EWS-006389
`
`Early Warning Services 1059
`IPR of U.S. Pat. No. 8,887,308
`
`

`

`Patent Application Publication Jun. 30,2005 Sheet 1 of 15
`
`US 2005/0144452 Al
`
`124
`
`108
`
`100\ 102
`
`es
`
`i INSTRUCTIONS
`
`PROCESSOR
`
`
`104
`
`106
`
`STATIC MEMORY
`
`120
`
`NETWORK
`INTERFACE
`DEVICE
`
`
`
`126
`
`110
`
`VIDEO
`DISPLAY
`
`ALPHA-NUMERIC
`INPUT
`
`CURSOR CONTROL
`DEVICE
`
`
`
`
`
`DEVICE
`
`MACHINE-READAB
`
`MEDIUM
`
`|
`
`INSTRUCTION
`
`122
`
`124
`
`SIGNAL GENERATION
`
`FIG. 1
`
`EWS-006390
`
`EWS-006390
`
`

`

`Patent Application Publication Jun. 30,2005 Sheet 2 of 15
`
`US 2005/0144452 Al
`
`212
`
`210
`
`206
`
`CLIENT MACHINE
`
`WEB CUENT
`
`
`
`200
`
`126
`
`230
` 3RD PARTY SERVER
`
`
`
`3RD PARTY
`
`APPLICATION a
`
`228
`
`
`
`NETWORK(E.G., INTERNET)
`
`
`
`
`ORK-BASED TRADI
`PLBTEDAIM
`
`WEB SERVER
`API SERVER
`i
`CGI SERVER
`CGI SERVER
`
`
`
`
`
`
`
`
`i AUTHORIZATION||AUTHENTICATION(PROGRAMMATIC (WEB
`
`
`
`
`
`
`MODULE
`MODULE
`INTERFACE)
`i
`INTERFACE)
`!
`
`
`|
`
`:
`
`
`
`
`
`
`
`APPLICATION SERVER(S)
`
`PAYMENT
`
`APPLICATION(S)
`
`
`MARKETPLACE
`
`APPLICATION(S)
`
`
`218
`
`220
`
`224
`
`ADMINISTRATIVE
`APPLICATIONS/
`FUNCTIONS
`
`DATABASESERVER(S:
`{S)
`
`DATABASE(S)
`
`|
`216 |
`
`i
`
`226 |
`
`i
`
`EWS-006391
`
`EWS-006391
`
`

`

`Patent Application Publication Jun. 30,2005 Sheet 3 of 15
`
`US 2005/0144452 Al
`
`
`
`MARKETPLACE AND PAYMENT APPLICATIONS
`
`
`
`LISTING MANAGEMENT
`(SELLER)
`
`322
`
`Lo
`DISPUTE RESOLUTION
`APPLICATION(S)
`
`324
`
`326
`
`FRAUD PREVENTION
`APPLICATION(S)
`
`LOYALTY/
`PROMOTION
`APPLICATION(S)
`
`POST-LISTING
`MANAGEMENT
`APPLICATION(S)
`
`328
`
`=
`MESSAGING
`APPLICATION(S)
`
`
`
`AUTHENTICATION
`APPLICATION(S)
`
`
`MERCHANDIZING
`
`PUBLICATION
`APPLICATION(S)
`
`
`
`304
`
`302
`
`AUCTION
`
`APPLICATION(S)
`
`
`
`
`308
`
`STORE
`APPLICATION(S)
`
`REPUTATION
`APPLICATION(S)
`
`314
`
`
`
`
`
`Lf
`NAVIGATION
`APPLICATION(S)
`
`PERSONALIZATION
`
`INTERNATIONALIATION
`APPLICATION(S)
`
`IMAGING
`
`LISTING CREATION
`(SELLER)
`APPLICATION(S)
`
`
`APPLICATION(S) FIXED-PRICE
`
`APPLICATION(S)
`APPLICATION(S)
`APPLICATION(S)
` AUTHORIZATION AND
`APPLICATION(S)
`
`
`220-
`
`
`
`FIG. 3
`
`EWS-006392
`
`EWS-006392
`
`

`

`Patent Application Publication Jun. 30,2005 Sheet 4 of 15
`
`US 2005/0144452 Al
`
`418
`
`40
`
`oN
`
`40
`
`FAMLYTABLE
`
`USER-
`
`OLURFENCY
`
`TABLE
`
`410
`
`4p
`
`TABLE
`
`416
`
`
`
`USERTABLE
`
`42
`
`BIDSTABLE
`
`412
`
`—
`
`414
`
`ATIRBUTES
`TABLES)
`
`FEEDBACK
`
`STCRY
`
`406
`
`408
`
`TRANSACTION
`
`HG 4
`
`EWS-006393
`
`EWS-006393
`
`

