigation, et donc le comportement ultérieur du terminal.The access option indicators have the function, once the access card has been inserted in the reader of the terminal 10, to modify the operating parameters of the navigation software, and therefore the subsequent behavior of the terminal.
On notera que cette modification est apportée au moment de l'introduction de la carte d'accès et qu'elle est avantageusement maintenue même si la carte d'accès est retirée du terminal ; pour annuler cette modification, il sera donc nécessaire de réintroduire la carte d'accès et de fournir une commande appropriée au terminal pour restaurer le logiciel de navigation à son état initial, sans restriction d'accès.Note that this modification is made at the time of the introduction of the access card and that it is advantageously maintained even if the access card is withdrawn from the terminal; to cancel this modification, it will therefore be necessary to reintroduce the access card and provide an appropriate command to the terminal to restore the navigation software to its initial state, without access restriction.
Les restrictions apportées par les indicateurs d'option d'accès peu- vent être de diverses natures, en fonction des situations particulières recherchées.The restrictions imposed by the access option indicators can be of various kinds, depending on the particular situations sought.
Une première restriction peut consister à interdire l'exécution de certaines fonctions si la carte d'accès n'est pas présente dans le terminal. On peut ainsi, par exemple, interdire les accès à une messagerie personnelle tenue par un site Internet (ou par le fournisseur ISP). On préserve de cette manière la confidentialité de la messagerie, en réservant son accès au seul détenteur de la carte d'accès correspondante. Une autre restriction peut consister à limiter les possibilités de navigation offertes par le logiciel. Ainsi, après avoir inséré la carte d'accès, il est possible par exemple de :A first restriction may consist in prohibiting the execution of certain functions if the access card is not present in the terminal. It is thus possible, for example, to prohibit access to personal messaging maintained by a website (or by the ISP provider). This preserves the confidentiality of the messaging service, by reserving its access only to the holder of the corresponding access card. Another restriction may consist in limiting the browsing possibilities offered by the software. Thus, after inserting the access card, it is possible for example from:
— limiter la navigation à la seule page d'accueil du fournisseur ISP,- limit navigation to the ISP provider's home page only,
— limiter la navigation à la seule page d'accueil des sites Internet avec lesquels une liaison est établie, — limiter la navigation aux seuls sites dont les adresses sont référencées dans une zone mémoire de la carte,- limit navigation to the home page only of websites with which a link is established, - limit navigation to only sites whose addresses are referenced in a memory area of the map,
— limiter la navigation aux seuls sites dont les adresses sont référencées dans une base de données d'un site Internet distant, site dont l'adresse est mémorisée par la carte (on peut dans ce cas faire évoluer au cours du temps la liste des sites accessibles, puisque celle-ci est centralisée en un seul endroit),- limit navigation to only sites whose addresses are referenced in a database of a remote Internet site, site whose address is memorized by the card (in this case we can change the list of sites over time accessible, since it is centralized in one place),
Une autre forme avantageuse de limitation de la navigation consiste, après avoir introduit la carte d'accès, à ne permettre l'accès qu'aux seuls sites Internet pour lesquels une carte spécifique sera introduite. Cette carte spécifique est un troisième type de carte, qui n'est ni la carte du fournisseur ISP, ni la carte d'accès, mais une carte comportant une adresse de site Internet avec ses divers paramètres de connexion nécessaires (mot de passe, etc.).Another advantageous form of limitation of navigation consists, after having introduced the access card, of allowing access only to Internet sites for which a specific card will be introduced. This specific card is a third type of card, which is neither the ISP provider's card, nor the access card, but a card containing a website address with its various necessary connection parameters (password, etc. .).
Une application de ce dernier mode de restriction d'accès consiste à utiliser la carte d'accès pour effectuer un "verrouillage parental" du terminal Internet de sorte que des enfants pourront se servir librement du terminal au moyen de diverses cartes spécifiques correspondant à des serveurs particuliers (par exemple des serveurs de jeux, de dessins animés, etc.) mais ne pourront pas accéder aux autres serveurs. En d'autres termes, le logiciel ne pourra accéder qu'aux seuls serveurs correspondant à ces cartes spécifiques, l'insertion de la carte spécifique commandant l'accès à la ressource Internet référencée sur cette carte et verrouillant le terminal sur cette ressource, sans possibilité de changement de serveur autrement que via une autre carte spécifique. One application of the latter mode of access restriction consists in using the access card to carry out a "parental lock" of the Internet terminal so that children can freely use the terminal by means of various specific cards corresponding to servers. individuals (eg game servers, cartoon servers, etc.) but will not be able to access other servers. In other words, the software can only access the servers corresponding to these specific cards, the insertion of the specific card controlling access to the Internet resource referenced on this card and locking the terminal on this resource, without possibility of changing the server other than via another specific card.

