23. The method of Claim 3, wherein the authentication code is entered via a smart card.
APPENDΓX "A"
AUTHENTICATION PROCESS FOR HOMETRADE.COM (A WEBSITE FOR E-COMMERCE
TRANSACTIONS)
TREE VIEW
Files
I l. www.espacctech.cora www. bometnιde.htαι | dispia random.jsp j homctradcjsp
I MerLogi java ( oyenok.mcr.MerLogin)
I MςrLogitclaM
I) HTML FILES
No. Name p<yripijiόn online) Where to be found
1. ' ww.espacctech.com http wwιr.espacetech.com online
2. www.hoinetrade.com nπp;//203.197.138.75/horr»ctrade.htm in GIFiO JPECl
No. Name. Where to be found online
33
disnlayrandom.isn
<script language="JavaScript"> function timer() { setTimeout("window.status-CIosing in 10 seconds'", 1000); setTiπjeoutfwindow. status- Closing jri 9 seconds'", 2000); setTirneout("window.status- Closing n 8 seconds'", 3000); setTimeout("window.status=
,Closing in 7 seconds'", 4000) setTimeout("window.status- Closing in 6 seconds'", 5000), setTιmeout("\vindow.status-CIosing in 5 seconds'", 6000); setTinieout("window.status- Closing in 4 seconds'", 7000) setTjmeoutf indow.staius^Closing in 3 seconds'", 8000); setTirηeout("window.status- Closing in 2 seconds'", 9000) setTimeout("window.status='Closing in 1 seconds'", 10000); setTιmeout("this.closeO", 11000);
<Vscript>
</head>
<body onLoad="timeτ0" center>
<font face="Arial">Your Transaction ID is <B><%^equest.getPararneter(,,randomval")%>< B>< font>
</ceπter> < body> <html>
hoπ etrnde.isn
<html>
<head>
<title>OyeNo Auth. V<Λitle>
< head>
<jsρ:useBean id="user" scope="page" class»"oyenok.mer.MerLogiπ"> -^jsprsetProperty name="user" property5*"*" > <% if (luser.callUserO) { %>
34
<body>
Not a Registered User <% } else { %>
<body oru^ad="lo<»tion.href=lhttp://www.hometrade.α)nVdefaΛilt.asp?M27PlU=HomePage&
ISPATCHER=HTS_HPG_004,">
<center> You are successfully* authorized, you will be taken to hometrade.com < center> <% 1 %> < jsp:useBean> < body> < html>
MerLoein.java package oyenok.mer; import java.sql. public class MerLogin String name; String password; String random; public String getNameO { return name;
} public void setName(String name) { this, name = name;
} public void setPassword(String password) { this, password = password;
} public void setRandom(3tring random) { this.random - random; }
public boolean callUserO { try {
Class.forName("sun.jdbc.odbc db OdbcDriver");
Connection con =» DriverMa ιager.getCorιnection("jdbc:odbc:oycnokDSN" sa",""); Statement st =■ con.createStatementO;
35
String query = "SELECT creditho from USERJDETAILS WHERE userid-"1 + name + "•";
ResultSe rs = st.executeQuery(query); rs.nextO;
String ccID = rs.getString(l); oyenok.authenticate.AuthTeέt obj = new oyeπok. authenticate. Au thTesiQ; obj.setκandom(ccID, random, ""); return oDJ.authenCaU(ccID); }catch(Exception e) { return false; }
Result$et rs = st.executeQuery(query); rs.rie tO;
String ccID = rs.getString(l); query = "UPDATE USER_DETATLS SET randomno=m + random + m WHERE userid='" + nime + "'"; st.executeUpdate query); oyenok.autnew.ClassJ ob ήull; try { '
String strArr[] * new String[l]; strA r{0] =■ ccID; corn.ϊinar.jintegra,. Authlnfo auth nfα - new com.linar.jintegra.AuthlnfoCWorkgrpup", "Administrator", ""); obj = nejw oyenok.autnew.Classl("10.10.1.36", authlnfo); return obj.caHNumb(strArr); }catch(Exceρtion e) (
System.but.println(e); return false; }finally{ com.linar.jintegra.Cleancr.release(obj);
} }catch(Exception e) {
36
System.out.println(e); return false;
} public static void main(String agsfj) {
System, out. println(new MerLogin().callUserQ)
} } authentication.dll
Dim WithE vents VoiceBocxl As VoiccBocx
Dim Bag As Boolean
Dim ivrConn As ADODB.Conneciion
Dim ivrRs As ADODB.Recordscl
Dim temp As Integer
Private Sub ϊnitializεO
I S t VoiceBocxl * New VoiccBocx Hag = False
VoiceBocxl. Log - LOG_Detai d Set chConn * CrεateCtject("ADODB.Connection") Set chRs - Cιeateθ3J< t("ADODB.Recόrdset") chConn-Opαi "sa DSN", "sa", "" "
Set VoiceBocxl » New VoiccBocx
' Set the Logging level to 'Detailed' VoiceBoc l. og = LOG_Dctailed
' Assign the TninkChannel from the command line argument (if any) If n(Cornrnand) > 0 Then