`

`Patent Application Publication Jun. 30,2005 Sheet 5 of 15
`
`US 2005/0144452 Al
`
`
`
`INAWATIOVNI-NOIS
`
`00SS
`
`AUVGNODASOLLOANIGAY
`
`
`
`(THN)ALIS
`
`ws
`
`LNASNOD SIs
`
`orsALISAUVANdOLLOAUIGa
`
`(NI-NDIS)
`
`PIs
`
`NOILVaaLSIOdYy
`
`0%
`
`ALISAUVATYd
`
`90S
`
`S°OL
`
`
`
`
`
`AZIsSTTVOIdV
`
`AUVGNOOdS
`
`ALIS
`
`POs
`
`EWS-006394
`
`EWS-006394
`
`
`
`
`
`
`

`

`Patent Application Publication Jun. 30,2005 Sheet 6 of 15
`
`US 2005/0144452 Al
`
`A USER TO ACCESSA PRIMARYSITE VIA A SECONDARYSITE
`602
`
`REDIRECT THE USER TO
`THE PRIMARYSITE FOR
`ADMINISTRATIVE TAKS
`(E.G., SIGN-IN,
`REGISTRATION, AND/OR
`CONSENT AGREEMENT
`SIGNING)
`616
`
`PARTIAL TOKEN AT THE
`SECONDARYSITE
`ASSOCIATED WITH
`THE USER?
`604
`
`THE SECONDARYSITE TO ACCESS APPLICATION PROGRAMMING INTERFACE(API) AT
`THE PRIMARYSITE ON BEHALF OF THE USER TO REQUEST USER ACCESS BY PROVIDING
`THE PARTIAL TOKEN TO THE SECONDARYSITE FOR MATCHING
`606
`
`622
`
`DOES THE PARTIA
`OKEN FROM THE SECONDAR
`SITE MATCH THE PARTIAL TOKEN
`AT THE PRIMARYSITE?
`608
`
`AUTHENTICATE THE USER TO ACCESS THE PRIMARYSITE VIA THE SECONDARYSITEBY
`RETURNING AN API CALL FROM THE PRIMARYSITE TO THE SECONDARYSITE
`610
`
`AUTHORIZE THE USER TO ACCESSTHE PRIMARYSITE VIA THE SECONDARYSITE BY
`RETURNING AN API CALL FROM THE PRIMARYSITE TO THE SECONDARYSITE
`612
`
`ACCESS THE PRIMARYSITE VIA THE SECONDARYSITE
`614
`
`GENERATEA TOKEN, ASSOCIATED WITH THE USER, AT THE PRIMARY STE
`618
`
`SPLIT THE TOKEN INTO TWO (OR MORE) PARTS
`620
`
`TRANSMIT A PART OF THE TOKEN(PARTIAL TOKEN) TO THE SECONDARYSITE VIA AN AP
`CALL
`
`FIG. 6
`
`EWS-006395
`
`EWS-006395
`
`

`

`Patent Application Publication Jun. 30,2005 Sheet 7 of 15
`
`US 2005/0144452 Al
`
`S 700
`
`
`
`PARTNERS 71
`
`
`
`
`SPECIAL
`GENERAL
`
`SECONDARYSITES
`SECONDARYSITES
`
`
`
`(e.g., MSN, PSP)
`(e.g., PAYPAL)
`
`712
`714
`
`
`
`PRIMARYSITE 734
`
`
`
`
`API/PLATFORM
`
`206
`
`
`
`SIGN-IN SITE
`[__] FEDERATED
`
`
`
`(COMMUNITY
`ADAPTERS
`SITE)
`
`
`222
`
`
`
`FEDERATED
`
`
`
`cu
`MECHANISM
`ADAPTER
`704
`
`720
`
`
`TRANSACTION PLATFORM 702
`
`
`USER 708
`CORPORATE
`
`TRUST
`
`
`-—=y
`soup
`ENVIRONMENT
`ADAPTER
`ee ee
`
`
`
`CUSTOMER
`SUPPORT 726
`
`ACCOUNTING
`DEPT.
`
`
`728
`
`
`
`FINANCE
`DEPT.
`730
`
`
`PLATFORM SERVICES 724
`
`FIG.7
`
`EWS-006396
`
`EWS-006396
`
`

`

`
`
`WHOALVTd/Id¥
`
`FOS
`
`NPNOIS
`
`8ALIS
`
`Patent Application Publication Jun. 30,2005 Sheet 8 of 15
`
`US 2005/0144452 Al
`
`008S
`
`
`
`STVILNACHYDGALVIOOSSYV
`
`8°OL
`
`
`
`WSINVHOGWGa.LVaadad
`
`9508
`
`EWS-006397
`
`EWS-006397
`
`
`
`
`

`

`Patent Application Publication Jun. 30,2005 Sheet 9 of 15
`
`US 2005/0144452 Al
`
`006S
`
`"IVILLNAGaY)
`ALRINDAS (+N)ALTHOHLNV
`GNa-LNOW! 016
`ASVAVLVG(N)ALIYOHLNV
`aFINGOW506
`
`MAAS
`
`"TWILNAGAYD
`
`NOLLVYNDIINOD
`
`706SUNIHOVW
`
`6Ol
`
`EWS-006398
`
`EWS-006398
`
`
`

