Abstract: Embodiments of the present invention provide a method and system for validating remote database updates over a network. A local database record and a remote database record may be compared and exceptions may be generated. Each exception may describe a discrepancy between the remote and local database records. An exception identifier may be associated with each exception, where the exception identifier may be associated with an identifier of the record. An event identifier may be associated with each event in the update, where the event identifier may be associated with an identifier of the record. The events and exceptions that correspond to the record may be compared to determine whether the update is valid.

Abstract: An automated system and method to permit users to find and register available domain names in numerous different ccTLDs. The system provides real-time searching of large numbers of ccTLDs for each user so that during a single web session, the user can simply select the available ccTLDs from the resultant list, and purchase the desired ccTLDs online. The system also formats the user's information in the appropriate manner for each selected ccTLD and performs the necessary electronic transactions to register the ccTLDs.

Abstract: A method of restricting access to private keys in a public key infrastructure provides for storage of an encrypted private key at a primary site. A masked session key is stored at a secondary site, where the masked session key enables recovery of the private key. By using distributed storage architecture for recovery data, simplification can be achieved without sacrificing security.

Abstract: A method for real-time bundled call processing and billing telecommunications services includes the steps of recognizing a real-time bundled account access call at a telecommunications carrier switch, and routing the real-time bundled account access call to a real-time bundled call processing and billing call management platform coupled to the telecommunications carrier switch. An account number and an optional personal identification number associated with the account are collected and verified. A destination number is then collected. A customer credit profile associated with the real-time bundled account is obtained from a database, and a method of computing charges associated with terminating the call to the collected destination number is determined. Next, whether the customer credit profile permits the call is determined. The call is released to the telecommunications carrier switch for line termination if it is permissible, and the call is monitored for call completion.

Abstract: A method and system for registering and automatically retrieving digital-certificates in voice over Internet protocol (VOIP) communications. In accordance with an embodiment of the present invention, the method includes receiving a digital voice call setup request with an associated caller certificate from a caller and determining a location of a called party identified in the digital voice call setup request. The method also includes transmitting the digital voice call setup request with the caller certificate to the called party and receiving a called party acceptance message. The method further includes verifying the called party acceptance message and transmitting the called party acceptance message and a called party certificate to the caller.

Abstract: Embodiments of the present invention provide a method and system for processing query messages over a network. Specifically, a plurality of queries may be extracted from a plurality of query messages received from a plurality of users over a network. A number of queries, included in the plurality of queries, may be determined, and a current sequence number may be associated with the plurality of queries. A request message may be created including the plurality of queries, a first sequence number equal to the current sequence number and a first message count equal to the number of queries. The request message may be sent to a search engine and a response message may be received from the search engine. The response message may include a plurality of replies, a second sequence number, a second message count, a third sequence number and a third message count. A plurality of reply messages may be created from the plurality of replies and sent to the plurality of users over the network.

Abstract: Methods for regenerating a strong secret for a user, based on input of a weak secret, such as a password, are assisted by communications exchanges with a set of independent servers. Each server holds a distinct secret value (i.e., server secret data). The strong secret is a function of the user's weak secret and of the server secret data, and a would-be attacker cannot feasibly compute the strong secret without access to both the user's weak secret and the server secret data. Any attacker has only a limited opportunity to guess the weak secret, even if he has access to all messages transmitted in the generation and regeneration processes plus a subset (but not all) of the server secret data.

Abstract: Methods and systems for processing query messages over a network are embodied in the present invention. The processing includes extracting a group of queries from query messages received from system users over a network, and associating a current sequence number with the group of queries. A request message is prepared including (i) the queries of the group, (ii) a first sequence number equal to the current sequence number, and (iii) a first message count equal to the number of queries included. The request message is then sent to a search engine and a response message received from the search engine. The response message including (i) a plurality of replies, (ii) a second sequence number, (iii) a second message count, (iv) a third sequence number, and (v) a third message count. The replies are placed in reply messages for forwarding to the users who submitted the query messages related to the replies.

Abstract: A method and system for registering and automatically retrieving digital-certificates in voice over Internet protocol (VOIP) communications. In accordance with an embodiment of the present invention, the method includes receiving a digital voice call setup request with an associated caller certificate from a caller and determining a location of a called party identified in the digital voice call setup request. The method also includes transmitting the digital voice call setup request with the caller certificate to the called party and receiving a called party acceptance message. The method further includes verifying the called party acceptance message and transmitting the called party acceptance message and a called party certificate to the caller.

Abstract: The prepay telecommunications system (60) includes a prepay call management platform (50) which is directly coupled to a telecommunications carrier switch (24). A customer database (116) is coupled to the prepay call management platform (50) for storing prepay customer data, and a plurality of customer interface facilities (62, 64, 66, 68, 80) are provided for accepting customer prepayment and immediately updating the customer database (116). The prepay calls are recognized by the mobile identification number and is routed to the prepay call management platform (50) coupled to and co-located with the telecommunications carrier switch (24). The customer account balance associated with the prepay call is looked up in a customer database (116), and the maximum allowable call duration in response to the customer account balance is computed. The prepay call is then released to the telecommunications carrier switch (24) for line termination. At the same time, a call duration timer is started.