VoiceBocxl. TrunkChannci = Val(Command) Else
1 The default channel is the 1st channel (numccr zero.)
VoiceBocxl. TrunkChannel = 0 End If
Private Sub Tcrmina eQ
Set VoiceBocxl = Nothing ivxConaGose
Set ivrRs * Nothing
37
Set ivrConn = Nothing
End Sub
Private Sub HandlcOutboundCallQ
Dim random, llnput, .Number As String Dim ccNo, telnp, autld As String Dim flagl As Boolean
If VoiceBocx 1.HangupIsRunUmeError = True Then • MsgBox "Caller H'urigUP" flagl ■ False Flag ■ False End If
If flagl = False Then
•MsgBox ("Playing Welcome Message.")
VoiceBocxl. PlayFile {"C:\messages\wclcornc7.vox )
VoiceBocxl .PlayFile ("C:\messages\transId.vox") llnput = VoiceBocxl.GetDigits(13, 20, 15, "#")
Dim Length % Length - Lcnfllnput) Length - Length - 1 llnput - Midfllnput, 1, Length)
Dim tempi tempi - ivrRs.Ficlds(7) & ivrRs.Fields(10)
If llnput - Val(te pl) Then VciccBocxLPlayFile ("C:\-nessages\thanks0.vox ) •MsgBox "the User is Authenticated" Flag = True Else
MsgBox The user is Invalid"
VoiceBocxl.PlayFile ("C:\messages\notautherror.vpx )
Flag - False End If
ErrorTrap: • If it is a hangup, exit normally .^
If VoiceBocxl .TninkStateName - "RemoteDtsconnected men
' MsgBox ("Caller hung up.") Call VoiceBocx l.DisconnectCall Call Terminate End If
End If End Sub
38
Set ivrGonn - CreateObject("ADODB Connection") Set ivrRs » CreateObjcctC ADOD B.Recordset") ivxConaOpen "chDSN", "sa", ""
"MsgBox "Inside Testing Again" Call Initialize sql = "Select * from user_dctails where credimo =" & _
"•" & ccNum & "" ivrRs.Opcn sql, ivrConn, adOpenD}τιamic,|adLockOptimistιc phoneNumbcrS = ivrRs.Fields(4)
Call VoiceBoc l.MakcCall(phoneNumber$, True)
Select Case (VoiccBocx LTrunkStateName) Case "Connected" If (VoicejBocxl.GlareDetccted) Then
' MsgBox "Glare - Connected Inbound" Call VoiceBocx l.DisconnectCall Call Terminate End lf
' MsgBox "Connected Outbound" Call HaiidleOutboundCall
Case •NoConncct" ' MsgBox "NoConnect" End Select ivrRs. Close
Call Terminate DialNumb = Flag
End Function
39
APPENDIX »B"
AUTHENTICATION PROCESS FOR BirVBOOK.COM (A WEBSITE FOR E-COMMERCE
TRANSACTIONS)
TREE V EW
Filca
1. buybook.htm
I 1. displayrandom.jsp
I 2. 2u.thcnticate.jsp
1. Evcntupdate.class.-i- Evcπtupdattjava (oycnok-authcnticatcEvcntupdate)
I ) HTML FILES
No. Name Descrintion Where tp be f niinj i. buy ook.htm The stimulated Buy Book Site \examples\oycnok\
No. Name. Where to be nhced
1. displayrandom.jsp \cxampIes\oycnck\
2. authcnticatc.jsp \examples\oyenok\
TV) JAVA BE ANsf Source files)
No. Name. Extension Descrintion Where to be obced
1. Eventupdatc Java \cla55CSl.oyeimk\autheaticate\
40
Buvbook.htm
<html>
<head>
<meta httr>^q,uiv="Conteήt-Language" coηteht="en-us">
<meta http-equiv="Content-Type" content="text html; charset=windows-1252">
<titIe>ABC Book Stall< titie>
<s ript language=Hjavascript > function creditcheck()
{
}
< script>
< head>
<body> .