`

`Patent Application Publication Jun. 30,2005 Sheet 10 of 15
`
`US 2005/0144452 Al
`
`
`
`
`
`
`
`(LNIW)NSYOL(NSO)1es8Ue5)
`
`o1ydesBoydAy—uolyeoUayny,20201
`
`
`uoydeox3uoldaox3
`OL‘Did ye0lccOl
`rococo e ccc cr rere uonelaued
`Ayunoas
`
`Id¥N3XOL
`
`9LOL
`
`yOMawWel4
`
`[dV[eseuas)
`
`NAYOL
`
`
`
`
`
`8LOLcobOtOLOLpool
`
`
`
`
`
`ainpo|ainpo;wJoyeoquayyny
`
`lenuapai9lequapagJenuepedderi000
`
`alnpow
`
`
`
`UOHEJOPISUODNAAOL
`
`94002)
`
`UOWeoUSuInyIM
`
`ajeoluayjny
`
`9001
`
`Yas
`
`c001
`
`
`
`EWS-006399
`
`EWS-006399
`
`
`
`
`
`
`
`
`
`
`
`
`

`

`Patent Application Publication Jun. 30,2005 Sheet 11 of 15
`
`US 2005/0144452 Al
`
`
`RECEIVE A REQUEST FOR USER ACCESS AUTHENTICATION
`
` 1102
`
`
`
`
`RUN THE AUTHENTICATION AUCTION TO PERFORM A CHECK ON
`THE USER
`1104
`
`
`
`CHECK WAS SUCCESSFUL?
`1106
`
`
` SEND AUTHENTICATION ERROR
`
`
`
`STOP AUTHENTICATION
`
`(AUTHENTICATION FAILED)
`
`1108
`
`
`AUTHENTICATE THE USER
`1112
`
`
`
`
`
`
`
`1110
`
`AUTHORIZE THE USER
`1114
`
`
`
`GENERATE A TOKEN ASSOCIATE WITH THE USER AT THE
`TRANSACTION PLATFORM OF THE PRIMARY SITE
`1116
`
`
`
`
`
`TRANSMIT THE TOKEN OR PARTIAL TOKEN TO THE SECONDARY
`SITE
`1118
`
`
`FIG. 11
`
`EWS-006400
`
`EWS-006400
`
`

`

`US 2005/0144452 Al
`
`yauenui
`
`<QHespiltsosd>
`
`QIJesrAege
`
`
`
`PIOMSSBgJNOA
`
`Patent Application Publication Jun. 30,2005 Sheet 12 of 15
`
`(e007[J NIUIs
`éGIaHpean{cO0dh
`<‘alaywojsnoaulZ-|Wasuj>||,NOK‘usUBts0}JUBMNOKJéJesnAegaueApeayjy=0abessewJaujsed
`
`
`
`
`jODO4SSchek
`FSS)uiubisa1ndes:SyuoRoajo1dyundsoy
`
`VZL‘Dl00cr
`
`
`Inoubis|ssojunUrpaubisourdaey[J
`
`
`poidsqanyy.duyD|@|ePAN)yoleag©)|@0@a@4PPSsamorey
`
`80gas]
`
`wayuasuooujuBlsuiny/eDE00e/salo.d
` piomssed[<uaisioy|"90.jpuejsej$1UONeNSIBoY
`
`saousasBulmoosautBuisnuiuBisJoJe}si6alosyeUBDNO,
`
`
`
`
`dlasjoo]sayoneymerAUPRely
`
`
`
`uyuBs:Aega[)
`
`
`
`"\silj40481580)poou
`
`1dOdSS¥d
`
`EWS-006401
`
`EWS-006401
`
`
`

`

`US 2005/0144452 Al
`
`ISinoubis|dewes|AegaAw|euoy
`
`
`
`SW}!PUY0}MOH
`
`Patent Application Publication Jun. 30,2005 Sheet 13 of 15
`
`soyoveymelapzily pajajdwo
`
`
`
`
`0}ay]]NOApjnomyeuyy—-9SN.0}dnUBisAewnod‘AegayypalaysibeMoualeNOAaoUlS
`
`Regamnoqy|Winioppeqnes,|(Ajees}San)ioqleyoes|Tasey|jleweounouuy
`
`suondiuosappuesayyyessCy
`
`
`
`jxauay)uopueMojaqUoJINganuJUOgaly¥I/9eseatyByesSTRBGAUpomssedpueQj]JesnmauJNoAyauiUBiS—pigofMOHabed
`
`
`eAegoyewea]NSWAqpapiagideaves04)
`
`QR|@|(>)SeWONRYEy)yoBag&)|ylOQQa&4EGSRIPEN
`
`
`
`
`juneSJal[as&a}eald0}pasuno,EGuIyJoWosjas0}jUEAA
`‘palajsibasareno,joeiuey|zedtongs
`
`
`
`
`way"UasuoourUBisuiny/2DE0de/sIoelo:dpord/gamy-duy
`djasjoo,
`
`GelDid
`
`0zzt
`
`uojeujs|GayAege
`
`vee_|
`
`Aegeuo
`
`Anqpuepiqmouuedno,
`
`cock
`
`EWS-006402
`
`EWS-006402
`
`
`
`