Claims

REVENDICATIONS
1. Un procédé d'accès conditionnel à une ressource Internet (28, 30, 32) depuis un terminal Internet (10) incorporant un logiciel de naviga- tion et pourvu d'un lecteur (18) de carte à microcircuit, procédé comprenant les étapes consistant à :1. A method for conditional access to an Internet resource (28, 30, 32) from an Internet terminal (10) incorporating navigation software and provided with a microcircuit card reader (18), method comprising the following: stages consisting of:
— insérer dans le terminal une carte d'accès (26) mémorisant des paramètres d'accès à au moins une ressource Internet et des indicateurs d'option d'accès, — modifier les paramètres de fonctionnement du logiciel de navigation d'après les indicateurs d'option d'accès de manière à y inclure des restrictions de navigation définies par ces indicateurs, et- insert in the terminal an access card (26) memorizing access parameters to at least one Internet resource and access option indicators, - modify the operating parameters of the navigation software according to the indicators access option so as to include navigation restrictions defined by these indicators, and
— établir la connexion à la ressource Internet en fonction des paramètres d'accès de la carte.- establish the connection to the Internet resource according to the access parameters of the card.
2. Le procédé de la revendication 1 , dans lequel les restrictions de navigation comprennent le conditionnement de l'exécution de certaines fonctions à la présence de la carte d'accès dans le lecteur.2. The method of claim 1, wherein the navigation restrictions include conditioning the execution of certain functions to the presence of the access card in the reader.
3. Le procédé de la revendication 1, dans lequel les restrictions de navigation comprennent la limitation de la navigation à certaines pages prédéfinies de la ressource Internet.The method of claim 1, wherein the browsing restrictions include limiting browsing to certain predefined pages of the Internet resource.
4. Le procédé de la revendication 1 , dans lequel les restrictions de navigation comprennent la limitation de la navigation à certaines ressources Internet prédéfinies référencées dans la carte d'accès.4. The method of claim 1, wherein the navigation restrictions include limiting navigation to certain predefined Internet resources referenced in the access card.
5. Le procédé de la revendication 1, dans lequel les restrictions de navigation comprennent la limitation de la navigation à certaines res- sources Internet prédéfinies référencées dans un fichier de la ressource Internet référencée dans la carte d'accès. 5. The method of claim 1, in which the browsing restrictions include limiting browsing to certain predefined Internet resources referenced in a file of the Internet resource referenced in the access card.
PCT/FR1998/000324 1997-02-21 1998-02-19 Method for restricting access and navigation possibilities of an internet terminal WO1998037480A1 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
AU64064/98A AU6406498A (en) 1997-02-21 1998-02-19 Method for restricting access and navigation possibilities of an internet terminal
EP98909569A EP0963575A1 (en) 1997-02-21 1998-02-19 Method for restricting access and navigation possibilities of an internet terminal

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
FR9702059A FR2760159B1 (en) 1997-02-21 1997-02-21 METHOD FOR LIMITING THE POSSIBILITIES OF ACCESS AND NAVIGATION OF AN INTERNET TERMINAL
FR97/02059 1997-02-21

Publications (1)

Publication Number Publication Date
WO1998037480A1 true WO1998037480A1 (en) 1998-08-27

Family

ID=9504009

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/FR1998/000324 WO1998037480A1 (en) 1997-02-21 1998-02-19 Method for restricting access and navigation possibilities of an internet terminal

Country Status (4)

