Re: An accounting question...

To: www security <www-security@ns2.rutgers.edu>
Subject: Re: An accounting question...
From: Gene Ingram <gene@hpfsvr01.cup.hp.com>
Date: Thu, 25 Apr 1996 16:46:47 -0700
Organization: Hewlett-Packard Co.
References: <9604250919.AA13512@iii.org.tw>
Reply-To: www security <www-security@ns2.rutgers.edu>

-----BEGIN PGP SIGNED MESSAGE-----

Chih-Hung Feng (791018) wrote:
> 
> Hi:
> 
>     Could someone enlighten me on the following question?
> 
>     A local company(not the one I am employed) is thinking about
> providing database service on the net. The idea is put a database
> on the Internet and allow users to extract the information through
> WWW interface. The requirements are:
> 
>     1.  the users must identify themselves before viewing the
>         document,  and
>     2.  the users are charged with the quantity of information
>         (pieces of documents/Mbytes/etc) being received.
> 
>     The first req. can be easily satisfied, but the second really
> beats me. How can I identify those requests from a valid user who
> has successfully passed earlier I&A stage? How can I make sure these
> requests are from that user, while someone else can be using his
> system at the same time?
> 
>     If what I described is too vague to understand, please tell
> me and I would like to give more details. Any ideas (even that
> you think it is impossible based on current web server behavior)
> would be greatly appreciated. Thank you very much for your time.
> 
> --
>    Chih-Hung Feng <chfeng@iii.org.tw>

Although I don't know if web server technology has advanced to a 
level of security where you are ensured that uploads charged to a 
subscriber can be documented to prevent dispute of charges, there is 
a major newspaper in the states which charges subscribers a flat fee 
for each article uploaded in their news database.  The San Jose 
Mercury News ``News Library'' site (in San Jose, California) maybe 
helpful to you in modelling a potential solution:

http://spyglass.sjmercury.com/library/

Also, secured server http protocol, which is used by the banks and 
others for transmitting secured data over the world wide web, maybe 
also of value.  Good luck.

Gene

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMYAOZc4N33uf66GRAQGdkgP/dBToMF3Y2cWgWDWfMhnoVKZTbv6NAMa0
bMJHXtVqpw418jzp56c7o5wAn4ZkCwx8pFtmMbDqlb8Ot3qJ9Yo5IkhmgBR/93Uz
6N81I8t6Lnc8UywzB9WE41dn9p01Hwl+DJc800CzVjQjBOnPNiflCZnxM87n8uE5
Q0U8e1x5Atk=
=fO8M
-----END PGP SIGNATURE-----

-- 
``Imagine if every Thursday your shoes exploded if you tied them 
  the usual way. This happens to us all the time with computers, 
  and nobody thinks of complaining.''  -Jeff Raskin

   ______                  gene@cup.hp.com
  /\__  _\                   ingram@pubs.holosys.com
  \/_/\ \/     ___      __   _ __    __      ___ ___
     \ \ \   /' _ `\  /'_ `\/\`'__\/'__`\  /' __` __`\
      \_\ \__/\ \/\ \/\ \L\ \ \ \//\ \L\.\_/\ \/\ \/\ \
      /\_____\ \_\ \_\ \____ \ \_\\ \__/.\_\ \_\ \_\ \_\
      \/_____/\/_/\/_/\/___L\ \/_/ \/__/\/_/\/_/\/_/\/_/
                        /\____/
________________________\_/__/____________________________________
PGP UserID: "Gene Ingram <gene@cup.hp.com>"
Key Size: 1024 bits; Creation date: 21 March 1996; KeyID: 9FEBA191
Key fingerprint:  93 E1 15 E6 35 BC B2 84  B2 7B 39 76 29 72 32 72

--3D signature created courtesy of ``Figlet Ascii Font Converter''
  <http://mediacube.datacom.de/cgi-bin/moniteurs/figlet>

References:

An accounting question...

From: chfeng@iii.org.tw (Chih-Hung Feng (791018))

Previous: ANNOUNCE: new Microsoft Code Signing mailing list
Next: UNSUSCRIBE
Index(es):
- Index
- Thread