Abstract: As part of a security infrastructure based on public-key cryptography, a first digital certificate (200) is issued by a first certification authority (104) to a first subscriber (102) and binds the first subscriber (102) to a first public key (210). The first public key (210) corresponds to a first private key held by the first subscriber (102), and the first public key and the first private key form a key pair for use in public-key cryptography. The first digital certificate (200) is digitally signed by the first certification authority (104) and includes subscriber information (206) pertaining to the first subscriber (102) and related certificate information (216) at least partially identifying a second digital certificate (200). The second digital certificate (200) is issued by a second certification authority (104) to a second subscriber (102) and is digitally signed by the second certification authority (104).

Abstract: A local server (202) locally hosts the provision of digital certificate services to a client (102); while a central server (104) provides the actual digital certificate services. The local server (202) transmits (304) a custom entry form (210) to the client (102). In response to the client's (102) use of the custom entry form (210), the client (102) transmits (306) a standard request for digital certificate services to a central server (104), possibly via the local server (202). The central server (104) fulfills (310) the request, generating a standard response. The standard response is transmitted (312) to the local server (202), which generates (314) a custom display of the results contained in the standard response. The custom display is transmitted (316) to the client (102), fulfilling the client's request. Information is provided (320,330), enabling the local server (202) to create (322) appropriate custom entry forms (210) and to generate (314) the custom display from the standard response.

Abstract: Methods, systems, and articles of manufacture consistent with the present invention provide an improved query server that overcomes the shortcomings of existing domain name searching techniques by performing a multitude of searches simultaneously, transparent to the user. Specifically, the improved query server searches for existing domain name records in various domains and then displays the results in a formatted manner, thus eliminating the need for a user to perform individual searches.

Abstract: Embodiments of the present invention provide a method and system for high-speed database searching with concurrent, transaction-based updating for large database systems. Specifically, a plurality of search queries may be received over a network, the database may be searched, and a plurality of search replies may be sent over the network. While searching the database, new information may be received over the network, a plurality of new database elements may be created based on the new information, a dirty bit may be set within each new database element, a pointer to each new database element may be written to the database using a single uninterruptible operation, and the dirty bit within each new database element may be cleared.

Abstract: Embodiments of the present invention provide a method and system for high-speed database searching with concurrent updating, without the use of database locks or access controls, for large database systems. Specifically, a plurality of search queries may be received over a network, the database may be searched, and a plurality of search replies may be sent over the network. While searching the database, new information received over the network may be incorporated into the database by creating a new element based on the new information and writing a pointer to the new element to the database using a single uninterruptible operation.

Abstract: Embodiments of the present invention provide a method and system for validating remote database updates over a network. A local database record and a remote database record may be compared and exceptions may be generated. Each exception may describe a discrepancy between the remote and local database records. An exception identifier may be associated with each exception, where the exception identifier may be associated with an identifier of the record. An event identifier may be associated with each event in the update, where the event identifier may be associated with an identifier of the record. The events and exceptions that correspond to the record may be compared to determine whether the update is valid.

Abstract: Embodiments of the present invention provide a method and system for processing query messages over a network. Specifically, a plurality of queries may be extracted from a plurality of query messages received from a plurality of users over a network. A number of queries, included in the plurality of queries, may be determined, and a current sequence number may be associated with the plurality of queries. A request message may be created including the plurality of queries, a first sequence number equal to the current sequence number and a first message count equal to the number of queries. The request message may be sent to a search engine and a response message may be received from the search engine. The response message may include a plurality of replies, a second sequence number, a second message count, a third sequence number and a third message count. A plurality of reply messages may be created from the plurality of replies and sent to the plurality of users over the network.

Abstract: A method and system for updating a remote database over a network. A plurality of periodic updates, called sendfiles, based on incremental changes to a local database are generated. Each of the periodic updates includes at least one transaction. An initialization update, called an initializing sendfile, including a version of the local database at a start time is generated. Additionally, an identifier associated with the last periodic update generated before the start time and an identifier associated with the last transaction committed prior to the start time are generated.

Abstract: A method (200) for assigning a key pair to an entity, such as a certification authority (CA 102), includes the following steps. A key pair is generated (210). It includes a private key and a public key which form a key pair for use in public-key cryptography. The key pair is stored (220) in a cryptographic signing unit (CSU 140). The CSU (140) is then activated (230). A request for a key pair is received (240) from the entity (102). Responsive to the request, the key pair is assigned (250) to the entity (102). In a preferred embodiment, an identifier (312) is assigned to the key pair and preferably is different from identifiers assigned to other key pairs stored in the CSU (140). The identifier (312) is then included in a digital certificate (300) issued to the entity (102).

Abstract: The invention is a Roaming Solution network system, the system including a Roaming Server, a National Location Register, and an 800 number Remote Switching Unit. The system is integrated with a standard SS7 type telecommunications network and further coupled to an account based billing and call control platform that allows registered wireless credit limited subscribers to place and receive calls when roaming outside of their Home Provider's network. The invention verifies that the wireless subscriber's account balance is sufficient to place or receive the call, translates the account balance into talk minutes, and monitors the call for talk duration. The Roaming Solution network system is further operable such that if the wireless subscriber exceeds the available account balance, the system tears down the call in the first negative minute and immediately decrements the wireless subscriber's account.