`

`:AegaL_] 221“DlOvel
`
`Ayunwwoy[cen]ISWoubis|dew9}
`
`
`[ng[ans[ws[nn|AegeAw|auoy
`
`wayuasuosuUBISunny/ZOeO0e/s}alosdpod/qaay/-duy
`8rcl=anujjuoypuesalby
`
`
`aloqueweszbe3yqjosuid90e8Td
`
`obol
`
`Ry[@]wosauoresoyued)|O]Qao>weg
`
`
`
`dja}sjoo,sawore;melapzely
`
`
`
`
`
`juawaaibyJuasuoDMaIAdY
`
`quaweabyyuasuogmaiacy
`
`
`
`
`
`
`
`‘mO}9qUOHNGay)yOI/0‘aavBeNoAypuejuaWeaBevasuosBulmojoyoy)peay
`
`Patent Application Publication Jun. 30,2005 Sheet 14 of 15
`
`US 2005/0144452 Al
`
`
`
`
`
`
`
`
`
`
`
`
`
`a10WWIT‘NSWAqpails8qLON[[IMpiomssegpuregyJasrAegauno,
`
`
`
`NSWyllMJuawaebyjuasu05
`
`
`
`youenui(e907[]
`
`EWS-006403
`
`EWS-006403
`
`
`
`

`

`seyoneyMmelApyall4 d¢él
`0}AsessedauS)JeY}UONBUUOJU!;eUOSIadINCAereysoO]AegeeZUOUNENOA‘anuyyUOgpueealbyGuiyoyoAg
`
`
`
`
`
`
`
`idsHPEON©wonFeuouny<Jopua,Ayegpig>
`
`
`
`
`
`pasnoq[IMUOneWUOJUIEY“aroqeAjjeuoloUryAegapayogjasay)Wuoped0}<Jopua,Auegplg>ejqeua
`0}uOHeUUOJUIfeUoSsadAueJa}SUB,}IMAMGIOJaqJUASLUODj1O!|dxeANOAsesinbasAege‘uojoejoudsNOA404
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`0}Saxogay)YO@YoUaLypueAdI|odAdeALId<uopua,AyeYPJE>Ol]MAIAa!ESA]“<UOPUaAALeYpiE>
`
`
`
`
`
`
`*S1a}JOBQUBYOPUTSBOYEWJO‘SUID}]JElJU]S|[aS‘SW9YYS|[oJ‘ayes40}SUsa}]MeuyS|]FI
`
`
`
`
`“uIMJo‘uopiq‘YoyeM|SWA}!JosnyeysayyARidsigAJB4yaqINOAuoWOpedOF<JopueAAepig>uedNoAyeu;AyjeuoNoUN)AgeYOIYMO]eOIPUl
`
`
`
`
`oyeJOSpIqBIRdA“yorqpeayAwAejdsipsoyoeqpea}Guinea]seyonsyyeyeqAwUosudljoeyoRqnea)Wopeag
`
`
`“WA3}]INOASSIAS}L0}JejILUISJJeyoqAuuosBuysyWd}!O}SUONIPpPeJOSUOISIAGWO}
`
`
`
`
`OOOSEATAegeauyse|jamseAdiodAseauds,opua,Ayegpig>ymaouepsodoeUl
`
`
`
`
`
`
`"28WAI]INO,|]OS0}JEIWISsjooyBulsnyeysaqAusUOSUOHOEBHuijsl]Way!WWO}eY
`
`
`
`
`‘KegeAWjouoloesGuiysyem/Surppigeu)ulayqejeneAjjuauNosiyeu}UOEUUOJUT
`
`isinoubis|deways|AegeAw|swoy
`‘Did091
`
`.:9961
`
`
`<JOPURAAePJE>0}UNjesjaouRD<anunuoypueeasby
`
`
`
`QRI@|PAN)SalyoreyYokes©)|%UO®4&4Wee
`
`
`
`‘KegaAjjouonoesBulljaseu)uleyqejiereAjjuaunosiyey]UO!EUUOJU|
`{UYWasuod/UjUBISUINY/ZOE00e/sIaloidpord/qamyy-duy
`
`
`*g]2S10]SWO}!BSIAOIJOUOLdi9sapWa}!oyppy
`
`
`“‘yeyaqAwuoswa}ljoBulAngpueGulppigwsopag
`yoegpes;AwAejdsip40yoeqpsajAka]&)
`‘[]@S|SUEY!JosnyeysouAejdsiqFJ
`diasjoo,
`
`c9Gh
`
`*seseyoind
`
`Patent Application Publication Jun. 30,2005 Sheet 15 of 15
`
`US 2005/0144452 Al
`
`
`
`yauenul(2007[]
`
`e
`
`EWS-006404
`
`EWS-006404
`
`
`

