Abstract: This disclosure relates to methods and systems for automatically securing and validating multi-server electronic communications over a plurality of networks, without requiring additional physical or programmatic infrastructure on the intermediary servers. A processor-executable component can be transmitted from a first server to a compute device, where it generates a pair of asymmetric cryptographic parameters. The first server uses one of those parameters to verify subsequent communications from the component and respond with tagged privacy communication strings, which the component can provide to a second server as part of a secure communication exchange. The first server can then receive secure communication exchange approval request from a third server and analyze the request to determine a validity metric.

Abstract: This disclosure relates to methods and systems for automatically securing and validating multi-server electronic communications over a plurality of networks, without requiring additional physical or programmatic infrastructure on the intermediary servers. A processor-executable component can be transmitted from a first server to a compute device, where it generates a pair of asymmetric cryptographic parameters. The first server uses one of those parameters to verify subsequent communications from the component and respond with tagged privacy communication strings, which the component can provide to a second server as part of a secure communication exchange. The first server can then receive secure communication exchange approval request from a third server, and analyzes the request to determine a validity metric.

Abstract: This disclosure relates to methods and systems for automatically securing and validating multi-server electronic communications over a plurality of networks, without requiring additional physical or programmatic infrastructure on the intermediary servers. A processor-executable component can be transmitted from a first server to a compute device, where it generates a pair of asymmetric cryptographic parameters. The first server uses one of those parameters to verify subsequent communications from the component and respond with tagged privacy communication strings, which the component can provide to a second server as part of a secure communication exchange. The first server can then receive secure communication exchange approval request from a third server, and analyzes the request to determine a validity metric.

Abstract: Various exemplary embodiments relate to a system for storing encrypted data and providing access to a group of users. The system may include: a record of user accounts including: a user identifier and a public encryption key; an access control list (ACL) defining an access control policy including: permissions defining access to data objects associated with the ACL and an ACL key list including copies of a an ACL key encrypted with the public keys of the users; a user-data storage medium including: encrypted user data, stored as a plurality of data objects, each object associated with an ACL and encrypted with the ACL key, and meta-data; and an access controller configured to: receive a request for a data object, and send a copy of the data object and the ACL key encrypted with the public key of the user if the user has permission to access the data object.

Abstract: Various exemplary embodiments relate to a system for storing encrypted data and providing access to a group of users. The system may include: a record of user accounts including: a user identifier and a public encryption key; an access control list (ACL) defining an access control policy including: permissions defining access to data objects associated with the ACL and an ACL key list including copies of a an ACL key encrypted with the public keys of the users; a user-data storage medium including: encrypted user data, stored as a plurality of data objects, each object associated with an ACL and encrypted with the ACL key, and meta-data; and an access controller configured to: receive a request for a data object, and send a copy of the data object and the ACL key encrypted with the public key of the user if the user has permission to access the data object.

Abstract: A system for electronic commerce (10) having personal agents (12 and 13) that represent consumers and providers in a virtual marketplace (28). Consumer personal agents conceal the identity of the consumer and are capable of creating decision agents (14) that shop for products and assist consumers in comparing and ranking products. Provider personal agents are capable of creating demand agents (16) that quantify demand and target specific consumers without learning the identity of the consumers. Based on data generated by the activities of the decision agents and on preference data maintained by consumer personal agents, provider personal agents can quantify current, historical, and future demand, simulate demand, and target specific consumers for advertising and other messages. Provider personal agents can cooperate with consumer personal agents to collect data about reasons for sales and lost sales and to offer consideration payments to consumers.

Abstract: One aspect of the invention relates to a technique for effecting payment, and involves: presenting a portable device; and causing the portable device to output a pseudo payment code.

Abstract: A method is provided for separating people from direct access to personally identifiable information. The method involves use of a rules-based section which selectively blocks access to personally identifiable information where the access fails to comply with specified rules, and which selectively permits access to personally identifiable information where the access abides with the specified rules.

Abstract: A card access system providing support for multiple card readers and cards. The system providing a common programming interface for applications to perform a generic card access instruction set. The system automatically interpreting and translating the generic card access instruction set into native commands for a particular card reader and a particular card. The cards including integrated circuit or “smart” cards.

Abstract: An access control/crypto system having a smart card reader and an access control program for requesting information from a user to determine if the user is authorized to access the computer. The access control/crypto system uses encryption and smart card technology as a means for securing files stored on the system, telecommunicated globally, or archived to a chosen media. The system includes an access hierarchy, combined with the issuance of smart cards, to control the various levels of access provided by the system. Further, the present system provides secure file transfer by encrypting sensitive files at a first site, transferring the encrypted version to a second site, providing an authorized user at the second site with a secret password, and decrypting the file at the second site using the secret password under control of the authorized user.