Country Link
EP (1) EP0963575A1 (en)
AU (1) AU6406498A (en)
FR (1) FR2760159B1 (en)
WO (1) WO1998037480A1 (en)

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2340704A (en) * 1998-07-28 2000-02-23 Blackcoat Limited Network communication
DE19964077A1 (en) * 1999-10-07 2001-04-12 Dietz Gislinde Non-erasable operating system extension for computers and Internet access devices
GB2366888A (en) * 2000-04-14 2002-03-20 Ibm Restricting data access to data in data processing systems
US6476833B1 (en) 1999-03-30 2002-11-05 Koninklijke Philips Electronics N.V. Method and apparatus for controlling browser functionality in the context of an application
EP1346306A1 (en) * 2000-11-30 2003-09-24 Nokia Corporation A method and system for distributing electronic content
KR100750611B1 (en) 1999-10-15 2007-08-20 톰슨 라이센싱 A user interface for a bi-directional communication system
US7363245B1 (en) * 2000-03-31 2008-04-22 Intel Corporation Electronic product packaging and distribution for e-Commerce

Families Citing this family (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
FR2782435B1 (en) * 1998-08-13 2000-09-15 Bull Cp8 COMMUNICATION METHOD BETWEEN A USER STATION AND A NETWORK, PARTICULARLY AN INTERNET TYPE, AND IMPLEMENTATION ARCHITECTURE
WO2000042756A1 (en) * 1999-01-15 2000-07-20 Terwindt Johannes Gerardus Hen System for providing a connection between two or more computers
US20020055847A1 (en) * 1999-01-20 2002-05-09 Masahiro Nakano Method and apparatus of providing secure transactions on a network
JP4503143B2 (en) 1999-07-14 2010-07-14 パナソニック株式会社 Electronic ticket system, service server and mobile terminal
WO2001029658A2 (en) * 1999-10-15 2001-04-26 Thomson Licensing S.A. A user interface for a bi-directional communication system
AU2205201A (en) * 1999-12-20 2001-07-03 Nokia Corporation Improvements in or relating to communication devices
US7111051B2 (en) * 2000-01-26 2006-09-19 Viaclix, Inc. Smart card for accessing a target internet site
FR2805107B1 (en) * 2000-02-10 2002-04-05 Bull Cp8 METHOD FOR MANAGING MULTIMEDIA DATA TRANSMISSIONS VIA AN INTERNET-TYPE NETWORK, ESPECIALLY TELEPHONE DATA, AND CHIP CARD FOR IMPLEMENTING THE METHOD
DE10017033A1 (en) * 2000-04-05 2001-10-18 Ci4 Net Ag Information and communication system
FR2809206A1 (en) * 2000-05-16 2001-11-23 France Telecom Method of access to multimedia content available on data network with payment collection, uses value unit purchased by user from distributor who reveals hidden number to access multimedia content
KR20010107572A (en) * 2000-05-24 2001-12-07 포만 제프리 엘 Trust-based link access control
ATE502347T1 (en) 2003-01-17 2011-04-15 Sony Dadc Austria Ag SECURE WEB ACCESS VIA AN ORIGINAL CD
US8417953B2 (en) 2004-12-30 2013-04-09 Koninklijke Kpn N.V. Method and system for restricted service access
EP1798659A1 (en) * 2005-12-19 2007-06-20 Axalto SA Personal token with parental control

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5191611A (en) * 1989-04-03 1993-03-02 Lang Gerald S Method and apparatus for protecting material on storage media and for transferring material on storage media to various recipients
US5590197A (en) * 1995-04-04 1996-12-31 V-One Corporation Electronic payment system and method

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5191611A (en) * 1989-04-03 1993-03-02 Lang Gerald S Method and apparatus for protecting material on storage media and for transferring material on storage media to various recipients
US5590197A (en) * 1995-04-04 1996-12-31 V-One Corporation Electronic payment system and method