`

`US 2005/0144452 Al
`
`Jun. 30, 2005
`
`METHOD AND APPARATUS TO AUTHENTICATE
`AND AUTHORIZE USER ACCESS TO A SYSTEM
`
`behalf of the user to permit the user to access the primarysite
`via the secondary site, via the computer network.
`
`RELATED APPLICATIONS
`
`BRIEF DESCRIPTION OF THE DRAWINGS
`
`[0001] This application claimsthe priority benefits of U.S.
`Provisional Applications No. 60/482,963 and 60/482,971,
`filed Jun. 26, 2003, which are incorporated herein by refer-
`ence.
`
`BACKGROUND OF THE INVENTION
`
`[0002]
`
`1. Field of the Invention
`
`[0003] Exemplary embodiments of the present invention
`relate generally to the technical field of commerce automa-
`tion and, in one exemplary embodiment, to methods and
`systems to authenticate and authorize user access to a
`system.
`
`[0004]
`
`2. Description of Related Art
`
`[0005] The Internet and the World Wide Web (“Web”)
`have changed the landscape of information delivery and
`affected numerous faculties of life,
`including electronic
`commerce and entertainment. One area that has benefited
`
`from this technological development is the ability for indi-
`viduals to buy and sell products over the Internet. The
`growing electronic commerce has encouraged many busi-
`nesses to join hands in doing business and in sharing
`customers and their information. The overlapping busi-
`nesses, partnerships
`in conducting business,
`referrals,
`mutual distribution of resources, and sharing of users and
`user information has created a network of applications,
`servers, and Websites which has created various technical
`challenges, complexities, and insecurities.
`
`[0006] Anumberof technical challenges exist with respect
`to authorization and authentication of users and/or systems.
`For example, conventionally, when a user accesses the
`primary system via a secondary system, muchofsensitive
`and personal user information, ranging from passwords to
`profiles,
`is directly transmitted between the primary and
`secondary systems. Such transmission of data is not only
`inherently insecure, but also it is cumbersome, at least, in
`that
`it requires a separate transmission for each of the
`secondary systems that the user accesses, even if it is to
`ultimately access the same primary system. Furthermore,
`this and other technological challenges also limit the per-
`formance of system network between primary and second-
`ary systems, in general, and the ability of the user to access
`multiple systems, in particular.
`
`SUMMARY
`
`[0007] A method, apparatus, and system are provided for
`authenticating and authorizing user access to a system.
`According to one embodiment, a request for authentication
`and authorization of a user is received from a secondarysite
`on behalf of the user who is seeking to access a primarysite
`via the secondary site via a computer network. The request
`includes information relating to the user. The user informa-
`tion is then verified for authenticity, including determining
`whether the user satisfies the criteria for obtaining authen-
`tication and authorization as defined by the primarysite. If
`the criteria are satisfied, a token, associated with the user, is
`generated at the primary site. A portion of the token is
`transmitted from the primary site to the secondary site on
`
`[0008] The appendedclaimsset forth the embodiments of
`the present invention with particularity. The embodiments of
`the present invention, together with its advantages, may be
`best understood from the following detailed description
`taken in conjunction with the accompanying drawings of
`which:
`
`[0009] FIG. 1 is a block diagram illustrating an embodi-
`ment of a computer system;
`
`[0010] FIG. 2 is a block diagram illustrating an embodi-
`ment of a network;
`
`[0011] FIG. 3 is a block diagram illustrating an embodi-
`ment of marketplace and paymentapplications;
`
`FIG.4 is a block diagram illustrating an embodi-
`[0012]
`ment of a high-level entity-relationship;
`
`[0013] FIG. 5 is a block diagram illustrating an embodi-
`ment of an authentication and authorization mechanism;
`
`[0014] FIG. 6 is a flow diagram illustrating an embodi-
`mentof a process for providing user access to a primarysite
`via a secondarysite;
`
`[0015] FIG. 7 is a flow diagram illustrating an embodi-
`ment of an authentication and authorization architecture
`
`having a transaction platform with a federated mechanism;
`
`[0016] FIG. 8 is a block diagram illustrating an embodi-
`ment of a federated model;
`
`[0017] FIG. 9 is a block diagram illustrating an embodi-
`ment of a credential authority system based on a federated
`mechanism;
`
`[0018] FIG. 10 is a transaction sequence diagram illus-
`trating an embodiment of a sequence for determining
`whether to generate a common cookie or a token;
`
`[0019] FIG. 11 is flow diagram illustrating an embodi-
`ment of a process for generating a token;
`
`[0020] FIG. 12A is an exemplaryillustration of a primary
`site sign-in page;
`
`{0021] FIG. 12B is an exemplaryillustration of a primary
`site registration completion page;
`
`[0022] FIG. 12C is an exemplary illustration of a primary
`site consent agreement page; and
`
`[0023] FIG. 12D is an exemplaryillustration of a primary
`site authorization page for secondarysites.
`
`DETAILED DESCRIPTION
`
`[0024] Described below is a system and method for
`authenticating and authorizing user access to a system.
`Throughout the description, for the purposes of explanation,
`numerous specific details are set forth in order to provide a
`thorough understanding of the embodiments of the present
`invention. It will be apparent, however, to one skilled in the
`art that the present invention may be practiced without some
`of these specific details. In other instances, well-known
`
`EWS-006405
`
`EWS-006405
`
`