<table width="91%" border="0" cellpadding="0" cellspacing="0" height="576w>
<td width="100%" height="140" valign="top" align="left"ximg border="0"
<tr> <td width="100%'' height="2rx/td>
<tr> <td wid
<table idth=" 100%" border="0" cellpaddiήg="0" cellspacing="0">
<td idth="10%"x/td> <Λr> <ΛabIe> </td> </tr>
41
<tr>
<td width=" 100%" height="33">
<tabie width=κ 100%" border=H0" ceilpadding='^', ceHspacing="0 > <tr> <td width=" 12%"> </td> <td width=H7S%H bgcolor=H#C0C0C0M <p align="center">Library </td>
<td width=M 10%"> </td> </tr> < table> < td> </tr> <tr>
<td width=H 100%" height=N33M> <table width="101%" border="0" cellpadding^O" cellspacing="0"> <tr>
<td width=H12%M> </td> <td width="76%" bgcolor="#C0C0C0"> <p align="center">Research < tdi>
<td width=n13%"> </td> < tr> </table> < td> </tr> <tr>
<td width=" 100%" height="33M> <table idth="100%H border="0" cellpadding=M0M cellspacing=="Ow> <tr> <td width=H12%">&nbsρ;< td> <td width="77%" bgcolor="#C0C0C0h> <p align="c nter">Online Notes </td>
<td width=" l l%"> < td> </tr> <ΛabJe> </td> </tr> <tr>
<tr> <td vvidth=
H 13%
H>&ιιbsp;</td> <td vvidih="7()
J/o
H bgcolor=
H#C0C0C0"> <p align=
Mcenier">Security
42
</td>
<td idth=" l l%"></td> ■-Λr> </table> </td> </tr> <tr>
<td width=" 100%" height="33"> <table width=" 100%" border="0" cellpadding="0" cellspacing="0"> <tr>
<td width=" 13%"> </td> <td width="76%" bgcolor="#C0C0C0">
<p align- ,center">AuthorJs Notes </td>
<td width="l l%"> </td> </tr> < table> < td> </tr> <tr>
<tr>
<td width="100%" height=M21"> </td> </tr> <tr> <td width--" 100%" height="21"> </td> < tr> <tr>
<td width="100%" height="21 M> < td> </tr> <tr>
<td idth=" 100%" height="21 "></td> </tr> <tr> <td width-" 100%" height- '2rx/td> </tr> </tabl > </td>
<td width="8 - ό" valign="top" align=MleftM height="540"> <table width "99%" bordcr=H0" cellρadding="0" eellspacing="ϋ" hcight="463">
<tr>
<td width-- -"04%" hεight=H58" valign= baselinett align="center"ximg border=H0"
43
</tr> <tr>
<tJ width="247H><forif face=verdana,arial,helvetica size=-l><b>Shopping Cart Items— To Buy Now<yb></t nt></td> <td width="26B>
</td>
<td width="52"> </td> <td width=M 161"> </td> < tr> <tr> <td width="24H valign=MTOPM>
<img alt=HIcon" border="0" src=Himages/icon-vhs.giP width="22" height="22"> </td>
<td bgcolor=H#FFFFFF" width="247">
<a href=7exec/obidos ASIN/B00000K02F/l 04-7652825-2097546Hxem>Prenatal Yoga with Colette Crawford< em>< a>
<br> <b>VHS b>
<br>
Usually ships in 24 hours^BR> <Λd>
<td align=ccnter bgcolor="#FFFFFF" width="26">
<input type'- 'text" narne=quantity.B00000K02F size=4 maxlength=4 value=l
</td>
<td width="52" b-color="#FFFFFF"> f;mt size . face=vcrdaπa,arial,helvetica color=#000000> NUβK.—-b Uι:r Price: <font color=#990000>$24.95</font vbX NOBRxbr>
44
</font> </td> <td a!ign=right width="161H>
<input border="0" name=Hsubrnit.rnove-to-save.B00000K02F" src="images sbutton- save-for-later.gif" type="image" value="Save item" width="70" height=H14"> <p>