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2340704A (en) * 1998-07-28 2000-02-23 Blackcoat Limited Network communication
US6476833B1 (en) 1999-03-30 2002-11-05 Koninklijke Philips Electronics N.V. Method and apparatus for controlling browser functionality in the context of an application
DE19964077A1 (en) * 1999-10-07 2001-04-12 Dietz Gislinde Non-erasable operating system extension for computers and Internet access devices
KR100750611B1 (en) 1999-10-15 2007-08-20 톰슨 라이센싱 A user interface for a bi-directional communication system
US7363245B1 (en) * 2000-03-31 2008-04-22 Intel Corporation Electronic product packaging and distribution for e-Commerce
GB2366888A (en) * 2000-04-14 2002-03-20 Ibm Restricting data access to data in data processing systems
EP1346306A1 (en) * 2000-11-30 2003-09-24 Nokia Corporation A method and system for distributing electronic content

Also Published As

Publication number Publication date
AU6406498A (en) 1998-09-09
FR2760159B1 (en) 1999-05-14
EP0963575A1 (en) 1999-12-15
FR2760159A1 (en) 1998-08-28

Similar Documents

Publication Publication Date Title
WO1998037480A1 (en) Method for restricting access and navigation possibilities of an internet terminal
EP1044436B1 (en) Method for communication between a user station and a network, in particular such as internet, and implementing architecture
WO2006084960A1 (en) System for automatic selection of authentication
WO2006053958A9 (en) Portable personal mass storage medium and computer system with secure access to a user space via a network
EP1473904A1 (en) Method and system for accessing peer to peer networks
WO2003051055A1 (en) Protocol for controlling the mode of accessing data transmitted in point-to-point or point-to-multipoint mode
EP1537718B1 (en) Automatic authentication selection server
EP0803790A1 (en) Method of concealing a secret code in a computer authentication device
EP1637989A1 (en) Method and system for the separation of accounts of personal data
EP0928445B1 (en) Method for conditionally accessing an internet resource from a terminal equipped with a microcircuit reader card
CA2414469A1 (en) Container access control process and container access control system
EP1051009A1 (en) Virtual server providing security services
EP1139637A2 (en) Method and system to have privileges granted by an access manager in a communications network
WO2017207894A1 (en) Method for providing personal information of a user requested by a given online service
EP1326399B1 (en) Method for securing the download of active data to a terminal
EP1503563A1 (en) Security method for requesting access to services, terminal and software module to implement the method
FR2811494A1 (en) Data access management system for internet uses user and site characteristics to prevent access
EP1894407B1 (en) Method and device for making secure access to multimedia contents
EP1168844B1 (en) Method for secure transaction between a user and a provider
FR2795582A1 (en) DEVICE AND METHOD FOR CONTROLLING ACCESS TO AT LEAST ONE SERVICE AVAILABLE FROM A TELECOMMUNICATIONS TERMINAL CONNECTED TO A TELECOMMUNICATIONS NETWORK
FR3114714A1 (en) A method of accessing a set of user data.
FR3102327A1 (en) Method for managing the contents of a computer interface for a vehicle
Miller et al. Regulation of the Internet: A Technological Perspective
FR2941835A1 (en) Information source surveillance method for information network i.e. internet, involves receiving information from information source followed by one of subscriptions of list, and returning received information by navigator
FR3030820A1 (en) METHOD FOR ACCESSING DIGITAL CONTENT IN A COMMUNICATION NETWORK USING TERMINAL EQUIPMENT CONNECTED WITH THE COMMUNICATION NETWORK

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): AL AM AT AU AZ BA BB BG BR BY CA CH CN CU CZ DE DK EE ES FI GB GE GH HU IL IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MD MG MK MN MW MX NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT UA UG US UZ VN YU ZW

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): GH GM KE LS MW SD SZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH DE DK ES FI FR GB GR IE IT LU MC NL PT SE BF BJ CF CG CI CM GA GN ML MR NE SN TD TG

WWE Wipo information: entry into national phase

Ref document number: 1998909569

Country of ref document: EP

121 Ep: the epo has been informed by wipo that ep was designated in this application
REG Reference to national code

Ref country code: DE

Ref legal event code: 8642

NENP Non-entry into the national phase

Ref country code: CA

WWP Wipo information: published in national office

Ref document number: 1998909569

Country of ref document: EP

WWW Wipo information: withdrawn in national office

Ref document number: 1998909569

Country of ref document: EP