`

`US 2005/0144452 Al
`
`Jun. 30, 2005
`
`structures and devices are shown in block diagram form to
`avoid obscuring the underlying principles of the present
`invention.
`
`set-top box (STB), a Personal Digital Assistant (PDA), a
`cellular telephone, a Web appliance, a network router, switch
`or bridge, or any machine capable of executing a set of
`instructions (sequential or otherwise) that specify actions to
`be taken by that machine. Further, while only a single
`system 100 is illustrated, the term “machine” or “system”
`shall also be taken to include any collection of systems or
`machines that
`individually or jointly execute a set
`(or
`multiple sets) of instructions to perform any one or more of
`the methodologies discussed herein.
`
`In the following description, numerous specific
`[0025]
`details such as logic implementations, opcodes, resource
`partitioning,
`resource sharing, and resource duplication
`implementations,
`types and interrelationships of system
`components,and logic partitioning/integration choices may
`be set forth in order to provide a more thorough understand-
`ing of various embodiments of the present invention. It will
`[0029] The system 100 includes a processor 102 (e.g., a
`be appreciated, however, to one skilled in the art that the
`central processing unit (CPU), a graphics processing unit
`embodiments of the present
`invention may be practiced
`(GPU), or both), a main memory (memory) 104 andastatic
`without such specific details, based on the disclosure pro-
`memory 106, which communicate with each other via a bus
`vided.
`In other instances, control structures, gate level
`108. The system 100 further includes a video display unit
`circuits and full software instruction sequences have not
`been shownin detail in order not to obscure the invention.
`110 (e.g., a liquid crystal display (LCD) or a cathode ray
`tube (CRT)). The system 100 also includes an alphanumeric
`input device 112 (e.g., a keyboard), a cursor control device
`114 (e.g., a mouse), a disk drive unit 116, a signal generation
`device 118 (e.g., a speaker) and a network interface device
`120 to connect
`the system 100 with other systems or
`machines via a network(e.g., the Internet) 126.
`
`Those of ordinary skill in the art, with the included descrip-
`tions, will be able to implement appropriate functionality
`without undue experimentation.
`
`[0026] Various embodiments of the present invention will
`be described below. The various embodiments may be
`performed by hardware components or may be embodied in
`machine-executable instructions, which may be used to
`cause a general-purpose or special-purpose processor or a
`machineor logic circuits programmed with the instructions
`to perform the various embodiments. Alternatively,
`the
`various embodiments may be performed by a combination
`of hardware and software.
`
`[0027] Various embodimentsof the present invention may
`be provided as a computer program product, which may
`include a machine-readable medium having stored thereon
`instructions, which may be used to program a computer (or
`other electronic devices) to perform a process according to
`various embodiments of the present invention. The machine-
`readable medium may include, but is not limited to, floppy
`diskette, optical disk, compact disk-read-only memory (CD-
`ROM), magneto-optical disk, read-only memory (ROM)
`random access memory (RAM), erasable programmable
`read-only memory (EPROM), electrically erasable program-
`mable read-only memory (EEPROM), magnetic or optical
`card, flash memory, or another type of media/machine-
`readable medium suitable for storing electronic instructions.
`Moreover, various embodiments of the present invention
`may also be downloaded as a computer program product,
`wherein the program may be transferred from a remote
`computer to a requesting computer by way of data signals
`embodiedin a carrier wave or other propagation medium via
`a communication link (e.g., a modem or network connec-
`tion).
`
`[0028] FIG. 1 is a block diagram illustrating an embodi-
`ment of a computer system (system) 100. As illustrated, the
`system 100 includes an exemplary machine within which a
`set of instructions, for causing the machine to perform any
`one or more of the methodologies discussed herein, may be
`executed. The system 100 may operate as a standalone
`device or may be connected (e.g., networked) to other
`machines or systems. In a networked deployment, the sys-
`tem 100 could operate in the capacity of a server or a client
`machine in server-client network environment, or as a peer
`machine in a peer-to-peer (or distributed) network environ-
`ment. The system 100 may include a server computer, a
`client computer, a personal computer (PC), a tablet PC, a
`
`[0030] The processor 102 may include multiple processors
`including one or more multi-threaded processors having
`multiple threads or logical processors, and may be capable
`of processing multiple instruction sequences concurrently
`using its multiple threads. The processor 102 further
`includes one or more microprocessors, microcontrollers,
`field programmable gate arrays (FPGA), application specific
`integrated circuits (ASIC), central processing units (CPU),
`programmable logic devices (PLD), and similar devices that
`access instructions from system storage (e.g., main memory
`104), decode them, and execute those instructions by per-
`forming arithmetic and logical operations. The processor
`102 may also include one or more internal caches (not
`shown).
`
`[0031] The bus 108 is knownas the host bus or the front
`side bus, and may be used to couple the processors 102 with
`the system interface. The bus 108 may also be coupled with
`a control bus, an address bus, and/or a data bus (not shown).
`The control bus, the address bus, and the data bus may be
`multidrop bi-directional buses, e.g., connected to three or
`more bus agents, as opposed to a point-to-point bus, which
`may be connected only between twobusagents.
`
`[0032] The memory 104 may include a dynamic storage
`device, a random access memory (RAM), or other storage
`device coupled with the bus 108 for storing information and
`instructions 124 to be executed by the processor 102. The
`memory 104 is also used for storing temporary variables or
`other intermediate information during execution of instruc-
`tions 124 by the processors 102. The static memory 106 may
`include a read only memory (ROM) and/or other static
`storage device coupled with the processor 102 via the bus
`108 for storing static information and instructions for the
`processor 102.
`
`[0033] The memory 104 includes a wide variety of
`memory devices including read-only memory (ROM), eras-
`able programmable read-only memory (EPROM), electri-
`cally
`erasable
`programmable
`read-only memory
`(EEPROM), random access memory (RAM), non-volatile
`random access memory (NVRAM), cache memory, flash
`memory, and other memory devices. The memory 104 may
`
`EWS-006406
`
`EWS-006406
`
`