<input align="rightM border=H0M name=!"submit.delete.B00000K02F" src="images sbutton-de!ete.gir type="image" vaIue="Delete item" width="42" height=" 16">
< td> </tr> <tr> <td colspan=5 width="467M> < td>
</tr> <tr> <td width="24" valign="TOP">
<img ah "IconM border="0" src^images/icon-books.gif' width="22" height="22n> < td>
<td bgcolor="#FFFFFFH width=M247M>
<a href=7exec/obidos/ASIN/0130893404/I04-7652825-2097546" em>Core Servlets and JavaServer Pages (JSP)< em></a>
<br>
Marty Hall;
<b>Paperback</b>
<br>
Usually ships in 24 hours<BR> < td>
<ld nlign=ccnu:r hvcolor=7>FFFFFFM widιh=M ό"> <inpu. type- 'text" naιr.e=--quaniity.0130S93404 size=4 maxlength=4 value=l>
</td>
<td width="52M bgcolor="#FFFFFF"> <fυnt size=2 iace-vcruj ararial, helvetica co r---#000000>
45
<NOBR>List Price: <strike $42.99< strike></NOBRXbr> ,'CCPv><b>Our Price. <font co!or=#9900Q0>S34 </font></b></NOBR><br> :NOBR>You Save: <font coior=#990000>$8.60 (20%)</font></NOBR>
< font> <Λd>
<td align=right width=H 61 M>
< td> < tr> <tr>
<td colspan=5 width="467"> </td>
</tr> <tr> <td width="24" valign="TOP">
<img border=0 width=22 height— 22 src=images/icon-vhs.gif alt=Icon> </td>
<td bgcolor="#FFFFFFM width="247H>
<a href=7exec/obidos/ASlN/0783222955/104-7652825-2097546"Xem>To Kill a Mockingbird</emx/a>
(19o )
<br"'
GJ ι.-ιory Peck;
<b VHS< b ; Widescreen
<br>
Uό' !.y ships in 24 hours<~BR> -Vld>
46
<td align=center bgco or=H#FFFFFF" width="26"> <input .ype="text" name=quantity.0783222955 size=4 maxlength=4 value=l>
< td> <tdwidth=" 2H bgcolor="#FFFFFF">
<font size=2 face=verdana,arial,heivetica color=#000000>
<NOBR>List Price: <strike>$19.98</strjkex/NOBR br>
<NOBR><b>Our Price: <font color=#990000>$131.99< fόnt><Λx NOBRXbr>
<NOBR>You Save: <font color=#990000>$5.99 (30%)</fontx NOBR> < font>
</td>
<td align=right width="16P>
<Λd>
< tr>
<tr>
<td colspan=5 width="467"> <Vtd>
</tr>
<tr> <td align=right cplspan=2 valign=middle width="273,'> If you changed any quantities, please start again. <Λd> ' ' '
<td valign=middle width="26">
</td>
47
<td colsρan=2 width="2l5">
<font face=verdana,arial,helvetica size=-lxb>Subtotal: <font co]or=#990000>$73.33 </fontx/oxp>
</font>
< td>
</tr: <tr> <td align=right co!span=5 vajign=middle width="513">
<form name="transactH methbd="post" action=""> <tr>
<td width="18"><inρut type=" adio" value="new-card" name="payment-method" checked></td> <td width="145"><select name="issuerH> <option value^V^Visa <option value="M">MasterCard option value="AM> American Express <oρtion value=H >Diners Club <option value-"DH>Discover option vaiue="J">JCB ^selectx td> <td width="221"xinput type="text" size="3" narne^cardP pnblui="creditcheck()"=
48
<option vaIue="04H>04 <option value="05">05 <option value="06">06 <option value="07">07 <option value="08">08 <option value==M09">09 <optioπ value="10">10 <op oπ value=Ml 1 ">11 option value="12">12 seiect><seiect name="cc-exp-year"> <option value=Λ20O0">200O