`

`US 2005/0144452 Al
`
`Jun. 30, 2005
`
`also include one or more hard disks, floppy disks, ZIP disks,
`compactdisks (e.g., CD-ROM), digital versatile/video disks
`(DVD), magnetic random access memory (MRAM)devices,
`and other system-readable media that store instructions
`and/or data. The memory 104 is used to store program
`modules, such as routines, programs, objects, images, data
`structures, program data, and other program modules that
`perform particular tasks or implement particular abstract
`data types that facilitate system use.
`
`[0034] The network interface device 120 may include a
`modem, a network interface card, or other well-known
`interface devices, such as those used for coupling with
`Ethernet, token ring, or other types of physical attachment
`for purposes of providing a communication link to support
`a local or wide area network 126, for example. Stated
`differently, the system 100 may be coupled with a numberof
`clients and/or servers via a conventional network infrastruc-
`ture 126, such as a company’s Intranet and/or the Internet,
`for example.
`
`[0035] The disk drive unit 116 may include a machine-
`readable medium 122 on which may be stored one or more
`sets of instructions (e.g., software 124) embodying any one
`or more of the methodologies or functions described herein.
`The software 124 may also reside, completely or at least
`partially, within the memory 104 and/or within the processor
`102 during execution thereof by the computer system 100,
`the memory 104 and the processor 102 also constituting
`machine-readable media. The software 124 may further be
`transmitted or received over a network 126 via the network
`interface device 120.
`
`[0036] While the machine-readable medium 122is illus-
`trated in an exemplary embodimentto be a single medium,
`the term “machine-readable medium” should be taken to
`include a single medium or multiple media (e.g., a central-
`ized or distributed database, and/or associated caches and
`servers) that store the one or more sets ofinstructions. The
`term “machine-readable medium”shall also be taken to
`include any medium that is capable of storing, encoding or
`carrying a set of instructions for execution by the machine
`of the system 100 and that causes the machine to perform
`any one or more of the methodologies of the present
`invention. The term “machine-readable medium” shall
`accordingly be taken to include, but not be limited to,
`solid-state memories, optical and magnetic media, and car-
`rier wave signals.
`
`[0037] Furthermore, it is appreciated that a lesser or more
`equipped computer system than the example described
`above maybe desirable for certain implementations. There-
`fore, the configuration of system 100 may vary from imple-
`mentation to implementation depending upon numerous
`factors, such as price constraints, performance requirements,
`technological improvements, and/or other circumstances.
`
`It should be noted that, while the embodiments
`[0038]
`described herein may be performed underthe control of a
`programmedprocessor, such as the processor 102, in alter-
`native embodiments,
`the embodiments may be fully or
`partially implemented by any programmable or hardcoded
`logic, such as field programmable gate arrays (FPGAs),
`Transistor Transistor Logic (TTL), and application specific
`integrated circuits (ASICs). Additionally, the embodiments
`of the present invention may be performed by any combi-
`nation of programmed general-purpose computer compo-
`
`nents and/or custom hardware components. Therefore, noth-
`ing disclosed herein should be construed as limiting the
`various embodiments of the present invention to a particular
`embodiment wherein the recited embodiments may be per-
`formed by a specific combination of hardware components.
`[0039] FIG. 2 is a block diagram illustrating an embodi-
`ment of a network 200. As illustrated,
`the network (or
`architecture) 200 includes a commerce platform, such as a
`network-based marketplace or trading platform 202, to pro-
`vide server-side functionality, via a network 126 (e.g., the
`Internet) to one or more clients, such as client machines
`210-212. As illustrated, for example, a web client 206 (e.g.,
`a browser, such as the Internet Explorer or the Netscape
`Navigator), and a programmatic client 208 may execute on
`their respective client machines 210 and 212.
`[0040] Turning specifically to the network-based market-
`place 202, an application program interface (API) server 214
`and a web server 216 may be coupled to, and provide
`programmatic and web interfaces respectively to, one or
`more application servers 218. The application servers 218
`may host one or more marketplace applications 220 and
`payment applications 222. Furthermore,
`the application
`servers 218 are coupled to one or more databases servers 224
`to facilitate access to one or more databases 226.
`
`[0041] The marketplace applications 220 provide a num-
`ber of marketplace functions and services to users that
`access the marketplace 202. The payment applications 222,
`likewise, may provide a number of payment services and
`functions to users. The payment applications 222 may allow
`users to quantify for, and accumulate, value (e.g.,
`in a
`commercial currency, such as the U.S. dollar, or a propri-
`etary currency, such as “points”) in accounts, and then to
`redeem the accumulated value for products (e.g., goods or
`services) that are made available via the marketplace appli-
`cations 220. While the marketplace and payment applica-
`tions 220 and 222, as illustrated, both form part of the
`network-based marketplace 202, it will be appreciated that,
`in alternative embodiments of the present invention, the
`payment applications 222 may form part of a payment
`service that is separate and distinct from the marketplace
`202.
`
`[0042] Further, while the network 200, asillustrated, may
`employ a client-server architecture, embodiments of the
`present invention are not limited to it, and may equally find
`applications in a distributed, or peer-to-peer, architectures.
`The various marketplace and payment applications 220 and
`222 may also be implemented as standalone software pro-
`grams, which do not necessarily have networking capabili-
`ties.
`
`[0043] The web client 206, it will be appreciated, may
`access the various marketplace and payment applications
`220 and 222 via the web interface supported by the web
`server 216. Similarly,
`the programmatic client 208 may
`access the various services and functions provided by the
`marketplace and payment applications 220 and 222 via the
`programmatic interface provided by the API server 214. The
`programmatic client 208 may, for example, be a seller
`application (e.g., the TurboLister application developed by
`eBayInc., of San Jose, Calif.) to enable sellers to author and
`manage listings on the marketplace 202 in an off-line
`manner,
`and to perform batch-mode communications
`between the programmatic client 208 and the network-based
`marketplace 202.
`
`EWS-006407
`
`EWS-006407
`
`

`

`US 2005/0144452 Al
`
`Jun. 30, 2005
`
`[0044] The architecture 200 further includes Common
`Gateway Interface (CGI) servers associated with the autho-
`rization module 232 and the authentication module 234. The
`authorization module 232 is to perform authorization-related
`functions for authorizing users accessing a primary system
`(e.g., a platform-related Website, application, platform,
`device, tool, and site) from a secondary system (e.g., Web-
`site, application, platform, device, tool, and site). The autho-
`rization module 232 is also for facilitating the user to
`authorize the secondary system to access the primary system
`and act or perform on behalf of the user. The authentication
`module 234 is to perform authentication-related functions
`for authenticating users, prior to authorizing them, to access
`the primary system via the secondary system. Administra-
`tive applications/functions 236 of the architecture 200 are
`utilized to help perform some of the authorization and
`authentication functions as necessitated or desired.
`
`[0045] FIG. 3 is a block diagram illustrating an embodi-
`ment of marketplace and payment applications 220-222.
`Multiple marketplace and paymentapplications 220-222 are
`provided as part of the network-based marketplace or trad-
`ing platform 202, as illustrated and described with respect to
`FIG.2. The network-based marketplace 202 may provide a
`numberoflisting and price-setting mechanisms whereby a
`seller may list goods or services for sale, a buyer may
`express interest in or indicate a desire to purchase such
`goodsor services, and a price may be set for a transaction
`pertaining to the goodsor services. To this end, the market-
`place applications 220 may include one or more auction
`applications 302 to support auction-formatlisting and price
`setting mechanisms(e.g., English, Dutch, Vickrey, Chinese,
`Double, Ascending, Reverse and Declining auctions etc.).
`The various auction applications 302 also provide a number
`of features in support of such auction-format listings, such
`as a reserve price feature whereby a seller may specify a
`reserve price in connection with a listing and a proxy-
`bidding feature whereby a bidder may invoke automated
`proxy bidding.
`
`[0046] One or more fixed-price applications 304 may
`support fixed-price listing formats (e.g., the traditional clas-
`sified advertisement-type listing or a catalogue listing) and
`buyout-type listings. Specifically, buyout-type listings (e.g.,
`including the Buy-It-Now (BIN) technology developed by
`eBayInc., of San Jose, Calif.) may be offered in conjunction
`with an auction-format (or other dynamic pricing format)
`listing, and allow a buyer to purchase goods or services,
`which are also being offered for sale via an auction, for a
`fixed-price that is typically higher than the starting price of
`the auction.
`
`In one embodiment, one or more authorization and
`[0047]
`authentication applications 334 are provided to help support
`the authorization and authentication mechanism to authen-
`
`ticate and authorize users and various systems, applications,
`and tools. The authorization and authentication applications
`334 also perform certain administrative functions to ensure
`credibility, security, reliability, scalability, and availability of
`the system, as a whole, and the process of authorization and
`authentication.
`
`[0048] One or more publishing applications 336 are used
`to publish the information relating to auctions, such as the
`declining price auction. For example,
`in an embodiment
`wherethe financial instruments are offered for sale over the
`
`Internet, the publishing applications 336 may format infor-
`mation about the financial instruments in a web page and
`provide that web page overthe Internet to potential buyers.
`The publishing applications 336 may also update the current
`offer price (e.g., $100) or interest rate (e.g.,