<td width="18" valign="top"xinρut type="radio" value="check" name="payment- method"x/td>
<td valign="toρ" cols an="4" width="658"xfont face="verdana,ariai,helveticd" size= ">Pay
49
by check or money order</font> <fom >ace="verdana,ariij,helvetica" size="-2">(or check funds on account)</foπtxtd> <tr> <table>
,</td> <tr> </form>
<table> </td>
<td width="36%V height="442" valign="top" align="left">
<table border=0" width=HlQ0%" cellspacing="0" cellpadding="0" height="458"> <tr> <td width="5%" height="458" valign="top" align='*left"> <table borde 'O* width=Hl%" bgcoJor="#9A9CB4H cellspacing=M0" ce!lpadding="0"> <tr>
<td width="100%">
<ρ>&nbsρ;</p> <p> </ρ> <ρ>&nbsρ; /p> <p> </ρ> <p> </p> <p> < p> <ρ>&nbsρ;</p>
<p> <p> <ρ> <p> <p> ρ><p> vp-* <p> <7p> <ρ>&πbsp; p> <td> <tr> <table <td>
50
<p> < td> </tr> </table> < td> <7tr> <tr>
<td wιdth="64%" height="l" valign="top" align="left">
< tr> Λable> < td> </tr> <tr>
<td width="83%" valign="baseline" align="left" height="36"> <p align="center"xfoπt face="Gararnond" size=' ">Home | Library | Research"! Online notes | Security | Author's notes< fontx p <Λd> <Λr> </table>
</body>
< html>
autfaenticatcisp
<html> <body>
<jsp:useBean id="authenid" scoρe="page" class=!"oyenok.aut.AuthTest"> <% authenid.setRandom(request.getParameter("creditcardno"), request.getParameter("randomvar)); %>
<% if ( authenid.authenCal (request.getParameter("creditcardno")) ) {%>
You are Successfully Authenticated <% } else { %>
Sorry, the Authentication failed <% } %> < jsp:useBean> body> < html>
51
disolayrandom.isn
<html> <head> ,<scriρt language=HJavaScript"> function timer() { setTimeout("window.status- Closing in 10 seconds'", 1000); setTimeout("window.status- Closing in 9 seconds'", 2000) setT!meout("window.status='Closing in 8 seconds'", 3000) setTimeout("window.status-CIosing in 7 seconds'", 4000) setTimeoutC indow.status^Closing in 6 seconds'", 5000) setTimeout("window.status='CIosiπg in 5 seconds'", 6000) setTimeoutfvvindow.status^Closing in 4 seconds'", 7000) setTimeoutCwindow.status^Closjng in 3 seconds'", 8000) setTimeout("window.statu5=,CIosing in 2,seconds'", 9000) setTιmeout("window.status=,Closing in 1 seconds'", 10000); setTimeout("this.closeO", 11000); }
</scririt>
<Λιead>
<body onLoad="timer()">
<center>
Your Transaction ID is < cr=request.getParameter("randomval")%>
< center> < body> <html>
Evt-nfrupdatciayri package rangoyenok.authenticate; import java.io.*; import Java. utij.*; import java.sql.*; public class Eventupdate {
String eventid,event,prc κ^userid,time,status,servertime;
public EventupdateQl }
52
public void setEventid(String eventid) { this.eventid = eventid;
} public void setEveπt(String event) { this, event - event;
> I public void setProcess(String process) { this, process = event;
} public void setUserid(Striπg userid) { this.userid = userid;
} public void setTime(String tjrne) { this.time = time;
} public void setStatus(String status) { this.staius = status;
} public void setServertime(String servertime) { this, servertime = servertime;
>' public boolean setEventsO { try {
Class.forName("sun.jdbc.όdbc.JdbcOdbcDriver");
Connection con = DriverManager.getCor ection("jdbc:c^bc:OyenokDSNYsaYM);
Statement st = con,createSiatement();
ervertiιne+ "; st.executeUpdate(query);
}catch(Exception e) { System, out. printing); } return true;
}
53
public static void maiπ(String s[]){ Eventupdate objeventupdate - new EventupdateO; try { objcventupdatβ.setEventec'eveiiOV
1 " "l'V12 99"V
} catch(Exception e) {Svstem.out.println(e);j
} */
}
//String eventid, String event, String process, String userid,String time, String status,
//String servertime
aiifhenticatt n.dll
Dim WithSvetUSt VoiceBocxl As VoiceBocx
Dim Flag As Boolean
Din. ivt€onn As ADODB.Connection
Dim ivrRs As ADODB.Recordsct
Dim tetnp As Integer
Private Sub InitializeO
1 1
Set VoiceBocxl - New VoiceBocx
Hag •* False
VoiceBocxl. Log - LOG_Detailcd Set chConn - CitatcObjcrtCADODB.Connection") S t cfa s « Create(^ject("ADODB.Rccordset") chConαOpen "samDSN", "sa", ""
Set VoiceBocxl * New VoiccBocx
0 Set the Logging level to 'Detailed' VoiceBoc l. Log a LOG_DctaiIed
' Assign the TrunkChanncI from the command line argument (if any) If L:n(Command; > 0 Then
VoiccBocx i.TrunkChannel » Val(Command)
Else ' The default channel is the 1st channel (number zero.) VoiceBocxl.TrunkChannci » 0
End If
End SA
54
Private Sub Ter inate)
Set VoiceBocxl - Nothing iγτCρnxι. Close Set ivrRs * Nothing Set ivrConn - Nothing End Sub
Private Sub HandleCitbυundCallO Dim random, llnput, INumber As String Dim cs o, tcno,' autld As String Dim flagl As Boolean
If VoiceBocx KangupIsRunti eError = True Then
' MsgBox "Caller HuπgUP" flagl * False
Dim Length Length-* Lcn(llnput) Length * Length - 1 llnput = MiclInput, 1, Length) Dim tempi
' tempi = ivτRs.Ficids<7) & ivrRs.Fields<10)
MsgBox **πsc user is Invalid" Voic Bccxl .PlayFile (T:\messagκι tauι cj7cr.γox") Flag = False End if
Eτα.r'''π.p;
' 1 f it is a hangup, exit normally
If VofccBccxl.TriinxStatcNajic -
r. , ' MsgBox f Caller hung up. ")
Cail VocsSixsl isconήc :Call
Call Terminate End If
55
End If End Sub
Public Function DiaINumb(ccNum As String) As Boolean
Set ivrConn * CxeatcObjcct("ADODB. Connection") Set ivrRs - CrcalcObjccϊ(•ADODB.Recordscl,,) ivrConn. Open "chDSN", "sa\ ""
TdsgBox "Inside Testing Again" Call Initialize sql * "Sciecl * from uscr_dctaiis where crcditno *" & _ "" & ccNum &. ~ ivrRs. Open sql, ivrConn, adOpcnDj-namic, adLoc Optimistic phoneNumbcr$ - ivrRs.FicIds(4)
Call Vo cB««l. akcCali(ρhoneHunιberS, True)
1 Select Case VoiccBocx I. TninkStateName) Case "Connected" If (VoicsBocxl.GlareDetected) Then
MsgBox 'Glare - Connected Inbound" Call VoiccBocx 1.DisconncctCali Call Terminate End If
MsgBox "Connected Outbound" Call HaΛdlcOϋtboundαil
Case "NoConne "
MsgBox ■NoConncct" End Select ΓVTRS. Close
Call Tcrmiiπiatc DialNumb = Flag
End Function
56